1ebfedea0SLionel Sambuc=pod 2ebfedea0SLionel Sambuc 3ebfedea0SLionel Sambuc=head1 NAME 4ebfedea0SLionel Sambuc 5ebfedea0SLionel SambucSSL_shutdown - shut down a TLS/SSL connection 6ebfedea0SLionel Sambuc 7ebfedea0SLionel Sambuc=head1 SYNOPSIS 8ebfedea0SLionel Sambuc 9ebfedea0SLionel Sambuc #include <openssl/ssl.h> 10ebfedea0SLionel Sambuc 11ebfedea0SLionel Sambuc int SSL_shutdown(SSL *ssl); 12ebfedea0SLionel Sambuc 13ebfedea0SLionel Sambuc=head1 DESCRIPTION 14ebfedea0SLionel Sambuc 15ebfedea0SLionel SambucSSL_shutdown() shuts down an active TLS/SSL connection. It sends the 16ebfedea0SLionel Sambuc"close notify" shutdown alert to the peer. 17ebfedea0SLionel Sambuc 18ebfedea0SLionel Sambuc=head1 NOTES 19ebfedea0SLionel Sambuc 20ebfedea0SLionel SambucSSL_shutdown() tries to send the "close notify" shutdown alert to the peer. 21ebfedea0SLionel SambucWhether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and 22ebfedea0SLionel Sambuca currently open session is considered closed and good and will be kept in the 23ebfedea0SLionel Sambucsession cache for further reuse. 24ebfedea0SLionel Sambuc 25ebfedea0SLionel SambucThe shutdown procedure consists of 2 steps: the sending of the "close notify" 26ebfedea0SLionel Sambucshutdown alert and the reception of the peer's "close notify" shutdown 27ebfedea0SLionel Sambucalert. According to the TLS standard, it is acceptable for an application 28ebfedea0SLionel Sambucto only send its shutdown alert and then close the underlying connection 29ebfedea0SLionel Sambucwithout waiting for the peer's response (this way resources can be saved, 30ebfedea0SLionel Sambucas the process can already terminate or serve another connection). 31ebfedea0SLionel SambucWhen the underlying connection shall be used for more communications, the 32ebfedea0SLionel Sambuccomplete shutdown procedure (bidirectional "close notify" alerts) must be 33ebfedea0SLionel Sambucperformed, so that the peers stay synchronized. 34ebfedea0SLionel Sambuc 35ebfedea0SLionel SambucSSL_shutdown() supports both uni- and bidirectional shutdown by its 2 step 36ebfedea0SLionel Sambucbehaviour. 37ebfedea0SLionel Sambuc 38ebfedea0SLionel Sambuc=over 4 39ebfedea0SLionel Sambuc 40ebfedea0SLionel Sambuc=item When the application is the first party to send the "close notify" 41ebfedea0SLionel Sambucalert, SSL_shutdown() will only send the alert and then set the 42ebfedea0SLionel SambucSSL_SENT_SHUTDOWN flag (so that the session is considered good and will 43ebfedea0SLionel Sambucbe kept in cache). SSL_shutdown() will then return with 0. If a unidirectional 44ebfedea0SLionel Sambucshutdown is enough (the underlying connection shall be closed anyway), this 45ebfedea0SLionel Sambucfirst call to SSL_shutdown() is sufficient. In order to complete the 46ebfedea0SLionel Sambucbidirectional shutdown handshake, SSL_shutdown() must be called again. 47ebfedea0SLionel SambucThe second call will make SSL_shutdown() wait for the peer's "close notify" 48ebfedea0SLionel Sambucshutdown alert. On success, the second call to SSL_shutdown() will return 49ebfedea0SLionel Sambucwith 1. 50ebfedea0SLionel Sambuc 51ebfedea0SLionel Sambuc=item If the peer already sent the "close notify" alert B<and> it was 52ebfedea0SLionel Sambucalready processed implicitly inside another function 53ebfedea0SLionel Sambuc(L<SSL_read(3)|SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set. 54ebfedea0SLionel SambucSSL_shutdown() will send the "close notify" alert, set the SSL_SENT_SHUTDOWN 55ebfedea0SLionel Sambucflag and will immediately return with 1. 56ebfedea0SLionel SambucWhether SSL_RECEIVED_SHUTDOWN is already set can be checked using the 57ebfedea0SLionel SambucSSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call. 58ebfedea0SLionel Sambuc 59ebfedea0SLionel Sambuc=back 60ebfedea0SLionel Sambuc 61ebfedea0SLionel SambucIt is therefore recommended, to check the return value of SSL_shutdown() 62ebfedea0SLionel Sambucand call SSL_shutdown() again, if the bidirectional shutdown is not yet 63ebfedea0SLionel Sambuccomplete (return value of the first call is 0). As the shutdown is not 64ebfedea0SLionel Sambucspecially handled in the SSLv2 protocol, SSL_shutdown() will succeed on 65ebfedea0SLionel Sambucthe first call. 66ebfedea0SLionel Sambuc 67ebfedea0SLionel SambucThe behaviour of SSL_shutdown() additionally depends on the underlying BIO. 68ebfedea0SLionel Sambuc 69ebfedea0SLionel SambucIf the underlying BIO is B<blocking>, SSL_shutdown() will only return once the 70ebfedea0SLionel Sambuchandshake step has been finished or an error occurred. 71ebfedea0SLionel Sambuc 72ebfedea0SLionel SambucIf the underlying BIO is B<non-blocking>, SSL_shutdown() will also return 73ebfedea0SLionel Sambucwhen the underlying BIO could not satisfy the needs of SSL_shutdown() 74ebfedea0SLionel Sambucto continue the handshake. In this case a call to SSL_get_error() with the 75ebfedea0SLionel Sambucreturn value of SSL_shutdown() will yield B<SSL_ERROR_WANT_READ> or 76ebfedea0SLionel SambucB<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after 77ebfedea0SLionel Sambuctaking appropriate action to satisfy the needs of SSL_shutdown(). 78ebfedea0SLionel SambucThe action depends on the underlying BIO. When using a non-blocking socket, 79ebfedea0SLionel Sambucnothing is to be done, but select() can be used to check for the required 80ebfedea0SLionel Sambuccondition. When using a buffering BIO, like a BIO pair, data must be written 81ebfedea0SLionel Sambucinto or retrieved out of the BIO before being able to continue. 82ebfedea0SLionel Sambuc 83ebfedea0SLionel SambucSSL_shutdown() can be modified to only set the connection to "shutdown" 84ebfedea0SLionel Sambucstate but not actually send the "close notify" alert messages, 85ebfedea0SLionel Sambucsee L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>. 86ebfedea0SLionel SambucWhen "quiet shutdown" is enabled, SSL_shutdown() will always succeed 87ebfedea0SLionel Sambucand return 1. 88ebfedea0SLionel Sambuc 89ebfedea0SLionel Sambuc=head1 RETURN VALUES 90ebfedea0SLionel Sambuc 91ebfedea0SLionel SambucThe following return values can occur: 92ebfedea0SLionel Sambuc 93ebfedea0SLionel Sambuc=over 4 94ebfedea0SLionel Sambuc 95*0a6a1f1dSLionel Sambuc=item Z<>0 96ebfedea0SLionel Sambuc 97ebfedea0SLionel SambucThe shutdown is not yet finished. Call SSL_shutdown() for a second time, 98ebfedea0SLionel Sambucif a bidirectional shutdown shall be performed. 99ebfedea0SLionel SambucThe output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an 100ebfedea0SLionel Sambucerroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. 101ebfedea0SLionel Sambuc 102*0a6a1f1dSLionel Sambuc=item Z<>1 103*0a6a1f1dSLionel Sambuc 104*0a6a1f1dSLionel SambucThe shutdown was successfully completed. The "close notify" alert was sent 105*0a6a1f1dSLionel Sambucand the peer's "close notify" alert was received. 106*0a6a1f1dSLionel Sambuc 107ebfedea0SLionel Sambuc=item -1 108ebfedea0SLionel Sambuc 109ebfedea0SLionel SambucThe shutdown was not successful because a fatal error occurred either 110ebfedea0SLionel Sambucat the protocol level or a connection failure occurred. It can also occur if 111ebfedea0SLionel Sambucaction is need to continue the operation for non-blocking BIOs. 112ebfedea0SLionel SambucCall L<SSL_get_error(3)|SSL_get_error(3)> with the return value B<ret> 113ebfedea0SLionel Sambucto find out the reason. 114ebfedea0SLionel Sambuc 115ebfedea0SLionel Sambuc=back 116ebfedea0SLionel Sambuc 117ebfedea0SLionel Sambuc=head1 SEE ALSO 118ebfedea0SLionel Sambuc 119ebfedea0SLionel SambucL<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>, 120ebfedea0SLionel SambucL<SSL_accept(3)|SSL_accept(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, 121ebfedea0SLionel SambucL<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>, 122ebfedea0SLionel SambucL<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>, 123ebfedea0SLionel SambucL<ssl(3)|ssl(3)>, L<bio(3)|bio(3)> 124ebfedea0SLionel Sambuc 125ebfedea0SLionel Sambuc=cut 126