xref: /openbsd-src/lib/libssl/man/SSL_accept.3 (revision 4d37bbd52f92b158dc2c11764f9f91ad35e93fd6) 
1*4d37bbd5Sschwarze.\"	$OpenBSD: SSL_accept.3,v 1.6 2019/06/08 15:25:43 schwarze Exp $
23124f983Sschwarze.\"	OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3f1a3c524Sschwarze.\"
43124f983Sschwarze.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
53124f983Sschwarze.\" Copyright (c) 2000, 2001, 2002, 2003 The OpenSSL Project.
63124f983Sschwarze.\" All rights reserved.
7f1a3c524Sschwarze.\"
83124f983Sschwarze.\" Redistribution and use in source and binary forms, with or without
93124f983Sschwarze.\" modification, are permitted provided that the following conditions
103124f983Sschwarze.\" are met:
113124f983Sschwarze.\"
123124f983Sschwarze.\" 1. Redistributions of source code must retain the above copyright
133124f983Sschwarze.\"    notice, this list of conditions and the following disclaimer.
143124f983Sschwarze.\"
153124f983Sschwarze.\" 2. Redistributions in binary form must reproduce the above copyright
163124f983Sschwarze.\"    notice, this list of conditions and the following disclaimer in
173124f983Sschwarze.\"    the documentation and/or other materials provided with the
183124f983Sschwarze.\"    distribution.
193124f983Sschwarze.\"
203124f983Sschwarze.\" 3. All advertising materials mentioning features or use of this
213124f983Sschwarze.\"    software must display the following acknowledgment:
223124f983Sschwarze.\"    "This product includes software developed by the OpenSSL Project
233124f983Sschwarze.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
243124f983Sschwarze.\"
253124f983Sschwarze.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
263124f983Sschwarze.\"    endorse or promote products derived from this software without
273124f983Sschwarze.\"    prior written permission. For written permission, please contact
283124f983Sschwarze.\"    openssl-core@openssl.org.
293124f983Sschwarze.\"
303124f983Sschwarze.\" 5. Products derived from this software may not be called "OpenSSL"
313124f983Sschwarze.\"    nor may "OpenSSL" appear in their names without prior written
323124f983Sschwarze.\"    permission of the OpenSSL Project.
333124f983Sschwarze.\"
343124f983Sschwarze.\" 6. Redistributions of any form whatsoever must retain the following
353124f983Sschwarze.\"    acknowledgment:
363124f983Sschwarze.\"    "This product includes software developed by the OpenSSL Project
373124f983Sschwarze.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
383124f983Sschwarze.\"
393124f983Sschwarze.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
403124f983Sschwarze.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
413124f983Sschwarze.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
423124f983Sschwarze.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
433124f983Sschwarze.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
443124f983Sschwarze.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
453124f983Sschwarze.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
463124f983Sschwarze.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
473124f983Sschwarze.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
483124f983Sschwarze.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
493124f983Sschwarze.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
503124f983Sschwarze.\" OF THE POSSIBILITY OF SUCH DAMAGE.
513124f983Sschwarze.\"
52*4d37bbd5Sschwarze.Dd $Mdocdate: June 8 2019 $
53f1a3c524Sschwarze.Dt SSL_ACCEPT 3
54f1a3c524Sschwarze.Os
55f1a3c524Sschwarze.Sh NAME
56f1a3c524Sschwarze.Nm SSL_accept
57f1a3c524Sschwarze.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake
58f1a3c524Sschwarze.Sh SYNOPSIS
59f1a3c524Sschwarze.In openssl/ssl.h
60f1a3c524Sschwarze.Ft int
61f1a3c524Sschwarze.Fn SSL_accept "SSL *ssl"
62f1a3c524Sschwarze.Sh DESCRIPTION
63f1a3c524Sschwarze.Fn SSL_accept
64f1a3c524Sschwarzewaits for a TLS/SSL client to initiate the TLS/SSL handshake.
65f1a3c524SschwarzeThe communication channel must already have been set and assigned to the
66f1a3c524Sschwarze.Fa ssl
67f1a3c524Sschwarzeobject by setting an underlying
68f1a3c524Sschwarze.Vt BIO .
69*4d37bbd5Sschwarze.Pp
70f1a3c524SschwarzeThe behaviour of
71f1a3c524Sschwarze.Fn SSL_accept
72f1a3c524Sschwarzedepends on the underlying
73f1a3c524Sschwarze.Vt BIO .
74f1a3c524Sschwarze.Pp
75f1a3c524SschwarzeIf the underlying
76f1a3c524Sschwarze.Vt BIO
77f1a3c524Sschwarzeis
78f1a3c524Sschwarze.Em blocking ,
79f1a3c524Sschwarze.Fn SSL_accept
80f1a3c524Sschwarzewill only return once the handshake has been finished or an error occurred.
81f1a3c524Sschwarze.Pp
82f1a3c524SschwarzeIf the underlying
83f1a3c524Sschwarze.Vt BIO
84f1a3c524Sschwarzeis
85f1a3c524Sschwarze.Em non-blocking ,
86f1a3c524Sschwarze.Fn SSL_accept
87f1a3c524Sschwarzewill also return when the underlying
88f1a3c524Sschwarze.Vt BIO
89f1a3c524Sschwarzecould not satisfy the needs of
90f1a3c524Sschwarze.Fn SSL_accept
91f1a3c524Sschwarzeto continue the handshake, indicating the problem by the return value \(mi1.
92f1a3c524SschwarzeIn this case a call to
93f1a3c524Sschwarze.Xr SSL_get_error 3
94f1a3c524Sschwarzewith the
95f1a3c524Sschwarzereturn value of
96f1a3c524Sschwarze.Fn SSL_accept
97f1a3c524Sschwarzewill yield
98f1a3c524Sschwarze.Dv SSL_ERROR_WANT_READ
99f1a3c524Sschwarzeor
100f1a3c524Sschwarze.Dv SSL_ERROR_WANT_WRITE .
101f1a3c524SschwarzeThe calling process then must repeat the call after taking appropriate action
102f1a3c524Sschwarzeto satisfy the needs of
103f1a3c524Sschwarze.Fn SSL_accept .
104f1a3c524SschwarzeThe action depends on the underlying
105f1a3c524Sschwarze.Dv BIO .
106f1a3c524SschwarzeWhen using a non-blocking socket, nothing is to be done, but
107f1a3c524Sschwarze.Xr select 2
108f1a3c524Sschwarzecan be used to check for the required condition.
109f1a3c524SschwarzeWhen using a buffering
110f1a3c524Sschwarze.Vt BIO ,
111f1a3c524Sschwarzelike a
112f1a3c524Sschwarze.Vt BIO
113f1a3c524Sschwarzepair, data must be written into or retrieved out of the
114f1a3c524Sschwarze.Vt BIO
115f1a3c524Sschwarzebefore being able to continue.
116f1a3c524Sschwarze.Sh RETURN VALUES
117f1a3c524SschwarzeThe following return values can occur:
118f1a3c524Sschwarze.Bl -tag -width Ds
119f1a3c524Sschwarze.It 0
120f1a3c524SschwarzeThe TLS/SSL handshake was not successful but was shut down controlled and by
121f1a3c524Sschwarzethe specifications of the TLS/SSL protocol.
122f1a3c524SschwarzeCall
123f1a3c524Sschwarze.Xr SSL_get_error 3
124f1a3c524Sschwarzewith the return value
125f1a3c524Sschwarze.Fa ret
126f1a3c524Sschwarzeto find out the reason.
127f1a3c524Sschwarze.It 1
128f1a3c524SschwarzeThe TLS/SSL handshake was successfully completed,
129f1a3c524Sschwarzeand a TLS/SSL connection has been established.
130f1a3c524Sschwarze.It <0
131f1a3c524SschwarzeThe TLS/SSL handshake was not successful because a fatal error occurred either
132f1a3c524Sschwarzeat the protocol level or a connection failure occurred.
133f1a3c524SschwarzeThe shutdown was not clean.
134f1a3c524SschwarzeIt can also occur of action is need to continue the operation for non-blocking
135f1a3c524Sschwarze.Vt BIO Ns
136f1a3c524Sschwarzes.
137f1a3c524SschwarzeCall
138f1a3c524Sschwarze.Xr SSL_get_error 3
139f1a3c524Sschwarzewith the return value
140f1a3c524Sschwarze.Fa ret
141f1a3c524Sschwarzeto find out the reason.
142f1a3c524Sschwarze.El
143f1a3c524Sschwarze.Sh SEE ALSO
1445bee811bSschwarze.Xr BIO_new 3 ,
145f1a3c524Sschwarze.Xr ssl 3 ,
146f1a3c524Sschwarze.Xr SSL_connect 3 ,
147f1a3c524Sschwarze.Xr SSL_CTX_new 3 ,
148f1a3c524Sschwarze.Xr SSL_do_handshake 3 ,
149f1a3c524Sschwarze.Xr SSL_get_error 3 ,
150f1a3c524Sschwarze.Xr SSL_set_connect_state 3 ,
151f1a3c524Sschwarze.Xr SSL_shutdown 3
1528fba1ec8Sschwarze.Sh HISTORY
1538fba1ec8Sschwarze.Fn SSL_accept
15410e00d17Sschwarzeappeared in SSLeay 0.4 or earlier and has been available since
1558fba1ec8Sschwarze.Ox 2.4 .
156