[thirdparty/openssl.git] / doc / man3 / SSL_set_shutdown.pod

=pod

=head1 NAME

SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 void SSL_set_shutdown(SSL *ssl, int mode);

 int SSL_get_shutdown(const SSL *ssl);

=head1 DESCRIPTION

SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>.

SSL_get_shutdown() returns the shutdown mode of B<ssl>.

=head1 NOTES

The shutdown state of an ssl connection is a bit-mask of:

=over 4

=item Z<>0

No shutdown setting, yet.

=item SSL_SENT_SHUTDOWN

A close_notify shutdown alert was sent to the peer, the connection is being
considered closed and the session is closed and correct.

=item SSL_RECEIVED_SHUTDOWN

A shutdown alert was received form the peer, either a normal close_notify
or a fatal error.

=back

SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.

The shutdown state of the connection is used to determine the state of
the ssl session. If the session is still open, when
L<SSL_clear(3)> or L<SSL_free(3)> is called,
it is considered bad and removed according to RFC2246.
The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
(according to the TLS RFC, it is acceptable to only send the close_notify
alert but to not wait for the peer's answer, when the underlying connection
is closed).
SSL_set_shutdown() can be used to set this state without sending a
close alert to the peer (see L<SSL_shutdown(3)>).

If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set,
for setting SSL_SENT_SHUTDOWN the application must however still call
L<SSL_shutdown(3)> or SSL_set_shutdown() itself.

=head1 RETURN VALUES

SSL_set_shutdown() does not return diagnostic information.

SSL_get_shutdown() returns the current setting.

=head1 SEE ALSO

L<ssl(7)>, L<SSL_shutdown(3)>,
L<SSL_CTX_set_quiet_shutdown(3)>,
L<SSL_clear(3)>, L<SSL_free(3)>

=head1 COPYRIGHT

Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
8e495e4a LJ	1	=pod
	2
	3	=head1 NAME
	4
	5	SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/ssl.h>
	10
	11	void SSL_set_shutdown(SSL *ssl, int mode);
	12
c3e64028	13	int SSL_get_shutdown(const SSL *ssl);
8e495e4a LJ	14
	15	=head1 DESCRIPTION
	16
	17	SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>.
	18
	19	SSL_get_shutdown() returns the shutdown mode of B<ssl>.
	20
	21	=head1 NOTES
	22
9c0586d5	23	The shutdown state of an ssl connection is a bit-mask of:
8e495e4a LJ	24
	25	=over 4
	26
e547c45f	27	=item Z<>0
8e495e4a LJ	28
	29	No shutdown setting, yet.
	30
	31	=item SSL_SENT_SHUTDOWN
	32
8e593f0a	33	A close_notify shutdown alert was sent to the peer, the connection is being
8e495e4a LJ	34	considered closed and the session is closed and correct.
	35
	36	=item SSL_RECEIVED_SHUTDOWN
	37
8e593f0a	38	A shutdown alert was received form the peer, either a normal close_notify
8e495e4a LJ	39	or a fatal error.
	40
	41	=back
	42
	43	SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.
	44
	45	The shutdown state of the connection is used to determine the state of
	46	the ssl session. If the session is still open, when
9b86974e	47	L<SSL_clear(3)> or L<SSL_free(3)> is called,
8e495e4a	48	it is considered bad and removed according to RFC2246.
d93eb21c	49	The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
8e593f0a	50	(according to the TLS RFC, it is acceptable to only send the close_notify
d93eb21c LJ	51	alert but to not wait for the peer's answer, when the underlying connection
d93eb21c LJ	52	is closed).
8e495e4a	53	SSL_set_shutdown() can be used to set this state without sending a
9b86974e	54	close alert to the peer (see L<SSL_shutdown(3)>).
8e495e4a	55
8e593f0a	56	If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set,
8e495e4a	57	for setting SSL_SENT_SHUTDOWN the application must however still call
9b86974e	58	L<SSL_shutdown(3)> or SSL_set_shutdown() itself.
8e495e4a LJ	59
	60	=head1 RETURN VALUES
	61
	62	SSL_set_shutdown() does not return diagnostic information.
	63
	64	SSL_get_shutdown() returns the current setting.
	65
	66	=head1 SEE ALSO
	67
b97fdb57	68	L<ssl(7)>, L<SSL_shutdown(3)>,
9b86974e RS	69	L<SSL_CTX_set_quiet_shutdown(3)>,
9b86974e RS	70	L<SSL_clear(3)>, L<SSL_free(3)>
8e495e4a	71
e2f92610 RS	72	=head1 COPYRIGHT
e2f92610 RS	73
c486283c	74	Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	75
4746f25a	76	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	77	this file except in compliance with the License. You can obtain a copy
	78	in the file LICENSE in the source distribution or at
	79	L<https://www.openssl.org/source/license.html>.
	80
	81	=cut