Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libcrypto / man / BIO_f_ssl.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
8b0cefbb 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
8b0cefbb 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
8b0cefbb 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
8b0cefbb
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
8b0cefbb 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
8b0cefbb
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
8b0cefbb
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
984263bc 41'br\}
8b0cefbb 42.\"
e257b235
PA
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
8b0cefbb 47.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
8b0cefbb
JR
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
e257b235 51.ie \nF \{\
8b0cefbb
JR
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 54..
8b0cefbb
JR
55. nr % 0
56. rr F
984263bc 57.\}
e257b235
PA
58.el \{\
59. de IX
60..
61.\}
aac4ff6f 62.\"
8b0cefbb
JR
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
984263bc 66.if n \{\
8b0cefbb
JR
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
984263bc
MD
72.\}
73.if t \{\
8b0cefbb
JR
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
984263bc 79.\}
8b0cefbb 80. \" simple accents for nroff and troff
984263bc 81.if n \{\
8b0cefbb
JR
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
984263bc
MD
88.\}
89.if t \{\
8b0cefbb
JR
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 96.\}
8b0cefbb 97. \" troff and (daisy-wheel) nroff accents
984263bc
MD
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 107. \" corrections for vroff
984263bc
MD
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 110. \" for low resolution devices (crt and lpr)
984263bc
MD
111.if \n(.H>23 .if \n(.V>19 \
112\{\
8b0cefbb
JR
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
984263bc
MD
122.\}
123.rm #[ #] #H #V #F C
8b0cefbb
JR
124.\" ========================================================================
125.\"
126.IX Title "BIO_f_ssl 3"
e3261593 127.TH BIO_f_ssl 3 "2012-01-04" "1.0.0f" "OpenSSL"
e257b235
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
984263bc
MD
132.SH "NAME"
133BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes,
134BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl,
135BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id,
74dab6c2 136BIO_ssl_shutdown \- SSL BIO
984263bc 137.SH "SYNOPSIS"
8b0cefbb 138.IX Header "SYNOPSIS"
984263bc
MD
139.Vb 2
140\& #include <openssl/bio.h>
141\& #include <openssl/ssl.h>
e257b235 142\&
984263bc 143\& BIO_METHOD *BIO_f_ssl(void);
e257b235 144\&
984263bc
MD
145\& #define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
146\& #define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
147\& #define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
148\& #define BIO_set_ssl_renegotiate_bytes(b,num) \e
149\& BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
150\& #define BIO_set_ssl_renegotiate_timeout(b,seconds) \e
151\& BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
152\& #define BIO_get_num_renegotiates(b) \e
153\& BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
e257b235 154\&
984263bc
MD
155\& BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
156\& BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
157\& BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
158\& int BIO_ssl_copy_session_id(BIO *to,BIO *from);
159\& void BIO_ssl_shutdown(BIO *bio);
e257b235 160\&
984263bc
MD
161\& #define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
162.Ve
163.SH "DESCRIPTION"
8b0cefbb
JR
164.IX Header "DESCRIPTION"
165\&\fIBIO_f_ssl()\fR returns the \s-1SSL\s0 \s-1BIO\s0 method. This is a filter \s-1BIO\s0 which
166is a wrapper round the OpenSSL \s-1SSL\s0 routines adding a \s-1BIO\s0 \*(L"flavour\*(R" to
e257b235 167\&\s-1SSL\s0 I/O.
984263bc 168.PP
8b0cefbb
JR
169I/O performed on an \s-1SSL\s0 \s-1BIO\s0 communicates using the \s-1SSL\s0 protocol with
170the SSLs read and write BIOs. If an \s-1SSL\s0 connection is not established
984263bc
MD
171then an attempt is made to establish one on the first I/O call.
172.PP
8b0cefbb
JR
173If a \s-1BIO\s0 is appended to an \s-1SSL\s0 \s-1BIO\s0 using \fIBIO_push()\fR it is automatically
174used as the \s-1SSL\s0 BIOs read and write BIOs.
984263bc 175.PP
8b0cefbb
JR
176Calling \fIBIO_reset()\fR on an \s-1SSL\s0 \s-1BIO\s0 closes down any current \s-1SSL\s0 connection
177by calling \fISSL_shutdown()\fR. \fIBIO_reset()\fR is then sent to the next \s-1BIO\s0 in
984263bc 178the chain: this will typically disconnect the underlying transport.
8b0cefbb 179The \s-1SSL\s0 \s-1BIO\s0 is then reset to the initial accept or connect state.
984263bc 180.PP
8b0cefbb
JR
181If the close flag is set when an \s-1SSL\s0 \s-1BIO\s0 is freed then the internal
182\&\s-1SSL\s0 structure is also freed using \fISSL_free()\fR.
984263bc 183.PP
8b0cefbb 184\&\fIBIO_set_ssl()\fR sets the internal \s-1SSL\s0 pointer of \s-1BIO\s0 \fBb\fR to \fBssl\fR using
984263bc
MD
185the close flag \fBc\fR.
186.PP
8b0cefbb
JR
187\&\fIBIO_get_ssl()\fR retrieves the \s-1SSL\s0 pointer of \s-1BIO\s0 \fBb\fR, it can then be
188manipulated using the standard \s-1SSL\s0 library functions.
984263bc 189.PP
8b0cefbb 190\&\fIBIO_set_ssl_mode()\fR sets the \s-1SSL\s0 \s-1BIO\s0 mode to \fBclient\fR. If \fBclient\fR
984263bc
MD
191is 1 client mode is set. If \fBclient\fR is 0 server mode is set.
192.PP
8b0cefbb 193\&\fIBIO_set_ssl_renegotiate_bytes()\fR sets the renegotiate byte count
984263bc 194to \fBnum\fR. When set after every \fBnum\fR bytes of I/O (read and write)
8b0cefbb 195the \s-1SSL\s0 session is automatically renegotiated. \fBnum\fR must be at
984263bc
MD
196least 512 bytes.
197.PP
8b0cefbb
JR
198\&\fIBIO_set_ssl_renegotiate_timeout()\fR sets the renegotiate timeout to
199\&\fBseconds\fR. When the renegotiate timeout elapses the session is
984263bc
MD
200automatically renegotiated.
201.PP
8b0cefbb 202\&\fIBIO_get_num_renegotiates()\fR returns the total number of session
984263bc
MD
203renegotiations due to I/O or timeout.
204.PP
8b0cefbb 205\&\fIBIO_new_ssl()\fR allocates an \s-1SSL\s0 \s-1BIO\s0 using \s-1SSL_CTX\s0 \fBctx\fR and using
984263bc
MD
206client mode if \fBclient\fR is non zero.
207.PP
8b0cefbb
JR
208\&\fIBIO_new_ssl_connect()\fR creates a new \s-1BIO\s0 chain consisting of an
209\&\s-1SSL\s0 \s-1BIO\s0 (using \fBctx\fR) followed by a connect \s-1BIO\s0.
984263bc 210.PP
8b0cefbb
JR
211\&\fIBIO_new_buffer_ssl_connect()\fR creates a new \s-1BIO\s0 chain consisting
212of a buffering \s-1BIO\s0, an \s-1SSL\s0 \s-1BIO\s0 (using \fBctx\fR) and a connect
213\&\s-1BIO\s0.
984263bc 214.PP
8b0cefbb
JR
215\&\fIBIO_ssl_copy_session_id()\fR copies an \s-1SSL\s0 session id between
216\&\s-1BIO\s0 chains \fBfrom\fR and \fBto\fR. It does this by locating the
217\&\s-1SSL\s0 BIOs in each chain and calling \fISSL_copy_session_id()\fR on
218the internal \s-1SSL\s0 pointer.
984263bc 219.PP
8b0cefbb
JR
220\&\fIBIO_ssl_shutdown()\fR closes down an \s-1SSL\s0 connection on \s-1BIO\s0
221chain \fBbio\fR. It does this by locating the \s-1SSL\s0 \s-1BIO\s0 in the
222chain and calling \fISSL_shutdown()\fR on its internal \s-1SSL\s0
984263bc
MD
223pointer.
224.PP
8b0cefbb
JR
225\&\fIBIO_do_handshake()\fR attempts to complete an \s-1SSL\s0 handshake on the
226supplied \s-1BIO\s0 and establish the \s-1SSL\s0 connection. It returns 1
984263bc
MD
227if the connection was established successfully. A zero or negative
228value is returned if the connection could not be established, the
229call \fIBIO_should_retry()\fR should be used for non blocking connect BIOs
8b0cefbb 230to determine if the call should be retried. If an \s-1SSL\s0 connection has
984263bc
MD
231already been established this call has no effect.
232.SH "NOTES"
8b0cefbb
JR
233.IX Header "NOTES"
234\&\s-1SSL\s0 BIOs are exceptional in that if the underlying transport
984263bc
MD
235is non blocking they can still request a retry in exceptional
236circumstances. Specifically this will happen if a session
237renegotiation takes place during a \fIBIO_read()\fR operation, one
8b0cefbb 238case where this happens is when \s-1SGC\s0 or step up occurs.
984263bc 239.PP
8b0cefbb 240In OpenSSL 0.9.6 and later the \s-1SSL\s0 flag \s-1SSL_AUTO_RETRY\s0 can be
984263bc 241set to disable this behaviour. That is when this flag is set
8b0cefbb 242an \s-1SSL\s0 \s-1BIO\s0 using a blocking transport will never request a
984263bc
MD
243retry.
244.PP
245Since unknown \fIBIO_ctrl()\fR operations are sent through filter
246BIOs the servers name and port can be set using \fIBIO_set_host()\fR
8b0cefbb
JR
247on the \s-1BIO\s0 returned by \fIBIO_new_ssl_connect()\fR without having
248to locate the connect \s-1BIO\s0 first.
984263bc
MD
249.PP
250Applications do not have to call \fIBIO_do_handshake()\fR but may wish
251to do so to separate the handshake process from other I/O
252processing.
253.SH "RETURN VALUES"
8b0cefbb
JR
254.IX Header "RETURN VALUES"
255\&\s-1TBA\s0
984263bc 256.SH "EXAMPLE"
8b0cefbb
JR
257.IX Header "EXAMPLE"
258This \s-1SSL/TLS\s0 client example, attempts to retrieve a page from an
259\&\s-1SSL/TLS\s0 web server. The I/O routines are identical to those of the
260unencrypted example in \fIBIO_s_connect\fR\|(3).
984263bc
MD
261.PP
262.Vb 5
263\& BIO *sbio, *out;
264\& int len;
265\& char tmpbuf[1024];
266\& SSL_CTX *ctx;
267\& SSL *ssl;
e257b235 268\&
984263bc
MD
269\& ERR_load_crypto_strings();
270\& ERR_load_SSL_strings();
271\& OpenSSL_add_all_algorithms();
e257b235
PA
272\&
273\& /* We would seed the PRNG here if the platform didn\*(Aqt
984263bc
MD
274\& * do it automatically
275\& */
e257b235 276\&
984263bc 277\& ctx = SSL_CTX_new(SSLv23_client_method());
e257b235
PA
278\&
279\& /* We\*(Aqd normally set some stuff like the verify paths and
984263bc
MD
280\& * mode here because as things stand this will connect to
281\& * any server whose certificate is signed by any CA.
282\& */
e257b235 283\&
984263bc 284\& sbio = BIO_new_ssl_connect(ctx);
e257b235 285\&
984263bc 286\& BIO_get_ssl(sbio, &ssl);
e257b235 287\&
984263bc 288\& if(!ssl) {
e257b235 289\& fprintf(stderr, "Can\*(Aqt locate SSL pointer\en");
984263bc
MD
290\& /* whatever ... */
291\& }
e257b235
PA
292\&
293\& /* Don\*(Aqt want any retries */
984263bc 294\& SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
e257b235 295\&
984263bc 296\& /* We might want to do other things with ssl here */
e257b235 297\&
984263bc 298\& BIO_set_conn_hostname(sbio, "localhost:https");
e257b235 299\&
984263bc
MD
300\& out = BIO_new_fp(stdout, BIO_NOCLOSE);
301\& if(BIO_do_connect(sbio) <= 0) {
302\& fprintf(stderr, "Error connecting to server\en");
303\& ERR_print_errors_fp(stderr);
304\& /* whatever ... */
305\& }
e257b235 306\&
984263bc
MD
307\& if(BIO_do_handshake(sbio) <= 0) {
308\& fprintf(stderr, "Error establishing SSL connection\en");
309\& ERR_print_errors_fp(stderr);
310\& /* whatever ... */
311\& }
e257b235 312\&
984263bc 313\& /* Could examine ssl here to get connection info */
e257b235 314\&
984263bc
MD
315\& BIO_puts(sbio, "GET / HTTP/1.0\en\en");
316\& for(;;) {
317\& len = BIO_read(sbio, tmpbuf, 1024);
318\& if(len <= 0) break;
319\& BIO_write(out, tmpbuf, len);
320\& }
321\& BIO_free_all(sbio);
322\& BIO_free(out);
323.Ve
8b0cefbb 324.PP
984263bc 325Here is a simple server example. It makes use of a buffering
8b0cefbb 326\&\s-1BIO\s0 to allow lines to be read from the \s-1SSL\s0 \s-1BIO\s0 using BIO_gets.
984263bc
MD
327It creates a pseudo web page containing the actual request from
328a client and also echoes the request to standard output.
329.PP
330.Vb 5
331\& BIO *sbio, *bbio, *acpt, *out;
332\& int len;
333\& char tmpbuf[1024];
334\& SSL_CTX *ctx;
335\& SSL *ssl;
e257b235 336\&
984263bc
MD
337\& ERR_load_crypto_strings();
338\& ERR_load_SSL_strings();
339\& OpenSSL_add_all_algorithms();
e257b235 340\&
984263bc 341\& /* Might seed PRNG here */
e257b235 342\&
984263bc 343\& ctx = SSL_CTX_new(SSLv23_server_method());
e257b235 344\&
984263bc
MD
345\& if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
346\& || !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM)
347\& || !SSL_CTX_check_private_key(ctx)) {
e257b235 348\&
984263bc
MD
349\& fprintf(stderr, "Error setting up SSL_CTX\en");
350\& ERR_print_errors_fp(stderr);
351\& return 0;
352\& }
e257b235 353\&
984263bc
MD
354\& /* Might do other things here like setting verify locations and
355\& * DH and/or RSA temporary key callbacks
356\& */
e257b235 357\&
984263bc
MD
358\& /* New SSL BIO setup as server */
359\& sbio=BIO_new_ssl(ctx,0);
e257b235 360\&
984263bc 361\& BIO_get_ssl(sbio, &ssl);
e257b235 362\&
984263bc 363\& if(!ssl) {
e257b235 364\& fprintf(stderr, "Can\*(Aqt locate SSL pointer\en");
984263bc
MD
365\& /* whatever ... */
366\& }
e257b235
PA
367\&
368\& /* Don\*(Aqt want any retries */
984263bc 369\& SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
e257b235 370\&
984263bc 371\& /* Create the buffering BIO */
e257b235 372\&
984263bc 373\& bbio = BIO_new(BIO_f_buffer());
e257b235 374\&
984263bc
MD
375\& /* Add to chain */
376\& sbio = BIO_push(bbio, sbio);
e257b235 377\&
984263bc 378\& acpt=BIO_new_accept("4433");
e257b235 379\&
984263bc
MD
380\& /* By doing this when a new connection is established
381\& * we automatically have sbio inserted into it. The
e257b235 382\& * BIO chain is now \*(Aqswallowed\*(Aq by the accept BIO and
984263bc
MD
383\& * will be freed when the accept BIO is freed.
384\& */
e257b235 385\&
984263bc 386\& BIO_set_accept_bios(acpt,sbio);
e257b235 387\&
984263bc 388\& out = BIO_new_fp(stdout, BIO_NOCLOSE);
e257b235 389\&
984263bc
MD
390\& /* Setup accept BIO */
391\& if(BIO_do_accept(acpt) <= 0) {
392\& fprintf(stderr, "Error setting up accept BIO\en");
393\& ERR_print_errors_fp(stderr);
394\& return 0;
395\& }
e257b235 396\&
984263bc
MD
397\& /* Now wait for incoming connection */
398\& if(BIO_do_accept(acpt) <= 0) {
399\& fprintf(stderr, "Error in connection\en");
400\& ERR_print_errors_fp(stderr);
401\& return 0;
402\& }
e257b235 403\&
984263bc
MD
404\& /* We only want one connection so remove and free
405\& * accept BIO
406\& */
e257b235 407\&
984263bc 408\& sbio = BIO_pop(acpt);
e257b235 409\&
984263bc 410\& BIO_free_all(acpt);
e257b235 411\&
984263bc
MD
412\& if(BIO_do_handshake(sbio) <= 0) {
413\& fprintf(stderr, "Error in SSL handshake\en");
414\& ERR_print_errors_fp(stderr);
415\& return 0;
416\& }
e257b235
PA
417\&
418\& BIO_puts(sbio, "HTTP/1.0 200 OK\er\enContent\-type: text/plain\er\en\er\en");
74dab6c2 419\& BIO_puts(sbio, "\er\enConnection Established\er\enRequest headers:\er\en");
e257b235
PA
420\& BIO_puts(sbio, "\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\er\en");
421\&
984263bc
MD
422\& for(;;) {
423\& len = BIO_gets(sbio, tmpbuf, 1024);
424\& if(len <= 0) break;
425\& BIO_write(sbio, tmpbuf, len);
426\& BIO_write(out, tmpbuf, len);
427\& /* Look for blank line signifying end of headers*/
e257b235 428\& if((tmpbuf[0] == \*(Aq\er\*(Aq) || (tmpbuf[0] == \*(Aq\en\*(Aq)) break;
984263bc 429\& }
e257b235
PA
430\&
431\& BIO_puts(sbio, "\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\er\en");
74dab6c2 432\& BIO_puts(sbio, "\er\en");
e257b235 433\&
984263bc
MD
434\& /* Since there is a buffering BIO present we had better flush it */
435\& BIO_flush(sbio);
e257b235 436\&
984263bc
MD
437\& BIO_free_all(sbio);
438.Ve
01185282
PA
439.SH "BUGS"
440.IX Header "BUGS"
441In OpenSSL versions before 1.0.0 the \fIBIO_pop()\fR call was handled incorrectly,
442the I/O \s-1BIO\s0 reference count was incorrectly incremented (instead of
443decremented) and dissociated with the \s-1SSL\s0 \s-1BIO\s0 even if the \s-1SSL\s0 \s-1BIO\s0 was not
444explicitly being popped (e.g. a pop higher up the chain). Applications which
445included workarounds for this bug (e.g. freeing BIOs more than once) should
446be modified to handle this fix or they may free up an already freed \s-1BIO\s0.
984263bc
MD
447.SH "SEE ALSO"
448.IX Header "SEE ALSO"
8b0cefbb 449\&\s-1TBA\s0