SSL_do_handshake(3)         OpenSSL         SSL_do_handshake(3)





NAME
       SSL_do_handshake - perform a TLS/SSL handshake

SYNOPSIS
        #include <openssl/ssl.h>

        int SSL_do_handshake(SSL *ssl);

DESCRIPTION
       SSL_do_handshake() will wait for a SSL/TLS handshake to
       take place. If the connection is in client mode, the
       handshake will be started. The handshake routines may
       have to be explicitly set in advance using either
       SSL_set_connect_state(3) or SSL_set_accept_state(3).

NOTES
       The behaviour of SSL_do_handshake() depends on the
       underlying BIO.

       If the underlying BIO is blocking, SSL_do_handshake()
       will only return once the handshake has been finished or
       an error occurred, except for SGC (Server Gated Cryptog-
       raphy). For SGC, SSL_do_handshake() may return with -1,
       but SSL_get_error() will yield SSL_ERROR_WANT_READ/WRITE
       and SSL_do_handshake() should be called again.

       If the underlying BIO is non-blocking, SSL_do_hand-
       shake() will also return when the underlying BIO could
       not satisfy the needs of SSL_do_handshake() to continue
       the handshake. In this case a call to SSL_get_error()
       with the return value of SSL_do_handshake() will yield
       SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. The calling
       process then must repeat the call after taking appropri-
       ate action to satisfy the needs of SSL_do_handshake().
       The action depends on the underlying BIO. When using a
       non-blocking socket, nothing is to be done, but select()
       can be used to check for the required condition. When
       using a buffering BIO, like a BIO pair, data must be
       written into or retrieved out of the BIO before being
       able to continue.

RETURN VALUES
       The following return values can occur:

       1   The TLS/SSL handshake was successfully completed, a
           TLS/SSL connection has been established.

       o   The TLS/SSL handshake was not successful but was
           shut down controlled and by the specifications of
           the TLS/SSL protocol. Call SSL_get_error() with the
           return value ret to find out the reason.

       <0  The TLS/SSL handshake was not successful because a
           fatal error occurred either at the protocol level or
           a connection failure occurred. The shutdown was not
           clean. It can also occur of action is need to con-
           tinue the operation for non-blocking BIOs. Call
           SSL_get_error() with the return value ret to find
           out the reason.

SEE ALSO
       SSL_get_error(3), SSL_connect(3), SSL_accept(3), ssl(3),
       bio(3), SSL_set_connect_state(3)



0.9.7c                     2002-07-19       SSL_do_handshake(3)
