|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_handshake} (gnutls_session_t @var{session})
|
|
Packit Service |
4684c1 |
@var{session}: is a @code{gnutls_session_t} type.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function performs the handshake of the TLS/SSL protocol, and
|
|
Packit Service |
4684c1 |
initializes the TLS session parameters.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The non-fatal errors expected by this function are:
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_INTERRUPTED} , @code{GNUTLS_E_AGAIN} ,
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_WARNING_ALERT_RECEIVED} . When this function is called
|
|
Packit Service |
4684c1 |
for re-handshake under TLS 1.2 or earlier, the non-fatal error code
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_GOT_APPLICATION_DATA} may also be returned.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The former two interrupt the handshake procedure due to the transport
|
|
Packit Service |
4684c1 |
layer being interrupted, and the latter because of a "warning" alert that
|
|
Packit Service |
4684c1 |
was sent by the peer (it is always a good idea to check any
|
|
Packit Service |
4684c1 |
received alerts). On these non-fatal errors call this function again,
|
|
Packit Service |
4684c1 |
until it returns 0; cf. @code{gnutls_record_get_direction()} and
|
|
Packit Service |
4684c1 |
@code{gnutls_error_is_fatal()} . In DTLS sessions the non-fatal error
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_LARGE_PACKET} is also possible, and indicates that
|
|
Packit Service |
4684c1 |
the MTU should be adjusted.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
When this function is called by a server after a rehandshake request
|
|
Packit Service |
4684c1 |
under TLS 1.2 or earlier the @code{GNUTLS_E_GOT_APPLICATION_DATA} error code indicates
|
|
Packit Service |
4684c1 |
that some data were pending prior to peer initiating the handshake.
|
|
Packit Service |
4684c1 |
Under TLS 1.3 this function when called after a successful handshake, is a no-op
|
|
Packit Service |
4684c1 |
and always succeeds in server side; in client side this function is
|
|
Packit Service |
4684c1 |
equivalent to @code{gnutls_session_key_update()} with @code{GNUTLS_KU_PEER} flag.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function handles both full and abbreviated TLS handshakes (resumption).
|
|
Packit Service |
4684c1 |
For abbreviated handshakes, in client side, the @code{gnutls_session_set_data()}
|
|
Packit Service |
4684c1 |
should be called prior to this function to set parameters from a previous session.
|
|
Packit Service |
4684c1 |
In server side, resumption is handled by either setting a DB back-end, or setting
|
|
Packit Service |
4684c1 |
up keys for session tickets.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} @code{GNUTLS_E_SUCCESS} on a successful handshake, otherwise a negative error code.
|
|
Packit Service |
4684c1 |
@end deftypefun
|