Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (NetBSD-2.0)
Apropos / Subsearch:
optional field

SSL_do_handshake(3)                 OpenSSL                SSL_do_handshake(3)

       SSL_do_handshake - perform a TLS/SSL handshake

       libcrypto, -lcrypto

        #include <openssl/ssl.h>

        int SSL_do_handshake(SSL *ssl);

       SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If
       the connection is in client mode, the handshake will be started. The
       handshake routines may have to be explicitly set in advance using
       either SSL_set_connect_state(3) or SSL_set_accept_state(3).

       The behaviour of SSL_do_handshake() depends on the underlying BIO.

       If the underlying BIO is blocking, SSL_do_handshake() will only return
       once the handshake has been finished or an error occurred, except for
       SGC (Server Gated Cryptography). For SGC, SSL_do_handshake() may return
       with -1, but SSL_get_error() will yield SSL_ERROR_WANT_READ/WRITE and
       SSL_do_handshake() should be called again.

       If the underlying BIO is non-blocking, SSL_do_handshake() will also
       return when the underlying BIO could not satisfy the needs of
       SSL_do_handshake() to continue the handshake. In this case a call to
       SSL_get_error() with the return value of SSL_do_handshake() will yield
       SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. The calling process then
       must repeat the call after taking appropriate action to satisfy the
       needs of SSL_do_handshake().  The action depends on the underlying BIO.
       When using a non-blocking socket, nothing is to be done, but select()
       can be used to check for the required condition. When using a buffering
       BIO, like a BIO pair, data must be written into or retrieved out of the
       BIO before being able to continue.

       The following return values can occur:

       1   The TLS/SSL handshake was successfully completed, a TLS/SSL connec-
           tion has been established.

       0   The TLS/SSL handshake was not successful but was shut down con-
           trolled and by the specifications of the TLS/SSL protocol. Call
           SSL_get_error() with the return value ret to find out the reason.

       <0  The TLS/SSL handshake was not successful because a fatal error
           occurred either at the protocol level or a connection failure
           occurred. The shutdown was not clean. It can also occur of action
           is need to continue the operation for non-blocking BIOs. Call
           SSL_get_error() with the return value ret to find out the reason.

       SSL_get_error(3), SSL_connect(3), SSL_accept(3), ssl(3),
       openssl_bio(3), SSL_set_connect_state(3)

3rd Berkeley Distribution           0.9.7d                 SSL_do_handshake(3)