X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fssl%2FSSL_get_error.pod;h=48c6b15db78f9448fb87d7f486d9e28033b0e316;hp=747b99741bf22e1d242183235abd00b4a0368014;hb=89e674744d910d9ab03f44e4e8ca68cf96a2b4a0;hpb=2984b0ae248f876823e8981d3b1bbf9f9bf2e3ff diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod index 747b99741b..48c6b15db7 100644 --- a/doc/ssl/SSL_get_error.pod +++ b/doc/ssl/SSL_get_error.pod @@ -8,14 +8,14 @@ SSL_get_error - obtain result code for TLS/SSL I/O operation #include - int SSL_get_error(SSL *ssl, int ret); + int SSL_get_error(const SSL *ssl, int ret); =head1 DESCRIPTION SSL_get_error() returns a result code (suitable for the C "switch" -statement) for a preceding call to SSL_connect(), SSL_accept(), -SSL_read(), or SSL_write() on B. The value returned by that -TLS/SSL I/O function must be passed to SSL_get_error() in parameter +statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(), +SSL_read(), SSL_peek(), or SSL_write() on B. The value returned by +that TLS/SSL I/O function must be passed to SSL_get_error() in parameter B. In addition to B and B, SSL_get_error() inspects the @@ -64,10 +64,21 @@ TLS/SSL I/O function should be retried. Caveat: Any TLS/SSL I/O function can lead to either of B and B. In particular, -SSL_read() may want to write data and SSL_write() may want to read -data. This is because TLS/SSL handshakes may occur at any time -during the protocol (initiated by either the client or the server); -SSL_read() and SSL_write() will handle any pending handshakes. +SSL_read() or SSL_peek() may want to write data and SSL_write() may want +to read data. This is mainly because TLS/SSL handshakes may occur at any +time during the protocol (initiated by either the client or the server); +SSL_read(), SSL_peek(), and SSL_write() will handle any pending handshakes. + +=item SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT + +The operation did not complete; the same TLS/SSL I/O function should be +called again later. The underlying BIO was not connected yet to the peer +and the call would block in connect()/accept(). The SSL function should be +called again when the connection is established. These messages can only +appear with a BIO_s_connect() or BIO_s_accept() BIO, respectively. +In order to find out, when the connection has been successfully established, +on many platforms select() or poll() for writing on the socket file descriptor +can be used. =item SSL_ERROR_WANT_X509_LOOKUP