This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

This manual page is associated with the Mac OS X developer tools. The software or headers described may not be present on your Mac OS X installation until you install the developer tools package. This package is available on your Mac OS X installation DVD, and the latest versions can be downloaded from developer.apple.com.

For more information about the manual page format, see the manual page for manpages(5).

SSL_do_handshake(3)                                OpenSSL                               SSL_do_handshake(3)



NAME
       SSL_do_handshake - perform a TLS/SSL handshake

SYNOPSIS
        #include <openssl/ssl.h>

        int SSL_do_handshake(SSL *ssl);

DESCRIPTION
       SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the connection is in client
       mode, the handshake will be started. The handshake routines may have to be explicitly set in advance
       using either SSL_set_connect_state(3) or SSL_set_accept_state(3).

NOTES
       The behaviour of SSL_do_handshake() depends on the underlying BIO.

       If the underlying BIO is blocking, SSL_do_handshake() will only return once the handshake has been
       finished or an error occurred, except for SGC (Server Gated Cryptography). For SGC,
       SSL_do_handshake() may return with -1, but SSL_get_error() will yield SSL_ERROR_WANT_READ/WRITE and
       SSL_do_handshake() should be called again.

       If the underlying BIO is non-blocking, SSL_do_handshake() will also return when the underlying BIO
       could not satisfy the needs of SSL_do_handshake() to continue the handshake. In this case a call to
       SSL_get_error() with the return value of SSL_do_handshake() will yield SSL_ERROR_WANT_READ or
       SSL_ERROR_WANT_WRITE. The calling process then must repeat the call after taking appropriate action
       to satisfy the needs of SSL_do_handshake().  The action depends on the underlying BIO. When using a
       non-blocking socket, nothing is to be done, but select() can be used to check for the required
       condition. When using a buffering BIO, like a BIO pair, data must be written into or retrieved out of
       the BIO before being able to continue.

RETURN VALUES
       The following return values can occur:

       1.  The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been established.

       2.  The TLS/SSL handshake was not successful but was shut down controlled and by the specifications
           of the TLS/SSL protocol. Call SSL_get_error() with the return value ret to find out the reason.

       3.  <0

           The TLS/SSL handshake was not successful because a fatal error occurred either at the protocol
           level or a connection failure occurred. The shutdown was not clean. It can also occur of action
           is need to continue the operation for non-blocking BIOs. Call SSL_get_error() with the return
           value ret to find out the reason.

SEE ALSO
       SSL_get_error(3), SSL_connect(3), SSL_accept(3), ssl(3), bio(3), SSL_set_connect_state(3)

POD ERRORS
       Hey! The above document had some coding errors, which are explained below:

       Around line 53:
           You have '=item 0' instead of the expected '=item 2'

       Around line 59:
           Expected '=item 3'



0.9.7l                                           2002-07-19                              SSL_do_handshake(3)