aboutsummaryrefslogtreecommitdiffstats
path: root/secure/lib/libcrypto/man/man3/SSL_shutdown.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_shutdown.3')
-rw-r--r--secure/lib/libcrypto/man/man3/SSL_shutdown.328
1 files changed, 20 insertions, 8 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_shutdown.3 b/secure/lib/libcrypto/man/man3/SSL_shutdown.3
index 5b6965f78333..baf29c646d30 100644
--- a/secure/lib/libcrypto/man/man3/SSL_shutdown.3
+++ b/secure/lib/libcrypto/man/man3/SSL_shutdown.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "SSL_SHUTDOWN 3"
-.TH SSL_SHUTDOWN 3 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH SSL_SHUTDOWN 3 "2020-09-22" "1.1.1h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -228,13 +228,13 @@ The behaviour of \fBSSL_shutdown()\fR additionally depends on the underlying \s-
If the underlying \s-1BIO\s0 is \fBblocking\fR, \fBSSL_shutdown()\fR will only return once the
handshake step has been finished or an error occurred.
.PP
-If the underlying \s-1BIO\s0 is \fBnon-blocking\fR, \fBSSL_shutdown()\fR will also return
+If the underlying \s-1BIO\s0 is \fBnonblocking\fR, \fBSSL_shutdown()\fR will also return
when the underlying \s-1BIO\s0 could not satisfy the needs of \fBSSL_shutdown()\fR
to continue the handshake. In this case a call to \fBSSL_get_error()\fR with the
return value of \fBSSL_shutdown()\fR will yield \fB\s-1SSL_ERROR_WANT_READ\s0\fR or
\&\fB\s-1SSL_ERROR_WANT_WRITE\s0\fR. The calling process then must repeat the call after
taking appropriate action to satisfy the needs of \fBSSL_shutdown()\fR.
-The action depends on the underlying \s-1BIO.\s0 When using a non-blocking socket,
+The action depends on the underlying \s-1BIO.\s0 When using a nonblocking socket,
nothing is to be done, but \fBselect()\fR can be used to check for the required
condition. When using a buffering \s-1BIO,\s0 like a \s-1BIO\s0 pair, data must be written
into or retrieved out of the \s-1BIO\s0 before being able to continue.
@@ -249,6 +249,16 @@ state but not actually send the close_notify alert messages,
see \fBSSL_CTX_set_quiet_shutdown\fR\|(3).
When \*(L"quiet shutdown\*(R" is enabled, \fBSSL_shutdown()\fR will always succeed
and return 1.
+Note that this is not standard compliant behaviour.
+It should only be done when the peer has a way to make sure all
+data has been received and doesn't wait for the close_notify alert
+message, otherwise an unexpected \s-1EOF\s0 will be reported.
+.PP
+There are implementations that do not send the required close_notify alert.
+If there is a need to communicate with such an implementation, and it's clear
+that all data has been received, do not wait for the peer's close_notify alert.
+Waiting for the close_notify alert when the peer just closes the connection will
+result in an error being generated.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The following return values can occur:
@@ -256,8 +266,10 @@ The following return values can occur:
The shutdown is not yet finished: the close_notify was sent but the peer
did not send it back yet.
Call \fBSSL_read()\fR to do a bidirectional shutdown.
-The output of \fBSSL_get_error\fR\|(3) may be misleading, as an
-erroneous \s-1SSL_ERROR_SYSCALL\s0 may be flagged even though no error occurred.
+.Sp
+Unlike most other function, returning 0 does not indicate an error.
+\&\fBSSL_get_error\fR\|(3) should not get called, it may misleadingly
+indicate an error even though no error occurred.
.IP "1" 4
.IX Item "1"
The shutdown was successfully completed. The close_notify alert was sent
@@ -266,7 +278,7 @@ and the peer's close_notify alert was received.
.IX Item "<0"
The shutdown was not successful.
Call \fBSSL_get_error\fR\|(3) with the return value \fBret\fR to find out the reason.
-It can occur if an action is needed to continue the operation for non-blocking
+It can occur if an action is needed to continue the operation for nonblocking
BIOs.
.Sp
It can also occur when not all data was read using \fBSSL_read()\fR.
@@ -279,7 +291,7 @@ It can also occur when not all data was read using \fBSSL_read()\fR.
\&\fBssl\fR\|(7), \fBbio\fR\|(7)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
-Copyright 2000\-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000\-2020 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy