linenum→info: file: openssl/0.9.8g/doc/ssl/SSL

openssl/0.9.8g/doc/ssl/SSL_read.pod

    1: =pod
    2: 
    3: =head1 NAME
    4: 
    5: SSL_read - read bytes from a TLS/SSL connection.
    6: 
    7: =head1 SYNOPSIS
    8: 
    9:  #include <openssl/ssl.h>
   10: 
   11:  int SSL_read(SSL *ssl, void *buf, int num);
   12: 
   13: =head1 DESCRIPTION
   14: 
   15: SSL_read() tries to read B<num> bytes from the specified B<ssl> into the
   16: buffer B<buf>.
   17: 
   18: =head1 NOTES
   19: 
   20: If necessary, SSL_read() will negotiate a TLS/SSL session, if
   21: not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
   22: L<SSL_accept(3)|SSL_accept(3)>. If the
   23: peer requests a re-negotiation, it will be performed transparently during
   24: the SSL_read() operation. The behaviour of SSL_read() depends on the
   25: underlying BIO. 
   26: 
   27: For the transparent negotiation to succeed, the B<ssl> must have been
   28: initialized to client or server mode. This is being done by calling
   29: L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
   30: before the first call to an SSL_read() or L<SSL_write(3)|SSL_write(3)>
   31: function.
   32: 
   33: SSL_read() works based on the SSL/TLS records. The data are received in
   34: records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a
   35: record has been completely received, it can be processed (decryption and
   36: check of integrity). Therefore data that was not retrieved at the last
   37: call of SSL_read() can still be buffered inside the SSL layer and will be
   38: retrieved on the next call to SSL_read(). If B<num> is higher than the
   39: number of bytes buffered, SSL_read() will return with the bytes buffered.
   40: If no more bytes are in the buffer, SSL_read() will trigger the processing
   41: of the next record. Only when the record has been received and processed
   42: completely, SSL_read() will return reporting success. At most the contents
   43: of the record will be returned. As the size of an SSL/TLS record may exceed
   44: the maximum packet size of the underlying transport (e.g. TCP), it may
   45: be necessary to read several packets from the transport layer before the
   46: record is complete and SSL_read() can succeed.
   47: 
   48: If the underlying BIO is B<blocking>, SSL_read() will only return, once the
   49: read operation has been finished or an error occurred, except when a
   50: renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
   51: This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
   52: L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
   53: 
   54: If the underlying BIO is B<non-blocking>, SSL_read() will also return
   55: when the underlying BIO could not satisfy the needs of SSL_read()
   56: to continue the operation. In this case a call to
   57: L<SSL_get_error(3)|SSL_get_error(3)> with the
   58: return value of SSL_read() will yield B<SSL_ERROR_WANT_READ> or
   59: B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
   60: call to SSL_read() can also cause write operations! The calling process
   61: then must repeat the call after taking appropriate action to satisfy the
   62: needs of SSL_read(). The action depends on the underlying BIO. When using a
   63: non-blocking socket, nothing is to be done, but select() can be used to check
   64: for the required condition. When using a buffering BIO, like a BIO pair, data
   65: must be written into or retrieved out of the BIO before being able to continue.
   66: 
   67: =head1 WARNING
   68: 
   69: When an SSL_read() operation has to be repeated because of
   70: B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
   71: with the same arguments.
   72: 
   73: =head1 RETURN VALUES
   74: 
   75: The following return values can occur:
   76: 
   77: =over 4
   78: 
   79: =item E<gt>0
   80: 
   81: The read operation was successful; the return value is the number of
   82: bytes actually read from the TLS/SSL connection.
   83: 
   84: =item 0
   85: 
   86: The read operation was not successful. The reason may either be a clean
   87: shutdown due to a "close notify" alert sent by the peer (in which case
   88: the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
   89: (see L<SSL_shutdown(3)|SSL_shutdown(3)>,
   90: L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>). It is also possible, that
   91: the peer simply shut down the underlying transport and the shutdown is
   92: incomplete. Call SSL_get_error() with the return value B<ret> to find out,
   93: whether an error occurred or the connection was shut down cleanly
   94: (SSL_ERROR_ZERO_RETURN).
   95: 
   96: SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
   97: only be detected, whether the underlying connection was closed. It cannot
   98: be checked, whether the closure was initiated by the peer or by something
   99: else.
  100: 
  101: =item E<lt>0
  102: 
  103: The read operation was not successful, because either an error occurred
  104: or action must be taken by the calling process. Call SSL_get_error() with the
  105: return value B<ret> to find out the reason.
  106: 
  107: =back
  108: 
  109: =head1 SEE ALSO
  110: 
  111: L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>,
  112: L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
  113: L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
  114: L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
  115: L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
  116: L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
  117: 
  118: =cut
Start Line:
End Line: