HEX
Server: nginx/1.28.1
System: Linux 10-41-63-61 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /usr/local/openssl/man/man3/
Upload Files
File: //usr/local/openssl/man/man3/SSL_get_error.3
.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "SSL_get_error 3"
.TH SSL_get_error 3 2019-12-20 1.0.2u OpenSSL
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
SSL_get_error \- obtain result code for TLS/SSL I/O operation
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/ssl.h>
\&
\& int SSL_get_error(const SSL *ssl, int ret);
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
\&\fBSSL_get_error()\fR returns a result code (suitable for the C "switch"
statement) for a preceding call to \fBSSL_connect()\fR, \fBSSL_accept()\fR, \fBSSL_do_handshake()\fR,
\&\fBSSL_read()\fR, \fBSSL_peek()\fR, or \fBSSL_write()\fR on \fBssl\fR.  The value returned by
that TLS/SSL I/O function must be passed to \fBSSL_get_error()\fR in parameter
\&\fBret\fR.
.PP
In addition to \fBssl\fR and \fBret\fR, \fBSSL_get_error()\fR inspects the
current thread's OpenSSL error queue.  Thus, \fBSSL_get_error()\fR must be
used in the same thread that performed the TLS/SSL I/O operation, and no
other OpenSSL function calls should appear in between.  The current
thread's error queue must be empty before the TLS/SSL I/O operation is
attempted, or \fBSSL_get_error()\fR will not work reliably.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The following return values can currently occur:
.IP SSL_ERROR_NONE 4
.IX Item "SSL_ERROR_NONE"
The TLS/SSL I/O operation completed.  This result code is returned
if and only if \fBret > 0\fR.
.IP SSL_ERROR_ZERO_RETURN 4
.IX Item "SSL_ERROR_ZERO_RETURN"
The TLS/SSL connection has been closed.
If the protocol version is SSL 3.0 or higher, this result code is returned only
if a closure alert has occurred in the protocol, i.e. if the connection has been
closed cleanly.
Note that in this case \fBSSL_ERROR_ZERO_RETURN\fR does not necessarily
indicate that the underlying transport has been closed.
.IP "SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE" 4
.IX Item "SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE"
The operation did not complete; the same TLS/SSL I/O function should be
called again later.  If, by then, the underlying \fBBIO\fR has data
available for reading (if the result code is \fBSSL_ERROR_WANT_READ\fR)
or allows writing data (\fBSSL_ERROR_WANT_WRITE\fR), then some TLS/SSL
protocol progress will take place, i.e. at least part of an TLS/SSL
record will be read or written.  Note that the retry may again lead to
a \fBSSL_ERROR_WANT_READ\fR or \fBSSL_ERROR_WANT_WRITE\fR condition.
There is no fixed upper limit for the number of iterations that
may be necessary until progress becomes visible at application
protocol level.
.Sp
For socket \fBBIO\fRs (e.g. when \fBSSL_set_fd()\fR was used), \fBselect()\fR or
\&\fBpoll()\fR on the underlying socket can be used to find out when the
TLS/SSL I/O function should be retried.
.Sp
Caveat: Any TLS/SSL I/O function can lead to either of
\&\fBSSL_ERROR_WANT_READ\fR and \fBSSL_ERROR_WANT_WRITE\fR.  In particular,
\&\fBSSL_read()\fR or \fBSSL_peek()\fR may want to write data and \fBSSL_write()\fR may want
to read data.  This is mainly because TLS/SSL handshakes may occur at any
time during the protocol (initiated by either the client or the server);
\&\fBSSL_read()\fR, \fBSSL_peek()\fR, and \fBSSL_write()\fR will handle any pending handshakes.
.IP "SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT" 4
.IX Item "SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT"
The operation did not complete; the same TLS/SSL I/O function should be
called again later. The underlying BIO was not connected yet to the peer
and the call would block in \fBconnect()\fR/\fBaccept()\fR. The SSL function should be
called again when the connection is established. These messages can only
appear with a \fBBIO_s_connect()\fR or \fBBIO_s_accept()\fR BIO, respectively.
In order to find out, when the connection has been successfully established,
on many platforms \fBselect()\fR or \fBpoll()\fR for writing on the socket file descriptor
can be used.
.IP SSL_ERROR_WANT_X509_LOOKUP 4
.IX Item "SSL_ERROR_WANT_X509_LOOKUP"
The operation did not complete because an application callback set by
\&\fBSSL_CTX_set_client_cert_cb()\fR has asked to be called again.
The TLS/SSL I/O function should be called again later.
Details depend on the application.
.IP SSL_ERROR_SYSCALL 4
.IX Item "SSL_ERROR_SYSCALL"
Some non-recoverable, fatal I/O error occurred. The OpenSSL error queue may
contain more information on the error. For socket I/O on Unix systems, consult
\&\fBerrno\fR for details. If this error occurs then no further I/O operations should
be performed on the connection and \fBSSL_shutdown()\fR must not be called.
.IP SSL_ERROR_SSL 4
.IX Item "SSL_ERROR_SSL"
A non-recoverable, fatal error in the SSL library occurred, usually a protocol
error.  The OpenSSL error queue contains more information on the error. If this
error occurs then no further I/O operations should be performed on the
connection and \fBSSL_shutdown()\fR must not be called.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBssl\fR\|(3), \fBerr\fR\|(3)
.SH HISTORY
.IX Header "HISTORY"
\&\fBSSL_get_error()\fR was added in SSLeay 0.8.
@ Telegram