xref: /openssl/doc/man3/SSL_do_handshake.pod (revision ef39dd05)
1=pod
2
3=head1 NAME
4
5SSL_do_handshake - perform a TLS/SSL handshake
6
7=head1 SYNOPSIS
8
9 #include <openssl/ssl.h>
10
11 int SSL_do_handshake(SSL *ssl);
12
13=head1 DESCRIPTION
14
15SSL_do_handshake() will wait for an SSL/TLS handshake to take place. If the
16connection is in client mode, the handshake will be started. The handshake
17routines may have to be explicitly set in advance using either
18L<SSL_set_connect_state(3)> or
19L<SSL_set_accept_state(3)>.
20
21=head1 NOTES
22
23The behaviour of SSL_do_handshake() depends on the underlying BIO.
24
25If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
26once the handshake has been finished or an error occurred.
27
28If the underlying BIO is B<nonblocking>, SSL_do_handshake() will also return
29when the underlying BIO could not satisfy the needs of SSL_do_handshake()
30to continue the handshake. In this case a call to SSL_get_error() with the
31return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or
32B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
33taking appropriate action to satisfy the needs of SSL_do_handshake().
34The action depends on the underlying BIO. When using a nonblocking socket,
35nothing is to be done, but select() can be used to check for the required
36condition. When using a buffering BIO, like a BIO pair, data must be written
37into or retrieved out of the BIO before being able to continue.
38
39=head1 RETURN VALUES
40
41The following return values can occur:
42
43=over 4
44
45=item Z<>0
46
47The TLS/SSL handshake was not successful but was shut down controlled and
48by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
49return value B<ret> to find out the reason.
50
51=item Z<>1
52
53The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
54established.
55
56=item E<lt>0
57
58The TLS/SSL handshake was not successful because a fatal error occurred either
59at the protocol level or a connection failure occurred. The shutdown was
60not clean. It can also occur if action is needed to continue the operation
61for nonblocking BIOs. Call SSL_get_error() with the return value B<ret>
62to find out the reason.
63
64=back
65
66=head1 SEE ALSO
67
68L<SSL_get_error(3)>, L<SSL_connect(3)>,
69L<SSL_accept(3)>, L<ssl(7)>, L<bio(7)>,
70L<SSL_set_connect_state(3)>
71
72=head1 COPYRIGHT
73
74Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
75
76Licensed under the Apache License 2.0 (the "License").  You may not use
77this file except in compliance with the License.  You can obtain a copy
78in the file LICENSE in the source distribution or at
79L<https://www.openssl.org/source/license.html>.
80
81=cut
82