gitweb.dragonflybsd.org Git - dragonfly.git/blame_incremental

... / ...

Commit	Line	Data
	1	.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
	2	.\"
	3	.\" Standard preamble:
	4	.\" ========================================================================
	5	.de Sp \" Vertical space (when we can't use .PP)
	6	.if t .sp .5v
	7	.if n .sp
	8	..
	9	.de Vb \" Begin verbatim text
	10	.ft CW
	11	.nf
	12	.ne \\$1
	13	..
	14	.de Ve \" End verbatim text
	15	.ft R
	16	.fi
	17	..
	18	.\" Set up some character translations and predefined strings. \*(-- will
	19	.\" give an unbreakable dash, \(PI will give pi, \(L" will give a left
	20	.\" double quote, and \(R" will give a right double quote. \(C+ will
	21	.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
	22	.\" therefore won't be available. \(C` and \(C' expand to `' in nroff,
	23	.\" nothing in troff, for use with C<>.
	24	.tr \(*W-
	25	.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
	26	.ie n \{\
	27	. ds -- \(*W-
	28	. ds PI pi
	29	. if (\n(.H=4u)&(1m=24u) .ds -- \(W\h'-12u'\(W\h'-12u'-\" diablo 10 pitch
	30	. if (\n(.H=4u)&(1m=20u) .ds -- \(W\h'-12u'\(W\h'-8u'-\" diablo 12 pitch
	31	. ds L" ""
	32	. ds R" ""
	33	. ds C` ""
	34	. ds C' ""
	35	'br\}
	36	.el\{\
	37	. ds -- \\|\(em\\|
	38	. ds PI \(*p
	39	. ds L" ``
	40	. ds R" ''
	41	'br\}
	42	.\"
	43	.\" Escape single quotes in literal strings from groff's Unicode transform.
	44	.ie \n(.g .ds Aq \(aq
	45	.el .ds Aq '
	46	.\"
	47	.\" If the F register is turned on, we'll generate index entries on stderr for
	48	.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
	49	.\" entries marked with X<> in POD. Of course, you'll have to process the
	50	.\" output yourself in some meaningful fashion.
	51	.ie \nF \{\
	52	. de IX
	53	. tm Index:\\$1\t\\n%\t"\\$2"
	54	..
	55	. nr % 0
	56	. rr F
	57	.\}
	58	.el \{\
	59	. de IX
	60	..
	61	.\}
	62	.\"
	63	.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
	64	.\" Fear. Run. Save yourself. No user-serviceable parts.
	65	. \" fudge factors for nroff and troff
	66	.if n \{\
	67	. ds #H 0
	68	. ds #V .8m
	69	. ds #F .3m
	70	. ds #[ \f1
	71	. ds #] \fP
	72	.\}
	73	.if t \{\
	74	. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
	75	. ds #V .6m
	76	. ds #F 0
	77	. ds #[ \&
	78	. ds #] \&
	79	.\}
	80	. \" simple accents for nroff and troff
	81	.if n \{\
	82	. ds ' \&
	83	. ds ` \&
	84	. ds ^ \&
	85	. ds , \&
	86	. ds ~ ~
	87	. ds /
	88	.\}
	89	.if t \{\
	90	. ds ' \\k:\h'-(\\n(.wu8/10-\(#H)'\'\h"\|\\n:u"
	91	. ds ` \\k:\h'-(\\n(.wu8/10-\(#H)'\`\h'\|\\n:u'
	92	. ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'^\h'\|\\n:u'
	93	. ds , \\k:\h'-(\\n(.wu*8/10)',\h'\|\\n:u'
	94	. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'\|\\n:u'
	95	. ds / \\k:\h'-(\\n(.wu8/10-\(#H)'\z\(sl\h'\|\\n:u'
	96	.\}
	97	. \" troff and (daisy-wheel) nroff accents
	98	.ds : \\k:\h'-(\\n(.wu8/10-\(#H+.1m+\(#F)'\v'-\(#V'\z.\h'.2m+\(#F'.\h'\|\\n:u'\v'\(#V'
	99	.ds 8 \h'\(#H'\(b\h'-\*(#H'
	100	.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\(#H)/2u'\v'-.3n'\(#[\z\(de\v'.3n'\h'\|\\n:u'\*(#]
	101	.ds d- \h'\(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\(#H'
	102	.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'\|\\n:u'
	103	.ds th \(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u2/3)'\s-1o\s+1\*(#]
	104	.ds Th \(#[\s+2I\s-2\h'-\w'I'u3/5'\v'-.3m'o\v'.3m'\*(#]
	105	.ds ae a\h'-(\w'a'u*4/10)'e
	106	.ds Ae A\h'-(\w'A'u*4/10)'E
	107	. \" corrections for vroff
	108	.if v .ds ~ \\k:\h'-(\\n(.wu9/10-\(#H)'\s-2\u~\d\s+2\h'\|\\n:u'
	109	.if v .ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'\v'-.4m'^\v'.4m'\h'\|\\n:u'
	110	. \" for low resolution devices (crt and lpr)
	111	.if \n(.H>23 .if \n(.V>19 \
	112	\{\
	113	. ds : e
	114	. ds 8 ss
	115	. ds o a
	116	. ds d- d\h'-1'\(ga
	117	. ds D- D\h'-1'\(hy
	118	. ds th \o'bp'
	119	. ds Th \o'LP'
	120	. ds ae ae
	121	. ds Ae AE
	122	.\}
	123	.rm #[ #] #H #V #F C
	124	.\" ========================================================================
	125	.\"
	126	.IX Title "SSL_get_error 3"
	127	.TH SSL_get_error 3 "2011-02-08" "1.0.0d" "OpenSSL"
	128	.\" For nroff, turn off justification. Always turn off hyphenation; it makes
	129	.\" way too many mistakes in technical documents.
	130	.if n .ad l
	131	.nh
	132	.SH "NAME"
	133	SSL_get_error \- obtain result code for TLS/SSL I/O operation
	134	.SH "SYNOPSIS"
	135	.IX Header "SYNOPSIS"
	136	.Vb 1
	137	\& #include <openssl/ssl.h>
	138	\&
	139	\& int SSL_get_error(const SSL *ssl, int ret);
	140	.Ve
	141	.SH "DESCRIPTION"
	142	.IX Header "DESCRIPTION"
	143	\&\fISSL_get_error()\fR returns a result code (suitable for the C \(L"switch\(R"
	144	statement) for a preceding call to \fISSL_connect()\fR, \fISSL_accept()\fR, \fISSL_do_handshake()\fR,
	145	\&\fISSL_read()\fR, \fISSL_peek()\fR, or \fISSL_write()\fR on \fBssl\fR. The value returned by
	146	that \s-1TLS/SSL\s0 I/O function must be passed to \fISSL_get_error()\fR in parameter
	147	\&\fBret\fR.
	148	.PP
	149	In addition to \fBssl\fR and \fBret\fR, \fISSL_get_error()\fR inspects the
	150	current thread's OpenSSL error queue. Thus, \fISSL_get_error()\fR must be
	151	used in the same thread that performed the \s-1TLS/SSL\s0 I/O operation, and no
	152	other OpenSSL function calls should appear in between. The current
	153	thread's error queue must be empty before the \s-1TLS/SSL\s0 I/O operation is
	154	attempted, or \fISSL_get_error()\fR will not work reliably.
	155	.SH "RETURN VALUES"
	156	.IX Header "RETURN VALUES"
	157	The following return values can currently occur:
	158	.IP "\s-1SSL_ERROR_NONE\s0" 4
	159	.IX Item "SSL_ERROR_NONE"
	160	The \s-1TLS/SSL\s0 I/O operation completed. This result code is returned
	161	if and only if \fBret > 0\fR.
	162	.IP "\s-1SSL_ERROR_ZERO_RETURN\s0" 4
	163	.IX Item "SSL_ERROR_ZERO_RETURN"
	164	The \s-1TLS/SSL\s0 connection has been closed. If the protocol version is \s-1SSL\s0 3.0
	165	or \s-1TLS\s0 1.0, this result code is returned only if a closure
	166	alert has occurred in the protocol, i.e. if the connection has been
	167	closed cleanly. Note that in this case \fB\s-1SSL_ERROR_ZERO_RETURN\s0\fR
	168	does not necessarily indicate that the underlying transport
	169	has been closed.
	170	.IP "\s-1SSL_ERROR_WANT_READ\s0, \s-1SSL_ERROR_WANT_WRITE\s0" 4
	171	.IX Item "SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE"
	172	The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be
	173	called again later. If, by then, the underlying \fB\s-1BIO\s0\fR has data
	174	available for reading (if the result code is \fB\s-1SSL_ERROR_WANT_READ\s0\fR)
	175	or allows writing data (\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR), then some \s-1TLS/SSL\s0
	176	protocol progress will take place, i.e. at least part of an \s-1TLS/SSL\s0
	177	record will be read or written. Note that the retry may again lead to
	178	a \fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR condition.
	179	There is no fixed upper limit for the number of iterations that
	180	may be necessary until progress becomes visible at application
	181	protocol level.
	182	.Sp
	183	For socket \fB\s-1BIO\s0\fRs (e.g. when \fISSL_set_fd()\fR was used), \fIselect()\fR or
	184	\&\fIpoll()\fR on the underlying socket can be used to find out when the
	185	\&\s-1TLS/SSL\s0 I/O function should be retried.
	186	.Sp
	187	Caveat: Any \s-1TLS/SSL\s0 I/O function can lead to either of
	188	\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR and \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. In particular,
	189	\&\fISSL_read()\fR or \fISSL_peek()\fR may want to write data and \fISSL_write()\fR may want
	190	to read data. This is mainly because \s-1TLS/SSL\s0 handshakes may occur at any
	191	time during the protocol (initiated by either the client or the server);
	192	\&\fISSL_read()\fR, \fISSL_peek()\fR, and \fISSL_write()\fR will handle any pending handshakes.
	193	.IP "\s-1SSL_ERROR_WANT_CONNECT\s0, \s-1SSL_ERROR_WANT_ACCEPT\s0" 4
	194	.IX Item "SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT"
	195	The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be
	196	called again later. The underlying \s-1BIO\s0 was not connected yet to the peer
	197	and the call would block in \fIconnect()\fR/\fIaccept()\fR. The \s-1SSL\s0 function should be
	198	called again when the connection is established. These messages can only
	199	appear with a \fIBIO_s_connect()\fR or \fIBIO_s_accept()\fR \s-1BIO\s0, respectively.
	200	In order to find out, when the connection has been successfully established,
	201	on many platforms \fIselect()\fR or \fIpoll()\fR for writing on the socket file descriptor
	202	can be used.
	203	.IP "\s-1SSL_ERROR_WANT_X509_LOOKUP\s0" 4
	204	.IX Item "SSL_ERROR_WANT_X509_LOOKUP"
	205	The operation did not complete because an application callback set by
	206	\&\fISSL_CTX_set_client_cert_cb()\fR has asked to be called again.
	207	The \s-1TLS/SSL\s0 I/O function should be called again later.
	208	Details depend on the application.
	209	.IP "\s-1SSL_ERROR_SYSCALL\s0" 4
	210	.IX Item "SSL_ERROR_SYSCALL"
	211	Some I/O error occurred. The OpenSSL error queue may contain more
	212	information on the error. If the error queue is empty
	213	(i.e. \fIERR_get_error()\fR returns 0), \fBret\fR can be used to find out more
	214	about the error: If \fBret == 0\fR, an \s-1EOF\s0 was observed that violates
	215	the protocol. If \fBret == \-1\fR, the underlying \fB\s-1BIO\s0\fR reported an
	216	I/O error (for socket I/O on Unix systems, consult \fBerrno\fR for details).
	217	.IP "\s-1SSL_ERROR_SSL\s0" 4
	218	.IX Item "SSL_ERROR_SSL"
	219	A failure in the \s-1SSL\s0 library occurred, usually a protocol error. The
	220	OpenSSL error queue contains more information on the error.
	221	.SH "SEE ALSO"
	222	.IX Header "SEE ALSO"
	223	\&\fIssl\fR\\|(3), \fIerr\fR\\|(3)
	224	.SH "HISTORY"
	225	.IX Header "HISTORY"
	226	\&\fISSL_get_error()\fR was added in SSLeay 0.8.