gitweb.dragonflybsd.org Git - dragonfly.git/blame_incremental

... / ...

Commit	Line	Data
	1	.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
	2	.\"
	3	.\" Standard preamble:
	4	.\" ========================================================================
	5	.de Sh \" Subsection heading
	6	.br
	7	.if t .Sp
	8	.ne 5
	9	.PP
	10	\fB\\$1\fR
	11	.PP
	12	..
	13	.de Sp \" Vertical space (when we can't use .PP)
	14	.if t .sp .5v
	15	.if n .sp
	16	..
	17	.de Vb \" Begin verbatim text
	18	.ft CW
	19	.nf
	20	.ne \\$1
	21	..
	22	.de Ve \" End verbatim text
	23	.ft R
	24	.fi
	25	..
	26	.\" Set up some character translations and predefined strings. \*(-- will
	27	.\" give an unbreakable dash, \(PI will give pi, \(L" will give a left
	28	.\" double quote, and \*(R" will give a right double quote. \| will give a
	29	.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
	30	.\" do unbreakable dashes and therefore won't be available. \(C` and \(C'
	31	.\" expand to `' in nroff, nothing in troff, for use with C<>.
	32	.tr \(W-\|\(bv\(Tr
	33	.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
	34	.ie n \{\
	35	. ds -- \(*W-
	36	. ds PI pi
	37	. if (\n(.H=4u)&(1m=24u) .ds -- \(W\h'-12u'\(W\h'-12u'-\" diablo 10 pitch
	38	. if (\n(.H=4u)&(1m=20u) .ds -- \(W\h'-12u'\(W\h'-8u'-\" diablo 12 pitch
	39	. ds L" ""
	40	. ds R" ""
	41	. ds C` ""
	42	. ds C' ""
	43	'br\}
	44	.el\{\
	45	. ds -- \\|\(em\\|
	46	. ds PI \(*p
	47	. ds L" ``
	48	. ds R" ''
	49	'br\}
	50	.\"
	51	.\" If the F register is turned on, we'll generate index entries on stderr for
	52	.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
	53	.\" entries marked with X<> in POD. Of course, you'll have to process the
	54	.\" output yourself in some meaningful fashion.
	55	.if \nF \{\
	56	. de IX
	57	. tm Index:\\$1\t\\n%\t"\\$2"
	58	..
	59	. nr % 0
	60	. rr F
	61	.\}
	62	.\"
	63	.\" For nroff, turn off justification. Always turn off hyphenation; it makes
	64	.\" way too many mistakes in technical documents.
	65	.hy 0
	66	.if n .na
	67	.\"
	68	.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
	69	.\" Fear. Run. Save yourself. No user-serviceable parts.
	70	. \" fudge factors for nroff and troff
	71	.if n \{\
	72	. ds #H 0
	73	. ds #V .8m
	74	. ds #F .3m
	75	. ds #[ \f1
	76	. ds #] \fP
	77	.\}
	78	.if t \{\
	79	. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
	80	. ds #V .6m
	81	. ds #F 0
	82	. ds #[ \&
	83	. ds #] \&
	84	.\}
	85	. \" simple accents for nroff and troff
	86	.if n \{\
	87	. ds ' \&
	88	. ds ` \&
	89	. ds ^ \&
	90	. ds , \&
	91	. ds ~ ~
	92	. ds /
	93	.\}
	94	.if t \{\
	95	. ds ' \\k:\h'-(\\n(.wu8/10-\(#H)'\'\h"\|\\n:u"
	96	. ds ` \\k:\h'-(\\n(.wu8/10-\(#H)'\`\h'\|\\n:u'
	97	. ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'^\h'\|\\n:u'
	98	. ds , \\k:\h'-(\\n(.wu*8/10)',\h'\|\\n:u'
	99	. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'\|\\n:u'
	100	. ds / \\k:\h'-(\\n(.wu8/10-\(#H)'\z\(sl\h'\|\\n:u'
	101	.\}
	102	. \" troff and (daisy-wheel) nroff accents
	103	.ds : \\k:\h'-(\\n(.wu8/10-\(#H+.1m+\(#F)'\v'-\(#V'\z.\h'.2m+\(#F'.\h'\|\\n:u'\v'\(#V'
	104	.ds 8 \h'\(#H'\(b\h'-\*(#H'
	105	.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\(#H)/2u'\v'-.3n'\(#[\z\(de\v'.3n'\h'\|\\n:u'\*(#]
	106	.ds d- \h'\(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\(#H'
	107	.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'\|\\n:u'
	108	.ds th \(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u2/3)'\s-1o\s+1\*(#]
	109	.ds Th \(#[\s+2I\s-2\h'-\w'I'u3/5'\v'-.3m'o\v'.3m'\*(#]
	110	.ds ae a\h'-(\w'a'u*4/10)'e
	111	.ds Ae A\h'-(\w'A'u*4/10)'E
	112	. \" corrections for vroff
	113	.if v .ds ~ \\k:\h'-(\\n(.wu9/10-\(#H)'\s-2\u~\d\s+2\h'\|\\n:u'
	114	.if v .ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'\v'-.4m'^\v'.4m'\h'\|\\n:u'
	115	. \" for low resolution devices (crt and lpr)
	116	.if \n(.H>23 .if \n(.V>19 \
	117	\{\
	118	. ds : e
	119	. ds 8 ss
	120	. ds o a
	121	. ds d- d\h'-1'\(ga
	122	. ds D- D\h'-1'\(hy
	123	. ds th \o'bp'
	124	. ds Th \o'LP'
	125	. ds ae ae
	126	. ds Ae AE
	127	.\}
	128	.rm #[ #] #H #V #F C
	129	.\" ========================================================================
	130	.\"
	131	.IX Title "SSL_get_error 3"
	132	.TH SSL_get_error 3 "2004-12-22" "0.9.7e" "OpenSSL"
	133	.SH "NAME"
	134	SSL_get_error \- obtain result code for TLS/SSL I/O operation
	135	.SH "SYNOPSIS"
	136	.IX Header "SYNOPSIS"
	137	.Vb 1
	138	\& #include <openssl/ssl.h>
	139	.Ve
	140	.PP
	141	.Vb 1
	142	\& int SSL_get_error(SSL *ssl, int ret);
	143	.Ve
	144	.SH "DESCRIPTION"
	145	.IX Header "DESCRIPTION"
	146	\&\fISSL_get_error()\fR returns a result code (suitable for the C \(L"switch\(R"
	147	statement) for a preceding call to \fISSL_connect()\fR, \fISSL_accept()\fR, \fISSL_do_handshake()\fR,
	148	\&\fISSL_read()\fR, \fISSL_peek()\fR, or \fISSL_write()\fR on \fBssl\fR. The value returned by
	149	that \s-1TLS/SSL\s0 I/O function must be passed to \fISSL_get_error()\fR in parameter
	150	\&\fBret\fR.
	151	.PP
	152	In addition to \fBssl\fR and \fBret\fR, \fISSL_get_error()\fR inspects the
	153	current thread's OpenSSL error queue. Thus, \fISSL_get_error()\fR must be
	154	used in the same thread that performed the \s-1TLS/SSL\s0 I/O operation, and no
	155	other OpenSSL function calls should appear in between. The current
	156	thread's error queue must be empty before the \s-1TLS/SSL\s0 I/O operation is
	157	attempted, or \fISSL_get_error()\fR will not work reliably.
	158	.SH "RETURN VALUES"
	159	.IX Header "RETURN VALUES"
	160	The following return values can currently occur:
	161	.IP "\s-1SSL_ERROR_NONE\s0" 4
	162	.IX Item "SSL_ERROR_NONE"
	163	The \s-1TLS/SSL\s0 I/O operation completed. This result code is returned
	164	if and only if \fBret > 0\fR.
	165	.IP "\s-1SSL_ERROR_ZERO_RETURN\s0" 4
	166	.IX Item "SSL_ERROR_ZERO_RETURN"
	167	The \s-1TLS/SSL\s0 connection has been closed. If the protocol version is \s-1SSL\s0 3.0
	168	or \s-1TLS\s0 1.0, this result code is returned only if a closure
	169	alert has occurred in the protocol, i.e. if the connection has been
	170	closed cleanly. Note that in this case \fB\s-1SSL_ERROR_ZERO_RETURN\s0\fR
	171	does not necessarily indicate that the underlying transport
	172	has been closed.
	173	.IP "\s-1SSL_ERROR_WANT_READ\s0, \s-1SSL_ERROR_WANT_WRITE\s0" 4
	174	.IX Item "SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE"
	175	The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be
	176	called again later. If, by then, the underlying \fB\s-1BIO\s0\fR has data
	177	available for reading (if the result code is \fB\s-1SSL_ERROR_WANT_READ\s0\fR)
	178	or allows writing data (\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR), then some \s-1TLS/SSL\s0
	179	protocol progress will take place, i.e. at least part of an \s-1TLS/SSL\s0
	180	record will be read or written. Note that the retry may again lead to
	181	a \fB\s-1SSL_ERROR_WANT_READ\s0\fR or \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR condition.
	182	There is no fixed upper limit for the number of iterations that
	183	may be necessary until progress becomes visible at application
	184	protocol level.
	185	.Sp
	186	For socket \fB\s-1BIO\s0\fRs (e.g. when \fISSL_set_fd()\fR was used), \fIselect()\fR or
	187	\&\fIpoll()\fR on the underlying socket can be used to find out when the
	188	\&\s-1TLS/SSL\s0 I/O function should be retried.
	189	.Sp
	190	Caveat: Any \s-1TLS/SSL\s0 I/O function can lead to either of
	191	\&\fB\s-1SSL_ERROR_WANT_READ\s0\fR and \fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. In particular,
	192	\&\fISSL_read()\fR or \fISSL_peek()\fR may want to write data and \fISSL_write()\fR may want
	193	to read data. This is mainly because \s-1TLS/SSL\s0 handshakes may occur at any
	194	time during the protocol (initiated by either the client or the server);
	195	\&\fISSL_read()\fR, \fISSL_peek()\fR, and \fISSL_write()\fR will handle any pending handshakes.
	196	.IP "\s-1SSL_ERROR_WANT_CONNECT\s0, \s-1SSL_ERROR_WANT_ACCEPT\s0" 4
	197	.IX Item "SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT"
	198	The operation did not complete; the same \s-1TLS/SSL\s0 I/O function should be
	199	called again later. The underlying \s-1BIO\s0 was not connected yet to the peer
	200	and the call would block in \fIconnect()\fR/\fIaccept()\fR. The \s-1SSL\s0 function should be
	201	called again when the connection is established. These messages can only
	202	appear with a \fIBIO_s_connect()\fR or \fIBIO_s_accept()\fR \s-1BIO\s0, respectively.
	203	In order to find out, when the connection has been successfully established,
	204	on many platforms \fIselect()\fR or \fIpoll()\fR for writing on the socket file descriptor
	205	can be used.
	206	.IP "\s-1SSL_ERROR_WANT_X509_LOOKUP\s0" 4
	207	.IX Item "SSL_ERROR_WANT_X509_LOOKUP"
	208	The operation did not complete because an application callback set by
	209	\&\fISSL_CTX_set_client_cert_cb()\fR has asked to be called again.
	210	The \s-1TLS/SSL\s0 I/O function should be called again later.
	211	Details depend on the application.
	212	.IP "\s-1SSL_ERROR_SYSCALL\s0" 4
	213	.IX Item "SSL_ERROR_SYSCALL"
	214	Some I/O error occurred. The OpenSSL error queue may contain more
	215	information on the error. If the error queue is empty
	216	(i.e. \fIERR_get_error()\fR returns 0), \fBret\fR can be used to find out more
	217	about the error: If \fBret == 0\fR, an \s-1EOF\s0 was observed that violates
	218	the protocol. If \fBret == \-1\fR, the underlying \fB\s-1BIO\s0\fR reported an
	219	I/O error (for socket I/O on Unix systems, consult \fBerrno\fR for details).
	220	.IP "\s-1SSL_ERROR_SSL\s0" 4
	221	.IX Item "SSL_ERROR_SSL"
	222	A failure in the \s-1SSL\s0 library occurred, usually a protocol error. The
	223	OpenSSL error queue contains more information on the error.
	224	.SH "SEE ALSO"
	225	.IX Header "SEE ALSO"
	226	\&\fIssl\fR\\|(3), \fIerr\fR\\|(3)
	227	.SH "HISTORY"
	228	.IX Header "HISTORY"
	229	\&\fISSL_get_error()\fR was added in SSLeay 0.8.