diff options
Diffstat (limited to 'openssl/doc/ssl/SSL_do_handshake.pod')
| -rw-r--r-- | openssl/doc/ssl/SSL_do_handshake.pod | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/openssl/doc/ssl/SSL_do_handshake.pod b/openssl/doc/ssl/SSL_do_handshake.pod new file mode 100644 index 000000000..243576451 --- /dev/null +++ b/openssl/doc/ssl/SSL_do_handshake.pod @@ -0,0 +1,75 @@ +=pod + +=head1 NAME + +SSL_do_handshake - perform a TLS/SSL handshake + +=head1 SYNOPSIS + + #include <openssl/ssl.h> + + int SSL_do_handshake(SSL *ssl); + +=head1 DESCRIPTION + +SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the +connection is in client mode, the handshake will be started. The handshake +routines may have to be explicitly set in advance using either +L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or +L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>. + +=head1 NOTES + +The behaviour of SSL_do_handshake() depends on the underlying BIO. + +If the underlying BIO is B<blocking>, SSL_do_handshake() will only return +once the handshake has been finished or an error occurred, except for SGC +(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1, +but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and +SSL_do_handshake() should be called again. + +If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return +when the underlying BIO could not satisfy the needs of SSL_do_handshake() +to continue the handshake. In this case a call to SSL_get_error() with the +return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or +B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after +taking appropriate action to satisfy the needs of SSL_do_handshake(). +The action depends on the underlying BIO. When using a non-blocking socket, +nothing is to be done, but select() can be used to check for the required +condition. When using a buffering BIO, like a BIO pair, data must be written +into or retrieved out of the BIO before being able to continue. + +=head1 RETURN VALUES + +The following return values can occur: + +=over 4 + +=item 1 + +The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been +established. + +=item 0 + +The TLS/SSL handshake was not successful but was shut down controlled and +by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the +return value B<ret> to find out the reason. + +=item E<lt>0 + +The TLS/SSL handshake was not successful because a fatal error occurred either +at the protocol level or a connection failure occurred. The shutdown was +not clean. It can also occur of action is need to continue the operation +for non-blocking BIOs. Call SSL_get_error() with the return value B<ret> +to find out the reason. + +=back + +=head1 SEE ALSO + +L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>, +L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>, +L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> + +=cut |