NAME
SSL_get_state,
SSL_state,
SSL_in_accept_init,
SSL_in_before,
SSL_in_connect_init,
SSL_in_init,
SSL_is_init_finished —
inspect the state of the SSL state
machine
SYNOPSIS
#include
<openssl/ssl.h>
int
SSL_get_state(const SSL
*ssl);
int
SSL_state(const SSL *ssl);
int
SSL_in_accept_init(const SSL
*ssl);
int
SSL_in_before(const SSL
*ssl);
int
SSL_in_connect_init(const SSL
*ssl);
int
SSL_in_init(const SSL *ssl);
int
SSL_is_init_finished(const SSL
*ssl);
DESCRIPTION
SSL_get_state()
returns an encoded representation of the current state of the SSL state
machine.
SSL_state()
is a deprecated alias for SSL_get_state().
The following bits may be set:
SSL_ST_ACCEPT- This bit is set by
SSL_accept(3) and by
SSL_set_accept_state(3). It indicates that
ssl is set up for server mode and no client
initiated the TLS handshake yet. The function
SSL_in_accept_init() returns non-zero if this bit is set or 0 otherwise. SSL_ST_BEFORE- This bit is set by the
SSL_accept(3),
SSL_connect(3),
SSL_set_accept_state(3), and
SSL_set_connect_state(3) functions. It indicates that the
TLS handshake was not initiated yet. The function
SSL_in_before() returns non-zero if this bit is set or 0 otherwise. SSL_ST_CONNECT- This bit is set by
SSL_connect(3) and by
SSL_set_connect_state(3). It indicates that
ssl is set up for client mode and no TLS handshake
was initiated yet. The function
SSL_in_connect_init() returns non-zero if this bit is set or 0 otherwise.
The following masks can be used:
SSL_ST_INIT- Set if
SSL_ST_ACCEPTorSSL_ST_CONNECTis set. The functionSSL_in_init() returns a non-zero value if one of these is set or 0 otherwise. SSL_ST_MASK- This mask includes all bits except
SSL_ST_ACCEPT,SSL_ST_BEFORE, andSSL_ST_CONNECT. SSL_ST_OK- The state is set to this value when a connection is established. The
function
SSL_is_init_finished() returns a non-zero value if the state equals this constant, or 0 otherwise. SSL_ST_RENEGOTIATE- The program is about to renegotiate, for example when entering SSL_read(3) or SSL_write(3) right after SSL_renegotiate(3) was called.
The meaning of other bits is protocol-dependent. Application programs usually do not need to inspect any of those other bits.
All these functions may be implemented as macros.
SEE ALSO
HISTORY
SSL_is_init_finished() first appeared in
SSLeay 0.4.5b. SSL_state() first appeared in SSLeay
0.5.2. SSL_in_accept_init(),
SSL_in_connect_init(), and
SSL_in_init() first appeared in SSLeay 0.6.0.
SSL_in_before() first appeared in SSLeay 0.8.0.
SSL_get_state() first appeared in SSLeay 0.9.0. All
these functions have been available since OpenBSD
2.4.