2000-09-14 13:11:56 +00:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake
|
2000-09-14 13:11:56 +00:00
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
|
|
|
int SSL_accept(SSL *ssl);
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake.
|
2000-09-14 13:11:56 +00:00
|
|
|
The communication channel must already have been set and assigned to the
|
2000-09-21 06:46:15 +00:00
|
|
|
B<ssl> by setting an underlying B<BIO>.
|
|
|
|
|
|
|
|
=head1 NOTES
|
|
|
|
|
|
|
|
The behaviour of SSL_accept() depends on the underlying BIO.
|
2000-09-14 13:11:56 +00:00
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
If the underlying BIO is B<blocking>, SSL_accept() will only return once the
|
|
|
|
handshake has been finished or an error occurred, except for SGC (Server
|
|
|
|
Gated Cryptography). For SGC, SSL_accept() may return with -1, but
|
|
|
|
SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and SSL_accept()
|
2000-09-14 13:11:56 +00:00
|
|
|
should be called again.
|
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
If the underlying BIO is B<non-blocking>, SSL_accept() will also return
|
2000-09-14 13:11:56 +00:00
|
|
|
when the underlying BIO could not satisfy the needs of SSL_accept()
|
2003-06-03 09:59:44 +00:00
|
|
|
to continue the handshake, indicating the problem by the return value -1.
|
|
|
|
In this case a call to SSL_get_error() with the
|
2000-09-16 15:39:28 +00:00
|
|
|
return value of SSL_accept() will yield B<SSL_ERROR_WANT_READ> or
|
|
|
|
B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
|
2000-09-14 13:11:56 +00:00
|
|
|
taking appropriate action to satisfy the needs of SSL_accept().
|
|
|
|
The action depends on the underlying BIO. When using a non-blocking socket,
|
|
|
|
nothing is to be done, but select() can be used to check for the required
|
|
|
|
condition. When using a buffering BIO, like a BIO pair, data must be written
|
|
|
|
into or retrieved out of the BIO before being able to continue.
|
|
|
|
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
The following return values can occur:
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
2013-10-21 09:03:01 +00:00
|
|
|
=item Z<>0
|
2000-09-14 13:11:56 +00:00
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
The TLS/SSL handshake was not successful but was shut down controlled and
|
|
|
|
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
|
2000-09-14 13:11:56 +00:00
|
|
|
return value B<ret> to find out the reason.
|
|
|
|
|
2013-10-21 09:03:01 +00:00
|
|
|
=item Z<>1
|
2013-02-15 17:44:11 +00:00
|
|
|
|
|
|
|
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
|
|
|
|
established.
|
|
|
|
|
2000-10-10 09:15:47 +00:00
|
|
|
=item E<lt>0
|
2000-09-14 13:11:56 +00:00
|
|
|
|
2000-09-16 15:39:28 +00:00
|
|
|
The TLS/SSL handshake was not successful because a fatal error occurred either
|
|
|
|
at the protocol level or a connection failure occurred. The shutdown was
|
|
|
|
not clean. It can also occur of action is need to continue the operation
|
2000-09-14 13:11:56 +00:00
|
|
|
for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
|
|
|
|
to find out the reason.
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
|
2001-03-08 17:24:02 +00:00
|
|
|
L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
|
|
|
|
L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
|
2002-07-19 11:05:50 +00:00
|
|
|
L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
|
2001-03-08 17:24:02 +00:00
|
|
|
L<SSL_CTX_new(3)|SSL_CTX_new(3)>
|
2000-09-14 13:11:56 +00:00
|
|
|
|
|
|
|
=cut
|