source-git / openssl

Clone
Source Code
GIT

Blame doc/man3/SSL_set_shutdown.pod

c8 c8s master
  1.   c4476c2d191c8f18018d947521358ac6321a212e
  2.   doc
  3.   man3
  4.   SSL_set_shutdown.pod
Blob History Raw
Packit c4476c 
=pod
Packit c4476c
Packit c4476c 
=head1 NAME
Packit c4476c
Packit c4476c 
SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection
Packit c4476c
Packit c4476c 
=head1 SYNOPSIS
Packit c4476c
Packit c4476c 
 #include <openssl/ssl.h>
Packit c4476c
Packit c4476c 
 void SSL_set_shutdown(SSL *ssl, int mode);
Packit c4476c
Packit c4476c 
 int SSL_get_shutdown(const SSL *ssl);
Packit c4476c
Packit c4476c 
=head1 DESCRIPTION
Packit c4476c
Packit c4476c 
SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>.
Packit c4476c
Packit c4476c 
SSL_get_shutdown() returns the shutdown mode of B<ssl>.
Packit c4476c
Packit c4476c 
=head1 NOTES
Packit c4476c
Packit c4476c 
The shutdown state of an ssl connection is a bitmask of:
Packit c4476c
Packit c4476c 
=over 4
Packit c4476c
Packit c4476c 
=item Z<>0
Packit c4476c
Packit c4476c 
No shutdown setting, yet.
Packit c4476c
Packit c4476c 
=item SSL_SENT_SHUTDOWN
Packit c4476c
Packit c4476c 
A close_notify shutdown alert was sent to the peer, the connection is being
Packit c4476c 
considered closed and the session is closed and correct.
Packit c4476c
Packit c4476c 
=item SSL_RECEIVED_SHUTDOWN
Packit c4476c
Packit c4476c 
A shutdown alert was received form the peer, either a normal close_notify
Packit c4476c 
or a fatal error.
Packit c4476c
Packit c4476c 
=back
Packit c4476c
Packit c4476c 
SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.
Packit c4476c
Packit c4476c 
The shutdown state of the connection is used to determine the state of
Packit c4476c 
the ssl session. If the session is still open, when
Packit c4476c 
L<SSL_clear(3)> or L<SSL_free(3)> is called,
Packit c4476c 
it is considered bad and removed according to RFC2246.
Packit c4476c 
The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
Packit c4476c 
(according to the TLS RFC, it is acceptable to only send the close_notify
Packit c4476c 
alert but to not wait for the peer's answer, when the underlying connection
Packit c4476c 
is closed).
Packit c4476c 
SSL_set_shutdown() can be used to set this state without sending a
Packit c4476c 
close alert to the peer (see L<SSL_shutdown(3)>).
Packit c4476c
Packit c4476c 
If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set,
Packit c4476c 
for setting SSL_SENT_SHUTDOWN the application must however still call
Packit c4476c 
L<SSL_shutdown(3)> or SSL_set_shutdown() itself.
Packit c4476c
Packit c4476c 
=head1 RETURN VALUES
Packit c4476c
Packit c4476c 
SSL_set_shutdown() does not return diagnostic information.
Packit c4476c
Packit c4476c 
SSL_get_shutdown() returns the current setting.
Packit c4476c
Packit c4476c 
=head1 SEE ALSO
Packit c4476c
Packit c4476c 
L<ssl(7)>, L<SSL_shutdown(3)>,
Packit c4476c 
L<SSL_CTX_set_quiet_shutdown(3)>,
Packit c4476c 
L<SSL_clear(3)>, L<SSL_free(3)>
Packit c4476c
Packit c4476c 
=head1 COPYRIGHT
Packit c4476c
Packit c4476c 
Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
Packit c4476c
Packit c4476c 
Licensed under the OpenSSL license (the "License").  You may not use
Packit c4476c 
this file except in compliance with the License.  You can obtain a copy
Packit c4476c 
in the file LICENSE in the source distribution or at
Packit c4476c 
L<https://www.openssl.org/source/license.html>.
Packit c4476c
Packit c4476c 
=cut

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation