OpenBSD manual page server

Manual Page Search Parameters

SSL_GET_STATE(3) Library Functions Manual SSL_GET_STATE(3)

SSL_get_state, SSL_state, SSL_in_accept_init, SSL_in_before, SSL_in_connect_init, SSL_in_init, SSL_is_init_finishedinspect the state of the SSL state machine

#include <openssl/ssl.h>

SSL_get_state(const SSL *ssl);

SSL_state(const SSL *ssl);

SSL_in_accept_init(const SSL *ssl);

SSL_in_before(const SSL *ssl);

SSL_in_connect_init(const SSL *ssl);

SSL_in_init(const SSL *ssl);

SSL_is_init_finished(const SSL *ssl);

SSL_get_state() returns an encoded representation of the current state of the SSL state machine. SSL_state() is a deprecated alias for SSL_get_state().

The following bits may be set:

This bit is set by SSL_accept(3) and by SSL_set_accept_state(3). It indicates that ssl is set up for server mode and no client initiated the TLS handshake yet. The function SSL_in_accept_init() returns non-zero if this bit is set or 0 otherwise.
This bit is set by the SSL_accept(3), SSL_connect(3), SSL_set_accept_state(3), and SSL_set_connect_state(3) functions. It indicates that the TLS handshake was not initiated yet. The function SSL_in_before() returns non-zero if this bit is set or 0 otherwise.
This bit is set by SSL_connect(3) and by SSL_set_connect_state(3). It indicates that ssl is set up for client mode and no TLS handshake was initiated yet. The function SSL_in_connect_init() returns non-zero if this bit is set or 0 otherwise.

The following masks can be used:

Set if SSL_ST_ACCEPT or SSL_ST_CONNECT is set. The function SSL_in_init() returns a non-zero value if one of these is set or 0 otherwise.
This mask includes all bits except SSL_ST_ACCEPT, SSL_ST_BEFORE, and SSL_ST_CONNECT.
The state is set to this value when a connection is established. The function SSL_is_init_finished() returns a non-zero value if the state equals this constant, or 0 otherwise.
The program is about to renegotiate, for example when entering SSL_read(3) or SSL_write(3) right after SSL_renegotiate(3) was called.

The meaning of other bits is protocol-dependent. Application programs usually do not need to inspect any of those other bits.

All these functions may be implemented as macros.

ssl(3), SSL_renegotiate(3), SSL_set_connect_state(3)

SSL_is_init_finished() first appeared in SSLeay 0.4.5b. SSL_state() first appeared in SSLeay 0.5.2. SSL_in_accept_init(), SSL_in_connect_init(), and SSL_in_init() first appeared in SSLeay 0.6.0. SSL_in_before() first appeared in SSLeay 0.8.0. SSL_get_state() first appeared in SSLeay 0.9.0. All these functions have been available since OpenBSD 2.4.

June 12, 2019 OpenBSD-current