.\"
.\"	$OpenBSD: SSL_accept.3,v 1.3 2015/06/18 22:51:05 doug Exp $
.\"
.Dd $Mdocdate: June 18 2015 $
.Dt SSL_ACCEPT 3
.Os
.Sh NAME
.Nm SSL_accept
.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake
.Sh SYNOPSIS
.In openssl/ssl.h
.Ft int
.Fn SSL_accept "SSL *ssl"
.Sh DESCRIPTION
.Fn SSL_accept
waits for a TLS/SSL client to initiate the TLS/SSL handshake.
The communication channel must already have been set and assigned to the
.Fa ssl
object by setting an underlying
.Vt BIO .
.Sh NOTES
The behaviour of
.Fn SSL_accept
depends on the underlying
.Vt BIO .
.Pp
If the underlying
.Vt BIO
is
.Em blocking ,
.Fn SSL_accept
will only return once the handshake has been finished or an error occurred.
.Pp
If the underlying
.Vt BIO
is
.Em non-blocking ,
.Fn SSL_accept
will also return when the underlying
.Vt BIO
could not satisfy the needs of
.Fn SSL_accept
to continue the handshake, indicating the problem by the return value \(mi1.
In this case a call to
.Xr SSL_get_error 3
with the
return value of
.Fn SSL_accept
will yield
.Dv SSL_ERROR_WANT_READ
or
.Dv SSL_ERROR_WANT_WRITE .
The calling process then must repeat the call after taking appropriate action
to satisfy the needs of
.Fn SSL_accept .
The action depends on the underlying
.Dv BIO .
When using a non-blocking socket, nothing is to be done, but
.Xr select 2
can be used to check for the required condition.
When using a buffering
.Vt BIO ,
like a
.Vt BIO
pair, data must be written into or retrieved out of the
.Vt BIO
before being able to continue.
.Sh RETURN VALUES
The following return values can occur:
.Bl -tag -width Ds
.It 0
The TLS/SSL handshake was not successful but was shut down controlled and by
the specifications of the TLS/SSL protocol.
Call
.Xr SSL_get_error 3
with the return value
.Fa ret
to find out the reason.
.It 1
The TLS/SSL handshake was successfully completed,
and a TLS/SSL connection has been established.
.It <0
The TLS/SSL handshake was not successful because a fatal error occurred either
at the protocol level or a connection failure occurred.
The shutdown was not clean.
It can also occur of action is need to continue the operation for non-blocking
.Vt BIO Ns
s.
Call
.Xr SSL_get_error 3
with the return value
.Fa ret
to find out the reason.
.El
.Sh SEE ALSO
.Xr bio 3 ,
.Xr ssl 3 ,
.Xr SSL_connect 3 ,
.Xr SSL_CTX_new 3 ,
.Xr SSL_do_handshake 3 ,
.Xr SSL_get_error 3 ,
.Xr SSL_set_connect_state 3 ,
.Xr SSL_shutdown 3