jcs.org
jcs's openbsd hax
openbsd
1.\" $OpenBSD: SSL_accept.3,v 1.7 2025/06/08 22:52:00 schwarze Exp $
2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3.\"
4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
5.\" Copyright (c) 2000, 2001, 2002, 2003 The OpenSSL Project.
6.\" All rights reserved.
7.\"
8.\" Redistribution and use in source and binary forms, with or without
9.\" modification, are permitted provided that the following conditions
10.\" are met:
11.\"
12.\" 1. Redistributions of source code must retain the above copyright
13.\" notice, this list of conditions and the following disclaimer.
14.\"
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\" notice, this list of conditions and the following disclaimer in
17.\" the documentation and/or other materials provided with the
18.\" distribution.
19.\"
20.\" 3. All advertising materials mentioning features or use of this
21.\" software must display the following acknowledgment:
22.\" "This product includes software developed by the OpenSSL Project
23.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24.\"
25.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26.\" endorse or promote products derived from this software without
27.\" prior written permission. For written permission, please contact
28.\" openssl-core@openssl.org.
29.\"
30.\" 5. Products derived from this software may not be called "OpenSSL"
31.\" nor may "OpenSSL" appear in their names without prior written
32.\" permission of the OpenSSL Project.
33.\"
34.\" 6. Redistributions of any form whatsoever must retain the following
35.\" acknowledgment:
36.\" "This product includes software developed by the OpenSSL Project
37.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38.\"
39.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51.\"
52.Dd $Mdocdate: June 8 2025 $
53.Dt SSL_ACCEPT 3
54.Os
55.Sh NAME
56.Nm SSL_accept
57.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake
58.Sh SYNOPSIS
59.Lb libssl libcrypto
60.In openssl/ssl.h
61.Ft int
62.Fn SSL_accept "SSL *ssl"
63.Sh DESCRIPTION
64.Fn SSL_accept
65waits for a TLS/SSL client to initiate the TLS/SSL handshake.
66The communication channel must already have been set and assigned to the
67.Fa ssl
68object by setting an underlying
69.Vt BIO .
70.Pp
71The behaviour of
72.Fn SSL_accept
73depends on the underlying
74.Vt BIO .
75.Pp
76If the underlying
77.Vt BIO
78is
79.Em blocking ,
80.Fn SSL_accept
81will only return once the handshake has been finished or an error occurred.
82.Pp
83If the underlying
84.Vt BIO
85is
86.Em non-blocking ,
87.Fn SSL_accept
88will also return when the underlying
89.Vt BIO
90could not satisfy the needs of
91.Fn SSL_accept
92to continue the handshake, indicating the problem by the return value \(mi1.
93In this case a call to
94.Xr SSL_get_error 3
95with the
96return value of
97.Fn SSL_accept
98will yield
99.Dv SSL_ERROR_WANT_READ
100or
101.Dv SSL_ERROR_WANT_WRITE .
102The calling process then must repeat the call after taking appropriate action
103to satisfy the needs of
104.Fn SSL_accept .
105The action depends on the underlying
106.Dv BIO .
107When using a non-blocking socket, nothing is to be done, but
108.Xr select 2
109can be used to check for the required condition.
110When using a buffering
111.Vt BIO ,
112like a
113.Vt BIO
114pair, data must be written into or retrieved out of the
115.Vt BIO
116before being able to continue.
117.Sh RETURN VALUES
118The following return values can occur:
119.Bl -tag -width Ds
120.It 0
121The TLS/SSL handshake was not successful but was shut down controlled and by
122the specifications of the TLS/SSL protocol.
123Call
124.Xr SSL_get_error 3
125with the return value
126.Fa ret
127to find out the reason.
128.It 1
129The TLS/SSL handshake was successfully completed,
130and a TLS/SSL connection has been established.
131.It <0
132The TLS/SSL handshake was not successful because a fatal error occurred either
133at the protocol level or a connection failure occurred.
134The shutdown was not clean.
135It can also occur of action is need to continue the operation for non-blocking
136.Vt BIO Ns
137s.
138Call
139.Xr SSL_get_error 3
140with the return value
141.Fa ret
142to find out the reason.
143.El
144.Sh SEE ALSO
145.Xr BIO_new 3 ,
146.Xr ssl 3 ,
147.Xr SSL_connect 3 ,
148.Xr SSL_CTX_new 3 ,
149.Xr SSL_do_handshake 3 ,
150.Xr SSL_get_error 3 ,
151.Xr SSL_set_connect_state 3 ,
152.Xr SSL_shutdown 3
153.Sh HISTORY
154.Fn SSL_accept
155appeared in SSLeay 0.4 or earlier and has been available since
156.Ox 2.4 .