]>
Commit | Line | Data |
---|---|---|
8e495e4a LJ |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/ssl.h> | |
10 | ||
11 | void SSL_set_shutdown(SSL *ssl, int mode); | |
12 | ||
c3e64028 | 13 | int SSL_get_shutdown(const SSL *ssl); |
8e495e4a LJ |
14 | |
15 | =head1 DESCRIPTION | |
16 | ||
17 | SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>. | |
18 | ||
19 | SSL_get_shutdown() returns the shutdown mode of B<ssl>. | |
20 | ||
21 | =head1 NOTES | |
22 | ||
23 | The shutdown state of an ssl connection is a bitmask of: | |
24 | ||
25 | =over 4 | |
26 | ||
e547c45f | 27 | =item Z<>0 |
8e495e4a LJ |
28 | |
29 | No shutdown setting, yet. | |
30 | ||
31 | =item SSL_SENT_SHUTDOWN | |
32 | ||
00f561ab | 33 | A close_notify shutdown alert was sent to the peer, the connection is being |
8e495e4a LJ |
34 | considered closed and the session is closed and correct. |
35 | ||
36 | =item SSL_RECEIVED_SHUTDOWN | |
37 | ||
00f561ab | 38 | A shutdown alert was received form the peer, either a normal close_notify |
8e495e4a LJ |
39 | or a fatal error. |
40 | ||
41 | =back | |
42 | ||
43 | SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time. | |
44 | ||
45 | The shutdown state of the connection is used to determine the state of | |
46 | the ssl session. If the session is still open, when | |
9b86974e | 47 | L<SSL_clear(3)> or L<SSL_free(3)> is called, |
8e495e4a | 48 | it is considered bad and removed according to RFC2246. |
d93eb21c | 49 | The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN |
00f561ab | 50 | (according to the TLS RFC, it is acceptable to only send the close_notify |
d93eb21c LJ |
51 | alert but to not wait for the peer's answer, when the underlying connection |
52 | is closed). | |
8e495e4a | 53 | SSL_set_shutdown() can be used to set this state without sending a |
9b86974e | 54 | close alert to the peer (see L<SSL_shutdown(3)>). |
8e495e4a | 55 | |
00f561ab | 56 | If a close_notify was received, SSL_RECEIVED_SHUTDOWN will be set, |
8e495e4a | 57 | for setting SSL_SENT_SHUTDOWN the application must however still call |
9b86974e | 58 | L<SSL_shutdown(3)> or SSL_set_shutdown() itself. |
8e495e4a LJ |
59 | |
60 | =head1 RETURN VALUES | |
61 | ||
62 | SSL_set_shutdown() does not return diagnostic information. | |
63 | ||
64 | SSL_get_shutdown() returns the current setting. | |
65 | ||
66 | =head1 SEE ALSO | |
67 | ||
b97fdb57 | 68 | L<ssl(7)>, L<SSL_shutdown(3)>, |
9b86974e RS |
69 | L<SSL_CTX_set_quiet_shutdown(3)>, |
70 | L<SSL_clear(3)>, L<SSL_free(3)> | |
8e495e4a | 71 | |
e2f92610 RS |
72 | =head1 COPYRIGHT |
73 | ||
74 | Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. | |
75 | ||
76 | Licensed under the OpenSSL license (the "License"). You may not use | |
77 | this file except in compliance with the License. You can obtain a copy | |
78 | in the file LICENSE in the source distribution or at | |
79 | L<https://www.openssl.org/source/license.html>. | |
80 | ||
81 | =cut |