xref: /openssl/doc/man3/SSL_poll.pod (revision ef39dd05)
1=pod
2
3=head1 NAME
4
5SSL_poll,
6SSL_POLL_EVENT_NONE,
7SSL_POLL_EVENT_F,
8SSL_POLL_EVENT_EC,
9SSL_POLL_EVENT_ECD,
10SSL_POLL_EVENT_ER,
11SSL_POLL_EVENT_EW,
12SSL_POLL_EVENT_R,
13SSL_POLL_EVENT_W,
14SSL_POLL_EVENT_ISB,
15SSL_POLL_EVENT_ISU,
16SSL_POLL_EVENT_OSB,
17SSL_POLL_EVENT_OSU,
18SSL_POLL_EVENT_RW,
19SSL_POLL_EVENT_RE,
20SSL_POLL_EVENT_WE,
21SSL_POLL_EVENT_RWE,
22SSL_POLL_EVENT_E,
23SSL_POLL_EVENT_IS,
24SSL_POLL_EVENT_ISE,
25SSL_POLL_EVENT_I,
26SSL_POLL_EVENT_OS,
27SSL_POLL_EVENT_OSE,
28SSL_POLL_FLAG_NO_HANDLE_EVENTS
29- determine or await readiness conditions for one or more pollable objects
30
31=head1 SYNOPSIS
32
33 #include <openssl/ssl.h>
34
35 #define SSL_POLL_EVENT_NONE        0
36
37 #define SSL_POLL_EVENT_F           /* F   (Failure) */
38 #define SSL_POLL_EVENT_EC          /* EC  (Exception on Conn) */
39 #define SSL_POLL_EVENT_ECD         /* ECD (Exception on Conn Drained) */
40 #define SSL_POLL_EVENT_ER          /* ER  (Exception on Read) */
41 #define SSL_POLL_EVENT_EW          /* EW  (Exception on Write) */
42 #define SSL_POLL_EVENT_R           /* R   (Readable) */
43 #define SSL_POLL_EVENT_W           /* W   (Writable) */
44 #define SSL_POLL_EVENT_ISB         /* ISB (Incoming Stream: Bidi) */
45 #define SSL_POLL_EVENT_ISU         /* ISU (Incoming Stream: Uni) */
46 #define SSL_POLL_EVENT_OSB         /* OSB (Outgoing Stream: Bidi) */
47 #define SSL_POLL_EVENT_OSU         /* OSU (Outgoing Stream: Uni) */
48
49 #define SSL_POLL_EVENT_RW          /* R   | W         */
50 #define SSL_POLL_EVENT_RE          /* R   | ER        */
51 #define SSL_POLL_EVENT_WE          /* W   | EW        */
52 #define SSL_POLL_EVENT_RWE         /* RE  | WE        */
53 #define SSL_POLL_EVENT_E           /* EC  | ER  | EW  */
54 #define SSL_POLL_EVENT_IS          /* ISB | ISU       */
55 #define SSL_POLL_EVENT_ISE         /* IS  | EC        */
56 #define SSL_POLL_EVENT_I           /* IS              */
57 #define SSL_POLL_EVENT_OS          /* OSB | OSU       */
58 #define SSL_POLL_EVENT_OSE         /* OS  | EC        */
59
60 typedef struct ssl_poll_item_st {
61     BIO_POLL_DESCRIPTOR desc;
62     uint64_t            events, revents;
63 } SSL_POLL_ITEM;
64
65 #define SSL_POLL_FLAG_NO_HANDLE_EVENTS
66
67 int SSL_poll(SSL_POLL_ITEM         *items,
68              size_t                num_items,
69              size_t                stride,
70              const struct timeval  *timeout,
71              uint64_t              flags,
72              size_t                *result_count);
73
74=head1 DESCRIPTION
75
76SSL_poll() allows the readiness conditions of the resources represented by one
77or more BIO_POLL_DESCRIPTOR structures to be determined. In particular, it can
78be used to query for readiness conditions on QUIC connection SSL objects and
79QUIC stream SSL objects in a single call.
80
81A call to SSL_poll() specifies an array of B<SSL_POLL_ITEM> structures, each of
82which designates a resource which is being polled for readiness, and a set of
83event flags which indicate the specific readiness events which the caller is
84interested in in relation to the specified resource.
85
86The fields of B<SSL_POLL_ITEM> are as follows:
87
88=over 4
89
90=item I<desc>
91
92The resource being polled for readiness, as represented by a
93B<BIO_POLL_DESCRIPTOR>. Currently, this must be a poll descriptor of type
94B<BIO_POLL_DESCRIPTOR_TYPE_SSL>, representing an SSL object pointer, and the SSL
95object must be a QUIC connection SSL object or QUIC stream SSL object.
96
97If a B<SSL_POLL_ITEM> has a poll descriptor type of
98B<BIO_POLL_DESCRIPTOR_TYPE_NONE>, or the SSL object pointer is NULL, the
99B<SSL_POLL_ITEM> array entry is ignored and I<revents> will be set to 0 on
100return.
101
102=item I<events>
103
104This is the set of zero or more events which the caller is interested in
105learning about in relation to the resource described by I<desc>. It is a
106collection of zero or more B<SSL_POLL_EVENT> flags. See L</EVENT TYPES> for a
107description of each of the event types.
108
109=item I<revents>
110
111After SSL_poll() returns, this is the set of zero or more events which are
112actually applicable to the resource described by I<desc>. As for I<events>,
113it is a collection of zero or more B<SSL_POLL_EVENT> flags.
114
115I<revents> need not be a subset of the events specified in I<events>, as some
116event types are defined as always being enabled (non-maskable). See L</EVENT
117TYPES> for more information.
118
119=back
120
121To use SSL_poll(), call it with an array of B<SSL_POLL_ITEM> structures. The
122array need remain allocated only for the duration of the call. I<num_items> must
123be set to the number of entries in the array, and I<stride> must be set to
124C<sizeof(SSL_POLL_ITEM)>.
125
126The present implementation of SSL_poll() is a subset of the functionality which
127will eventually be available. Only a nonblocking mode of operation is available
128at this time, where SSL_poll() always returns immediately. As such, I<timeout>
129must point to a valid B<struct timeval> and that structure must be set to zero.
130In future, other inputs to the I<timeout> argument will result in a blocking
131mode of operation, which is not currently supported. For more information, see
132L</LIMITATIONS>.
133
134The following flags are currently defined for the I<flags> argument:
135
136=over 4
137
138=item B<SSL_POLL_FLAG_NO_HANDLE_EVENTS>
139
140This flag indicates that internal state machine processing should not be
141performed in an attempt to generate new readiness events. Only existing
142readiness events will be reported.
143
144=back
145
146The I<result_count> argument is optional. If it is non-NULL, it is used to
147output the number of entries in the array which have nonzero I<revents> fields
148when the call to SSL_poll() returns; see L</RETURN VALUES> for details.
149
150=head1 EVENT TYPES
151
152The SSL_poll() interface reports zero or more event types on a given resource,
153represented by a bit mask.
154
155All of the event types are level triggered and represent a readiness or
156permanent exception condition; as such, after an event has been reported by
157SSL_poll() for a resource, it will continue to be reported in future SSL_poll()
158calls until the condition ceases to be in effect. A caller must mask the given
159event type bit in future SSL_poll() calls if it does not wish to receive
160repeated notifications and has not caused the underlying readiness condition
161(for example, consuming all available data using L<SSL_read_ex(3)> after
162B<SSL_POLL_EVENT_R> is reported) to be deasserted.
163
164Some event types do not make sense on a given kind of resource. In this case,
165specifying that event type in I<events> is a no-op and will be ignored, and the
166given event will never be reported in I<revents>.
167
168Failure of the polling mechanism itself is considered distinct from an exception
169condition on a resource which was successfully polled. See B<SSL_POLL_EVENT_F>
170and L</RETURN VALUES> for details.
171
172In general, an application should always listen for the event types
173corresponding to exception conditions if it is listening to the corresponding
174non-exception event types (e.g. B<SSL_POLL_EVENT_EC> and B<SSL_POLL_EVENT_ER>
175for B<SSL_POLL_EVENT_R>), as not doing so is unlikely to be a sound design.
176
177Some event types are non-maskable and may be reported in I<revents> regardless
178of whether they were requested in I<events>.
179
180The following event types are supported:
181
182=over 4
183
184=item B<SSL_POLL_EVENT_F>
185
186Polling failure. This event is raised when a resource could not be polled. It is
187distinct from an exception condition reported on a resource which was
188successfully polled and represents a failure of the polling process itself in
189relation to a resource. This may mean that SSL_poll() does not support the kind
190of resource specified.
191
192Where this event is raised on at least one item in I<items>, SSL_poll() will
193return 0 and the ERR stack will contain information pertaining to the first item
194in I<items> with B<SSL_POLL_EVENT_F> set. See L</RETURN VALUES> for more
195information.
196
197This event type may be raised even if it was not requested in I<events>;
198specifying this event type in I<events> does nothing.
199
200=item B<SSL_POLL_EVENT_EC>
201
202Error at connection level. This event is raised when a connection has failed.
203In particular, it is raised when a connection begins terminating.
204
205This event is never raised on objects which are not connections.
206
207=item B<SSL_POLL_EVENT_DCD>
208
209Error at connection level (drained). This event is raised when a connection has
210finished terminating, and has reached the terminated state. This event will
211generally occur after an interval of time passes after the B<SSL_POLL_EVENT_EC>
212event is raised on a connection.
213
214This event is never raised on objects which are not connections.
215
216=item B<SSL_POLL_EVENT_ER>
217
218Error in read direction. For QUIC, this is raised only in the event that a
219stream has a read part and that read part has been reset by the peer (for
220example, using a B<RESET_STREAM> frame).
221
222=item B<SSL_POLL_EVENT_EW>
223
224Error in write direction. For QUIC, this is raised only in the event that a
225stream has a write part and that write part has been reset by the peer using a
226B<STOP_SENDING> frame.
227
228=item B<SSL_POLL_EVENT_R>
229
230Readable. This event is raised when a QUIC stream SSL object (or a QUIC
231connection SSL object with a default stream attached) has application data
232waiting to be read using L<SSL_read_ex(3)>, or a FIN event as represented by
233B<SSL_ERROR_ZERO_RETURN> waiting to be read.
234
235It is not raised in the event of the receiving part of the QUIC stream being
236reset by the peer; see B<SSL_POLL_EVENT_ER>.
237
238=item B<SSL_POLL_EVENT_W>
239
240Writable. This event is raised when a QUIC stream SSL object (or a QUIC
241connection SSL object with a default stream attached) could accept more
242application data using L<SSL_write_ex(3)>.
243
244This event is never raised by a receive-only stream.
245
246This event is never raised by a stream which has had its send part concluded
247normally (as with L<SSL_stream_conclude(3)>) or locally reset (as with
248L<SSL_stream_reset(3)>).
249
250This event does not guarantee that a subsequent call to L<SSL_write_ex(3)> will
251succeed.
252
253=item B<SSL_POLL_EVENT_ISB>
254
255This event, which is only raised by a QUIC connection SSL object, is raised when
256one or more incoming bidirectional streams are available to be accepted using
257L<SSL_accept_stream(3)>.
258
259=item B<SSL_POLL_EVENT_ISU>
260
261This event, which is only raised by a QUIC connection SSL object, is raised when
262one or more incoming unidirectional streams are available to be accepted using
263L<SSL_accept_stream(3)>.
264
265=item B<SSL_POLL_EVENT_OSB>
266
267This event, which is only raised by a QUIC connection SSL object, is raised when
268QUIC stream creation flow control currently permits at least one additional
269bidirectional stream to be locally created.
270
271=item B<SSL_POLL_EVENT_OSU>
272
273This event, which is only raised by a QUIC connection SSL object, is raised when
274QUIC stream creation flow control currently permits at least one additional
275unidirectional stream to be locally created.
276
277=back
278
279=head1 LIMITATIONS
280
281SSL_poll() as presently implemented has the following limitations:
282
283=over 4
284
285=item
286
287The implementation of SSL_poll() only supports nonblocking operation and
288therefore requires the I<timeout> argument be used to specify a zero timeout.
289Calls to SSL_poll() which specify another value, or which pass I<timeout> as
290NULL, will fail. This does not allow waiting, but does allow multiple QUIC SSL
291objects to be queried for their readiness state in a single call.
292
293Future releases will remove this limitation and support blocking SSL_poll().
294
295=item
296
297Only B<BIO_POLL_DESCRIPTOR> structures with type
298B<BIO_POLL_DESCRIPTOR_TYPE_SSL>, referencing QUIC connection SSL objects or QUIC
299stream SSL objects, are supported.
300
301=back
302
303These limitations will be revised in a future release of OpenSSL.
304
305=head1 RETURN VALUES
306
307SSL_poll() returns 1 on success and 0 on failure.
308
309Unless the I<items> pointer itself is invalid, SSL_poll() will always initialise
310the I<revents> fields of all items in the input array upon returning, even if it
311returns failure.
312
313If I<result_count> is non-NULL, it is always written with the number of items in
314the array with nonzero I<revents> fields, even if the SSL_poll() call returns
315failure.
316
317It is possible for I<result_count> to be written as 0 even if the SSL_poll()
318call returns success, namely if no events were output but the polling process
319was successful (e.g. in nonblocking usage) or timed out.
320
321It is possible for I<result_count> to be written as a nonzero value if the
322SSL_poll() call returns failure, for example due to B<SSL_POLL_EVENT_F> events,
323or because some events were detected and output before encountering a failure
324condition while processing a subsequent entry in the I<items> array.
325
326If at least one B<SSL_POLL_EVENT_F> event is output, SSL_poll() is guaranteed
327to return 0 and guaranteed to place at least one ERR on the error stack
328describing the first B<SSL_POLL_EVENT_F> output. Detailed information on any
329additional B<SSL_POLL_EVENT_F> events is not available. SSL_poll() may or may
330not return more than one B<SSL_POLL_EVENT_F> event at once.
331
332"Normal" events representing exceptional I/O conditions which do not
333constitute a failure of the SSL_poll() mechanism itself are not considered
334errors by SSL_poll() and are instead represented using their own event type; see
335L</EVENT TYPES> for details.
336
337The caller can establish the meaning of the SSL_poll() return and output values
338as follows:
339
340=over 4
341
342=item
343
344If SSL_poll() returns 1 and I<result_count> is zero, the operation timed out
345before any resource was ready.
346
347=item
348
349If SSL_poll() returns 1 and I<result_count> is nonzero, that many events were
350output.
351
352=item
353
354If SSL_poll() returns 0 and I<result_count> is zero, the caller has made a basic
355usage error; check the ERR stack for details.
356
357=item
358
359If SSL_poll() returns 0 and I<result_count> is nonzero, inspect the I<items>
360array for B<SSL_POLL_ITEM> structures with the B<SSL_POLL_EVENT_F> event type
361raised in I<revents>. The entries added to the ERR stack (of which there is
362guaranteed to be at least one) reflect the cause of the failure of the first
363item in I<items> with B<SSL_POLL_EVENT_F> raised. Note that there may be events
364other than I<SSL_POLL_EVENT_F> output for items which come before the first
365item with B<SSL_POLL_EVENT_F> raised, and additional B<SSL_POLL_EVENT_F>
366events may or may not have been output, both of which which will be reflected in
367I<result_count>.
368
369=back
370
371=head1 SEE ALSO
372
373L<BIO_get_rpoll_descriptor(3)>, L<BIO_get_wpoll_descriptor(3)>,
374L<SSL_get_rpoll_descriptor(3)>, L<SSL_get_wpoll_descriptor(3)>
375
376=head1 HISTORY
377
378SSL_poll() was added in OpenSSL 3.3.
379
380=head1 COPYRIGHT
381
382Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
383
384Licensed under the Apache License 2.0 (the "License").  You may not use
385this file except in compliance with the License.  You can obtain a copy
386in the file LICENSE in the source distribution or at
387L<https://www.openssl.org/source/license.html>.
388
389=cut
390