SSL_shutdown.3 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man3/SSL

Lines Matching +full:application +full:- +full:specific
1 .\" -*- mode: troff; coding: utf-8 -*-
58 .TH SSL_SHUTDOWN 3ossl 2025-09-30 3.5.4 OpenSSL
64 SSL_shutdown, SSL_shutdown_ex \- shut down a TLS/SSL or QUIC connection
85 \&\fBSSL_shutdown_ex()\fR is an extended version of \fBSSL_shutdown()\fR. If non-NULL, \fIargs\fR
88 zero-initialized. If \fIargs\fR is NULL, the behaviour is the same as passing a
89 zero-initialised \fBSSL_SHUTDOWN_EX_ARGS\fR structure. Currently, all extended
107 .SH "TLS AND DTLS-SPECIFIC CONSIDERATIONS"
108 .IX Header "TLS AND DTLS-SPECIFIC CONSIDERATIONS"
118 shutdown process was first initiated by the local application or by the peer.
119 .SS "Locally-Initiated Shutdown"
120 .IX Subsection "Locally-Initiated Shutdown"
131 application's shutdown indication.
135 .SS "Remotely-Initiated Shutdown"
136 .IX Subsection "Remotely-Initiated Shutdown"
138 close_notify alert message, an application will be notified of this as an EOF
141 return \fBSSL_ERROR_ZERO_RETURN\fR), after all application data sent by the peer
142 prior to initiating the shutdown has been read. An application should handle
145 application data using \fBSSL_write\fR\|(3) before doing so. If an application does
164 An application can then detect completion of the shutdown process by calling
172 peer's close_notify alert is still provided to the application. It also ensures
173 any final handshake-layer messages received are processed (for example, messages
178 it is called when the application has not read all pending application data
189 Alternatively, it is acceptable for an application to call \fBSSL_shutdown()\fR once
192 if the application does not wish to wait for the peer.
196 application exposing itself to a truncation attack. The full \fBSSL_shutdown()\fR
224 This is not standards-compliant behaviour. It should only be done when the
225 application protocol in use enables the peer to ensure that all data has been
227 application data may be truncated unexpectedly.
228 .SS "Non-Compliant Peers"
229 .IX Subsection "Non-Compliant Peers"
238 Note that use of this option means that the EOF condition for application data
239 does not receive cryptographic protection, and therefore renders an application
241 used in conjunction with an application protocol which indicates unambiguously
245 that no more data is going to be sent. This requires an application protocol
249 If a client application only writes to an SSL/TLS or DTLS connection and never
252 peer during calls to \fBSSL_read\fR\|(3) by the application.
259 .SH "QUIC-SPECIFIC SHUTDOWN CONSIDERATIONS"
260 .IX Header "QUIC-SPECIFIC SHUTDOWN CONSIDERATIONS"
265 normally, see \fBSSL_stream_conclude\fR\|(3); to perform a non-normal stream
268 \&\fBSSL_shutdown_ex()\fR may be used instead of \fBSSL_shutdown()\fR by an application to
273 An optional 62\-bit application error code to be signalled to the peer. The value
274 must be in the range [0, 2**62\-1], else the call to \fBSSL_shutdown_ex()\fR fails. If
278 An optional zero-terminated (UTF\-8) reason string to be signalled to the peer.
279 The application is responsible for providing a valid UTF\-8 string and OpenSSL
281 used, a zero-length string is used as the reason. If provided, the reason string
288 be used for application signalling.
298 Note that when using QUIC, an application must call \fBSSL_shutdown()\fR if it wants
301 responsibility of the operating system. If an application calls \fBSSL_free()\fR on a
303 \&\fBSSL_shutdown()\fR, data which was written by the application using \fBSSL_write()\fR, but
309 whether during connection usage or during shutdown. If an application is not
310 using thread assisted mode, an application conducting shutdown should either
312 \&\fBSSL_handle_events()\fR is called regularly. See \fBopenssl\-quic\fR\|(7) and
314 .SS "Application Data Drainage Behaviour"
315 .IX Subsection "Application Data Drainage Behaviour"
317 data written to a stream by an application has been acknowledged by the peer. In
319 application has been sent to the peer, and until the receipt of all such data is
323 An exception to this is streams which terminated in a non-normal fashion, for
324 example due to a stream reset; only streams which are non-terminated at the time
331 be transmitted to the peer. This flag may be used when a non-normal application
341 RFC-compliant QUIC connection closure process could take of the order of
342 seconds. This may be unsuitable for some applications, such as short-lived
343 processes which need to exit immediately after completing an application-layer
371 performed, otherwise an RFC-compliant shutdown is performed.
373 If an application calls \fBSSL_shutdown_ex()\fR with \fBSSL_SHUTDOWN_FLAG_RAPID\fR, an
374 application can subsequently change its mind about performing a rapid shutdown
376 .SS "Peer-Initiated Shutdown"
377 .IX Subsection "Peer-Initiated Shutdown"
378 In some cases, an application may wish to wait for a shutdown initiated by the
445 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.