[OpenBSD]

Manual Page Search Parameters

SSL_GET_STATE(3) Library Functions Manual SSL_GET_STATE(3)

NAME

SSL_get_state, SSL_state, SSL_in_accept_init, SSL_in_before, SSL_in_connect_init, SSL_in_init, SSL_is_init_finishedinspect the state of the SSL state machine

SYNOPSIS

#include <openssl/ssl.h>
int
SSL_get_state(const SSL *ssl);
int
SSL_state(const SSL *ssl);
int
SSL_in_accept_init(const SSL *ssl);
int
SSL_in_before(const SSL *ssl);
int
SSL_in_connect_init(const SSL *ssl);
int
SSL_in_init(const SSL *ssl);
int
SSL_is_init_finished(const SSL *ssl);

DESCRIPTION

SSL_get_state() returns an encoded representation of the current state of the SSL state machine. SSL_state() is a deprecated alias for SSL_get_state().
The following bits may be set:
 
 
SSL_ST_ACCEPT
This bit is set by SSL_accept(3) and by SSL_set_accept_state(3). It indicates that ssl is set up for server mode and no client initiated the TLS handshake yet. The function SSL_in_accept_init() returns non-zero if this bit is set or 0 otherwise.
 
 
SSL_ST_BEFORE
This bit is set by the SSL_accept(3), SSL_connect(3), SSL_set_accept_state(3), and SSL_set_connect_state(3) functions. It indicates that the TLS handshake was not initiated yet. The function SSL_in_before() returns non-zero if this bit is set or 0 otherwise.
 
 
SSL_ST_CONNECT
This bit is set by SSL_connect(3) and by SSL_set_connect_state(3). It indicates that ssl is set up for client mode and no TLS handshake was initiated yet. The function SSL_in_connect_init() returns non-zero if this bit is set or 0 otherwise.
The following masks can be used:
 
 
SSL_ST_INIT
Set if SSL_ST_ACCEPT or SSL_ST_CONNECT is set. The function SSL_in_init() returns a non-zero value if one of these is set or 0 otherwise.
 
 
SSL_ST_MASK
This mask includes all bits except SSL_ST_ACCEPT, SSL_ST_BEFORE, and SSL_ST_CONNECT.
 
 
SSL_ST_OK
The state is set to this value when a connection is established. The function SSL_is_init_finished() returns a non-zero value if the state equals this constant, or 0 otherwise.
 
 
SSL_ST_RENEGOTIATE
The program is about to renegotiate, for example when entering SSL_read(3) or SSL_write(3) right after SSL_renegotiate(3) was called.
The meaning of other bits is protocol-dependent. Application programs usually do not need to inspect any of those other bits.
All these functions may be implemented as macros.

SEE ALSO

SSL_renegotiate(3), SSL_set_connect_state(3)

HISTORY

These functions are available in all versions of OpenSSL.
December 10, 2016 OpenBSD-current