X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=lib%2Fopenssl%2Fdoc%2Fssl%2FSSL_read.pod;fp=lib%2Fopenssl%2Fdoc%2Fssl%2FSSL_read.pod;h=8ca0ce5058da0e5f1299e16d559067e5983737d8;hb=9ff1530871deeb0f7eaa35ca0db6630724045e4a;hp=0000000000000000000000000000000000000000;hpb=25b73076b01ae059da1a2e9a1677e00788ada620;p=cassiopeia.git diff --git a/lib/openssl/doc/ssl/SSL_read.pod b/lib/openssl/doc/ssl/SSL_read.pod new file mode 100644 index 0000000..8ca0ce5 --- /dev/null +++ b/lib/openssl/doc/ssl/SSL_read.pod @@ -0,0 +1,124 @@ +=pod + +=head1 NAME + +SSL_read - read bytes from a TLS/SSL connection. + +=head1 SYNOPSIS + + #include + + int SSL_read(SSL *ssl, void *buf, int num); + +=head1 DESCRIPTION + +SSL_read() tries to read B bytes from the specified B into the +buffer B. + +=head1 NOTES + +If necessary, SSL_read() will negotiate a TLS/SSL session, if +not already explicitly performed by L or +L. If the +peer requests a re-negotiation, it will be performed transparently during +the SSL_read() operation. The behaviour of SSL_read() depends on the +underlying BIO. + +For the transparent negotiation to succeed, the B must have been +initialized to client or server mode. This is being done by calling +L or SSL_set_accept_state() +before the first call to an SSL_read() or L +function. + +SSL_read() works based on the SSL/TLS records. The data are received in +records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a +record has been completely received, it can be processed (decryption and +check of integrity). Therefore data that was not retrieved at the last +call of SSL_read() can still be buffered inside the SSL layer and will be +retrieved on the next call to SSL_read(). If B is higher than the +number of bytes buffered, SSL_read() will return with the bytes buffered. +If no more bytes are in the buffer, SSL_read() will trigger the processing +of the next record. Only when the record has been received and processed +completely, SSL_read() will return reporting success. At most the contents +of the record will be returned. As the size of an SSL/TLS record may exceed +the maximum packet size of the underlying transport (e.g. TCP), it may +be necessary to read several packets from the transport layer before the +record is complete and SSL_read() can succeed. + +If the underlying BIO is B, SSL_read() will only return, once the +read operation has been finished or an error occurred, except when a +renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. +This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the +L call. + +If the underlying BIO is B, SSL_read() will also return +when the underlying BIO could not satisfy the needs of SSL_read() +to continue the operation. In this case a call to +L with the +return value of SSL_read() will yield B or +B. As at any time a re-negotiation is possible, a +call to SSL_read() can also cause write operations! The calling process +then must repeat the call after taking appropriate action to satisfy the +needs of SSL_read(). The action depends on the underlying BIO. When using a +non-blocking socket, nothing is to be done, but select() can be used to check +for the required condition. When using a buffering BIO, like a BIO pair, data +must be written into or retrieved out of the BIO before being able to continue. + +L can be used to find out whether there +are buffered bytes available for immediate retrieval. In this case +SSL_read() can be called without blocking or actually receiving new +data from the underlying socket. + +=head1 WARNING + +When an SSL_read() operation has to be repeated because of +B or B, it must be repeated +with the same arguments. + +=head1 RETURN VALUES + +The following return values can occur: + +=over 4 + +=item E0 + +The read operation was successful; the return value is the number of +bytes actually read from the TLS/SSL connection. + +=item Z<>0 + +The read operation was not successful. The reason may either be a clean +shutdown due to a "close notify" alert sent by the peer (in which case +the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set +(see L, +L). It is also possible, that +the peer simply shut down the underlying transport and the shutdown is +incomplete. Call SSL_get_error() with the return value B to find out, +whether an error occurred or the connection was shut down cleanly +(SSL_ERROR_ZERO_RETURN). + +SSLv2 (deprecated) does not support a shutdown alert protocol, so it can +only be detected, whether the underlying connection was closed. It cannot +be checked, whether the closure was initiated by the peer or by something +else. + +=item E0 + +The read operation was not successful, because either an error occurred +or action must be taken by the calling process. Call SSL_get_error() with the +return value B to find out the reason. + +=back + +=head1 SEE ALSO + +L, L, +L, L, +L, L +L, +L, +L, L, +L, L + +=cut