X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=doc%2Fssl%2FSSL_write.pod;h=e013c12d5254b0d4d08bb0d6ef47972994b72ada;hb=5a84b7fc2db33cdefc5a7b62f0169f2c08fb3d9b;hp=8110161522a3ddea8657b5165692fb519f4444b8;hpb=4ce7894c4ab87d7c635e45bf5ff8d1d729b79527;p=oweals%2Fopenssl.git diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod index 8110161522..e013c12d52 100644 --- a/doc/ssl/SSL_write.pod +++ b/doc/ssl/SSL_write.pod @@ -8,7 +8,7 @@ SSL_write - write bytes to a TLS/SSL connection. #include - int SSL_write(SSL *ssl, char *buf, int num); + int SSL_write(SSL *ssl, const void *buf, int num); =head1 DESCRIPTION @@ -18,17 +18,27 @@ B connection. =head1 NOTES If necessary, SSL_write() will negotiate a TLS/SSL session, if -not already explicitly performed by SSL_connect() or SSL_accept(). If the +not already explicitly performed by L or +L. If the peer requests a re-negotiation, it will be performed transparently during the SSL_write() operation. The behaviour of SSL_write() depends on the underlying BIO. +For the transparent negotiation to succeed, the B must have been +initialized to client or server mode. This is being done by calling +L or SSL_set_accept_state() +before the first call to an L or SSL_write() function. + If the underlying BIO is B, SSL_write() will only return, once the -write operation has been finished or an error occurred. +write operation has been finished or an error occurred, except when a +renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. +This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the +L call. If the underlying BIO is B, SSL_write() will also return, when the underlying BIO could not satisfy the needs of SSL_write() -to continue the operation. In this case a call to SSL_get_error() with the +to continue the operation. In this case a call to +L with the return value of SSL_write() will yield B or B. As at any time a re-negotiation is possible, a call to SSL_write() can also cause read operations! The calling process @@ -38,12 +48,26 @@ non-blocking socket, nothing is to be done, but select() can be used to check for the required condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of the BIO before being able to continue. +SSL_write() will only return with success, when the complete contents +of B of length B has been written. This default behaviour +can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of +L. When this flag is set, +SSL_write() will also return with success, when a partial write has been +successfully completed. In this case the SSL_write() operation is considered +completed. The bytes are sent and a new SSL_write() operation with a new +buffer (with the already sent bytes removed) must be started. +A partial write is performed with the size of a message block, which is +16kB for SSLv3/TLSv1. + =head1 WARNING When an SSL_write() operation has to be repeated because of B or B, it must be repeated with the same arguments. +When calling SSL_write() with num=0 bytes to be sent the behaviour is +undefined. + =head1 RETURN VALUES The following return values can occur: @@ -57,8 +81,14 @@ bytes actually written to the TLS/SSL connection. =item 0 -The write operation was not successful. Call SSL_get_error() with the return -value B to find out, whether an error occurred. +The write operation was not successful. Probably the underlying connection +was closed. Call SSL_get_error() with the return value B to find out, +whether an error occurred or the connection was shut down cleanly +(SSL_ERROR_ZERO_RETURN). + +SSLv2 (deprecated) does not support a shutdown alert protocol, so it can +only be detected, whether the underlying connection was closed. It cannot +be checked, why the closure happened. =item E0 @@ -71,6 +101,9 @@ return value B to find out the reason. =head1 SEE ALSO L, L, +L, L, +L, L +L, L, L =cut