blob: 91e17350f993891f94af5e1490a6045564cb08b2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
.Dd $Mdocdate: October 12 2014 $
.Dt SSL_CTX_SET_QUIET_SHUTDOWN 3
.Os
.Sh NAME
.Nm SSL_CTX_set_quiet_shutdown ,
.Nm SSL_CTX_get_quiet_shutdown ,
.Nm SSL_set_quiet_shutdown ,
.Nm SSL_get_quiet_shutdown
.Nd manipulate shutdown behaviour
.Sh SYNOPSIS
.In openssl/ssl.h
.Ft void
.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode"
.Ft int
.Fn SSL_CTX_get_quiet_shutdown "const SSL_CTX *ctx"
.Ft void
.Fn SSL_set_quiet_shutdown "SSL *ssl" "int mode"
.Ft int
.Fn SSL_get_quiet_shutdown "const SSL *ssl"
.Sh DESCRIPTION
.Fn SSL_CTX_set_quiet_shutdown
sets the
.Dq quiet shutdown
flag for
.Fa ctx
to be
.Fa mode .
.Vt SSL
objects created from
.Fa ctx
inherit the
.Fa mode
valid at the time
.Xr SSL_new 3
is called.
.Fa mode
may be 0 or 1.
.Pp
.Fn SSL_CTX_get_quiet_shutdown
returns the
.Dq quiet shutdown
setting of
.Fa ctx .
.Pp
.Fn SSL_set_quiet_shutdown
sets the
.Dq quiet shutdown
flag for
.Fa ssl
to be
.Fa mode .
The setting stays valid until
.Fa ssl
is removed with
.Xr SSL_free 3
or
.Fn SSL_set_quiet_shutdown
is called again.
It is not changed when
.Xr SSL_clear 3
is called.
.Fa mode
may be 0 or 1.
.Pp
.Fn SSL_get_quiet_shutdown
returns the
.Dq quiet shutdown
setting of
.Fa ssl .
.Sh NOTES
Normally when a SSL connection is finished, the parties must send out
.Dq close notify
alert messages using
.Xr SSL_shutdown 3
for a clean shutdown.
.Pp
When setting the
.Dq quiet shutdown
flag to 1,
.Xr SSL_shutdown 3
will set the internal flags to
.Dv SSL_SENT_SHUTDOWN Ns
.Pf |
.Dv SSL_RECEIVED_SHUTDOWN .
.Po
.Xr SSL_shutdown 3
then behaves like
.Xr SSL_set_shutdown 3
called with
.Dv SSL_SENT_SHUTDOWN Ns
.Pf |
.Dv SSL_RECEIVED_SHUTDOWN .
.Pc
The session is thus considered to be shut down, but no
.Dq close notify
alert is sent to the peer.
This behaviour violates the TLS standard.
.Pp
The default is normal shutdown behaviour as described by the TLS standard.
.Sh RETURN VALUES
.Fn SSL_CTX_set_quiet_shutdown
and
.Fn SSL_set_quiet_shutdown
do not return diagnostic information.
.Pp
.Fn SSL_CTX_get_quiet_shutdown
and
.Fn SSL_get_quiet_shutdown
return the current setting.
.Sh SEE ALSO
.Xr ssl 3 ,
.Xr SSL_clear 3 ,
.Xr SSL_free 3 ,
.Xr SSL_new 3 ,
.Xr SSL_set_shutdown 3 ,
.Xr SSL_shutdown 3
|
