Initial import from FreeBSD RELENG_4:
[dragonfly.git] / secure / lib / libssl / man / SSL_read.3
CommitLineData
984263bc
MD
1.\" Automatically generated by Pod::Man version 1.15
2.\" Wed Feb 19 16:47:48 2003
3.\"
4.\" Standard preamble:
5.\" ======================================================================
6.de Sh \" Subsection heading
7.br
8.if t .Sp
9.ne 5
10.PP
11\fB\\$1\fR
12.PP
13..
14.de Sp \" Vertical space (when we can't use .PP)
15.if t .sp .5v
16.if n .sp
17..
18.de Ip \" List item
19.br
20.ie \\n(.$>=3 .ne \\$3
21.el .ne 3
22.IP "\\$1" \\$2
23..
24.de Vb \" Begin verbatim text
25.ft CW
26.nf
27.ne \\$1
28..
29.de Ve \" End verbatim text
30.ft R
31
32.fi
33..
34.\" Set up some character translations and predefined strings. \*(-- will
35.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
36.\" double quote, and \*(R" will give a right double quote. | will give a
37.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
38.\" to do unbreakable dashes and therefore won't be available. \*(C` and
39.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
40.tr \(*W-|\(bv\*(Tr
41.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
42.ie n \{\
43. ds -- \(*W-
44. ds PI pi
45. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
46. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
47. ds L" ""
48. ds R" ""
49. ds C` ""
50. ds C' ""
51'br\}
52.el\{\
53. ds -- \|\(em\|
54. ds PI \(*p
55. ds L" ``
56. ds R" ''
57'br\}
58.\"
59.\" If the F register is turned on, we'll generate index entries on stderr
60.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
61.\" index entries marked with X<> in POD. Of course, you'll have to process
62.\" the output yourself in some meaningful fashion.
63.if \nF \{\
64. de IX
65. tm Index:\\$1\t\\n%\t"\\$2"
66..
67. nr % 0
68. rr F
69.\}
70.\"
71.\" For nroff, turn off justification. Always turn off hyphenation; it
72.\" makes way too many mistakes in technical documents.
73.hy 0
74.if n .na
75.\"
76.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
77.\" Fear. Run. Save yourself. No user-serviceable parts.
78.bd B 3
79. \" fudge factors for nroff and troff
80.if n \{\
81. ds #H 0
82. ds #V .8m
83. ds #F .3m
84. ds #[ \f1
85. ds #] \fP
86.\}
87.if t \{\
88. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
89. ds #V .6m
90. ds #F 0
91. ds #[ \&
92. ds #] \&
93.\}
94. \" simple accents for nroff and troff
95.if n \{\
96. ds ' \&
97. ds ` \&
98. ds ^ \&
99. ds , \&
100. ds ~ ~
101. ds /
102.\}
103.if t \{\
104. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
105. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
106. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
107. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
108. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
109. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
110.\}
111. \" troff and (daisy-wheel) nroff accents
112.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
113.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
114.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
115.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
116.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
117.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
118.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
119.ds ae a\h'-(\w'a'u*4/10)'e
120.ds Ae A\h'-(\w'A'u*4/10)'E
121. \" corrections for vroff
122.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
123.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
124. \" for low resolution devices (crt and lpr)
125.if \n(.H>23 .if \n(.V>19 \
126\{\
127. ds : e
128. ds 8 ss
129. ds o a
130. ds d- d\h'-1'\(ga
131. ds D- D\h'-1'\(hy
132. ds th \o'bp'
133. ds Th \o'LP'
134. ds ae ae
135. ds Ae AE
136.\}
137.rm #[ #] #H #V #F C
138.\" ======================================================================
139.\"
140.IX Title "SSL_read 3"
141.TH SSL_read 3 "0.9.7a" "2003-02-19" "OpenSSL"
142.UC
143.SH "NAME"
144SSL_read \- read bytes from a \s-1TLS/SSL\s0 connection.
145.SH "SYNOPSIS"
146.IX Header "SYNOPSIS"
147.Vb 1
148\& #include <openssl/ssl.h>
149.Ve
150.Vb 1
151\& int SSL_read(SSL *ssl, void *buf, int num);
152.Ve
153.SH "DESCRIPTION"
154.IX Header "DESCRIPTION"
155\&\fISSL_read()\fR tries to read \fBnum\fR bytes from the specified \fBssl\fR into the
156buffer \fBbuf\fR.
157.SH "NOTES"
158.IX Header "NOTES"
159If necessary, \fISSL_read()\fR will negotiate a \s-1TLS/SSL\s0 session, if
160not already explicitly performed by SSL_connect(3) or
161SSL_accept(3). If the
162peer requests a re-negotiation, it will be performed transparently during
163the \fISSL_read()\fR operation. The behaviour of \fISSL_read()\fR depends on the
164underlying \s-1BIO\s0.
165.PP
166For the transparent negotiation to succeed, the \fBssl\fR must have been
167initialized to client or server mode. This is being done by calling
168SSL_set_connect_state(3) or \fISSL_set_accept_state()\fR
169before the first call to an \fISSL_read()\fR or SSL_write(3)
170function.
171.PP
172\&\fISSL_read()\fR works based on the \s-1SSL/TLS\s0 records. The data are received in
173records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a
174record has been completely received, it can be processed (decryption and
175check of integrity). Therefore data that was not retrieved at the last
176call of \fISSL_read()\fR can still be buffered inside the \s-1SSL\s0 layer and will be
177retrieved on the next call to \fISSL_read()\fR. If \fBnum\fR is higher than the
178number of bytes buffered, \fISSL_read()\fR will return with the bytes buffered.
179If no more bytes are in the buffer, \fISSL_read()\fR will trigger the processing
180of the next record. Only when the record has been received and processed
181completely, \fISSL_read()\fR will return reporting success. At most the contents
182of the record will be returned. As the size of an \s-1SSL/TLS\s0 record may exceed
183the maximum packet size of the underlying transport (e.g. \s-1TCP\s0), it may
184be necessary to read several packets from the transport layer before the
185record is complete and \fISSL_read()\fR can succeed.
186.PP
187If the underlying \s-1BIO\s0 is \fBblocking\fR, \fISSL_read()\fR will only return, once the
188read operation has been finished or an error occurred, except when a
189renegotiation take place, in which case a \s-1SSL_ERROR_WANT_READ\s0 may occur.
190This behaviour can be controlled with the \s-1SSL_MODE_AUTO_RETRY\s0 flag of the
191SSL_CTX_set_mode(3) call.
192.PP
193If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fISSL_read()\fR will also return
194when the underlying \s-1BIO\s0 could not satisfy the needs of \fISSL_read()\fR
195to continue the operation. In this case a call to
196SSL_get_error(3) with the
197return value of \fISSL_read()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or
198\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. As at any time a re-negotiation is possible, a
199call to \fISSL_read()\fR can also cause write operations! The calling process
200then must repeat the call after taking appropriate action to satisfy the
201needs of \fISSL_read()\fR. The action depends on the underlying \s-1BIO\s0. When using a
202non-blocking socket, nothing is to be done, but \fIselect()\fR can be used to check
203for the required condition. When using a buffering \s-1BIO\s0, like a \s-1BIO\s0 pair, data
204must be written into or retrieved out of the \s-1BIO\s0 before being able to continue.
205.SH "WARNING"
206.IX Header "WARNING"
207When an \fISSL_read()\fR operation has to be repeated because of
208\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR, it must be repeated
209with the same arguments.
210.SH "RETURN VALUES"
211.IX Header "RETURN VALUES"
212The following return values can occur:
213.Ip ">0" 4
214.IX Item ">0"
215The read operation was successful; the return value is the number of
216bytes actually read from the \s-1TLS/SSL\s0 connection.
217.Ip "0" 4
218The read operation was not successful. The reason may either be a clean
219shutdown due to a \*(L"close notify\*(R" alert sent by the peer (in which case
220the \s-1SSL_RECEIVED_SHUTDOWN\s0 flag in the ssl shutdown state is set
221(see SSL_shutdown(3),
222SSL_set_shutdown(3)). It is also possible, that
223the peer simply shut down the underlying transport and the shutdown is
224incomplete. Call \fISSL_get_error()\fR with the return value \fBret\fR to find out,
225whether an error occurred or the connection was shut down cleanly
226(\s-1SSL_ERROR_ZERO_RETURN\s0).
227.Sp
228SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
229only be detected, whether the underlying connection was closed. It cannot
230be checked, whether the closure was initiated by the peer or by something
231else.
232.Ip "<0" 4
233.IX Item "<0"
234The read operation was not successful, because either an error occurred
235or action must be taken by the calling process. Call \fISSL_get_error()\fR with the
236return value \fBret\fR to find out the reason.
237.SH "SEE ALSO"
238.IX Header "SEE ALSO"
239SSL_get_error(3), SSL_write(3),
240SSL_CTX_set_mode(3), SSL_CTX_new(3),
241SSL_connect(3), SSL_accept(3)
242SSL_set_connect_state(3),
243SSL_shutdown(3), SSL_set_shutdown(3),
244ssl(3), bio(3)