SSL_GET_STATE(3) | Library Functions Manual | SSL_GET_STATE(3) |
NAME
SSL_get_state
,
SSL_state
,
SSL_in_accept_init
,
SSL_in_before
,
SSL_in_connect_init
,
SSL_in_init
,
SSL_is_init_finished
—
inspect the state of the SSL state machine
SYNOPSIS
#include
<openssl/ssl.h>
int
SSL_get_state
(const SSL
*ssl);
int
SSL_state
(const SSL *ssl);
int
SSL_in_accept_init
(const SSL
*ssl);
int
SSL_in_before
(const SSL
*ssl);
int
SSL_in_connect_init
(const SSL
*ssl);
int
SSL_in_init
(const SSL *ssl);
int
SSL_is_init_finished
(const SSL
*ssl);
DESCRIPTION
SSL_get_state
()
returns an encoded representation of the current state of the SSL state
machine.
SSL_state
()
is a deprecated alias for SSL_get_state
().
The following bits may be set:
SSL_ST_ACCEPT
- This bit is set by
SSL_accept(3) and by
SSL_set_accept_state(3).
It indicates that ssl is set up for server mode and
no client initiated the TLS handshake yet. The function
SSL_in_accept_init
() returns non-zero if this bit is set or 0 otherwise. SSL_ST_BEFORE
- This bit is set by the
SSL_accept(3),
SSL_connect(3),
SSL_set_accept_state(3),
and
SSL_set_connect_state(3)
functions. It indicates that the TLS handshake was not initiated yet. The
function
SSL_in_before
() returns non-zero if this bit is set or 0 otherwise. SSL_ST_CONNECT
- This bit is set by
SSL_connect(3) and by
SSL_set_connect_state(3).
It indicates that ssl is set up for client mode and
no TLS handshake was initiated yet. The function
SSL_in_connect_init
() returns non-zero if this bit is set or 0 otherwise.
The following masks can be used:
SSL_ST_INIT
- Set if
SSL_ST_ACCEPT
orSSL_ST_CONNECT
is set. The functionSSL_in_init
() returns a non-zero value if one of these is set or 0 otherwise. SSL_ST_MASK
- This mask includes all bits except
SSL_ST_ACCEPT
,SSL_ST_BEFORE
, andSSL_ST_CONNECT
. SSL_ST_OK
- The state is set to this value when a connection is established. The
function
SSL_is_init_finished
() returns a non-zero value if the state equals this constant, or 0 otherwise. SSL_ST_RENEGOTIATE
- The program is about to renegotiate, for example when entering SSL_read(3) or SSL_write(3) right after SSL_renegotiate(3) was called.
The meaning of other bits is protocol-dependent. Application programs usually do not need to inspect any of those other bits.
All these functions may be implemented as macros.
SEE ALSO
HISTORY
SSL_is_init_finished
() first appeared in
SSLeay 0.4.5b. SSL_state
() first appeared in SSLeay
0.5.2. SSL_in_accept_init
(),
SSL_in_connect_init
(), and
SSL_in_init
() first appeared in SSLeay 0.6.0.
SSL_in_before
() first appeared in SSLeay 0.8.0.
SSL_get_state
() first appeared in SSLeay 0.9.0. All
these functions have been available since OpenBSD
2.4.
June 12, 2019 | Linux 6.8.2-arch2-1 |