1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_shutdown - shut down a TLS/SSL connection 6e71b7053SJung-uk Kim 7e71b7053SJung-uk Kim=head1 SYNOPSIS 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim #include <openssl/ssl.h> 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim int SSL_shutdown(SSL *ssl); 12e71b7053SJung-uk Kim 13e71b7053SJung-uk Kim=head1 DESCRIPTION 14e71b7053SJung-uk Kim 15e71b7053SJung-uk KimSSL_shutdown() shuts down an active TLS/SSL connection. It sends the 16*c9cf7b5cSJung-uk Kimclose_notify shutdown alert to the peer. 17e71b7053SJung-uk Kim 18e71b7053SJung-uk Kim=head1 NOTES 19e71b7053SJung-uk Kim 20*c9cf7b5cSJung-uk KimSSL_shutdown() tries to send the close_notify shutdown alert to the peer. 21e71b7053SJung-uk KimWhether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and 22e71b7053SJung-uk Kima currently open session is considered closed and good and will be kept in the 23e71b7053SJung-uk Kimsession cache for further reuse. 24e71b7053SJung-uk Kim 25*c9cf7b5cSJung-uk KimThe shutdown procedure consists of two steps: sending of the close_notify 26*c9cf7b5cSJung-uk Kimshutdown alert, and reception of the peer's close_notify shutdown alert. 27*c9cf7b5cSJung-uk KimThe order of those two steps depends on the application. 28e71b7053SJung-uk Kim 29*c9cf7b5cSJung-uk KimIt is acceptable for an application to only send its shutdown alert and 30*c9cf7b5cSJung-uk Kimthen close the underlying connection without waiting for the peer's response. 31*c9cf7b5cSJung-uk KimThis way resources can be saved, as the process can already terminate or 32*c9cf7b5cSJung-uk Kimserve another connection. 33*c9cf7b5cSJung-uk KimThis should only be done when it is known that the other side will not send more 34*c9cf7b5cSJung-uk Kimdata, otherwise there is a risk of a truncation attack. 35*c9cf7b5cSJung-uk Kim 36*c9cf7b5cSJung-uk KimWhen a client only writes and never reads from the connection, and the server 37*c9cf7b5cSJung-uk Kimhas sent a session ticket to establish a session, the client might not be able 38*c9cf7b5cSJung-uk Kimto resume the session because it did not received and process the session ticket 39*c9cf7b5cSJung-uk Kimfrom the server. 40*c9cf7b5cSJung-uk KimIn case the application wants to be able to resume the session, it is recommended to 41*c9cf7b5cSJung-uk Kimdo a complete shutdown procedure (bidirectional close_notify alerts). 42*c9cf7b5cSJung-uk Kim 43*c9cf7b5cSJung-uk KimWhen the underlying connection shall be used for more communications, the 44*c9cf7b5cSJung-uk Kimcomplete shutdown procedure must be performed, so that the peers stay 45*c9cf7b5cSJung-uk Kimsynchronized. 46e71b7053SJung-uk Kim 47e71b7053SJung-uk KimSSL_shutdown() only closes the write direction. 48e71b7053SJung-uk KimIt is not possible to call SSL_write() after calling SSL_shutdown(). 49e71b7053SJung-uk KimThe read direction is closed by the peer. 50e71b7053SJung-uk Kim 51e71b7053SJung-uk Kim=head2 First to close the connection 52e71b7053SJung-uk Kim 53*c9cf7b5cSJung-uk KimWhen the application is the first party to send the close_notify 54e71b7053SJung-uk Kimalert, SSL_shutdown() will only send the alert and then set the 55e71b7053SJung-uk KimSSL_SENT_SHUTDOWN flag (so that the session is considered good and will 56e71b7053SJung-uk Kimbe kept in the cache). 57*c9cf7b5cSJung-uk KimIf successful, SSL_shutdown() will return 0. 58*c9cf7b5cSJung-uk Kim 59e71b7053SJung-uk KimIf a unidirectional shutdown is enough (the underlying connection shall be 60*c9cf7b5cSJung-uk Kimclosed anyway), this first successful call to SSL_shutdown() is sufficient. 61e71b7053SJung-uk Kim 62e71b7053SJung-uk KimIn order to complete the bidirectional shutdown handshake, the peer needs 63*c9cf7b5cSJung-uk Kimto send back a close_notify alert. 64e71b7053SJung-uk KimThe SSL_RECEIVED_SHUTDOWN flag will be set after receiving and processing 65e71b7053SJung-uk Kimit. 66e71b7053SJung-uk Kim 67*c9cf7b5cSJung-uk KimThe peer is still allowed to send data after receiving the close_notify 68e71b7053SJung-uk Kimevent. 69*c9cf7b5cSJung-uk KimWhen it is done sending data, it will send the close_notify alert. 70*c9cf7b5cSJung-uk KimSSL_read() should be called until all data is received. 71e71b7053SJung-uk KimSSL_read() will indicate the end of the peer data by returning <= 0 72e71b7053SJung-uk Kimand SSL_get_error() returning SSL_ERROR_ZERO_RETURN. 73e71b7053SJung-uk Kim 74e71b7053SJung-uk Kim=head2 Peer closes the connection 75e71b7053SJung-uk Kim 76*c9cf7b5cSJung-uk KimIf the peer already sent the close_notify alert B<and> it was 77e71b7053SJung-uk Kimalready processed implicitly inside another function 78e71b7053SJung-uk Kim(L<SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set. 79e71b7053SJung-uk KimSSL_read() will return <= 0 in that case, and SSL_get_error() will return 80e71b7053SJung-uk KimSSL_ERROR_ZERO_RETURN. 81*c9cf7b5cSJung-uk KimSSL_shutdown() will send the close_notify alert, set the SSL_SENT_SHUTDOWN 82*c9cf7b5cSJung-uk Kimflag. 83*c9cf7b5cSJung-uk KimIf successful, SSL_shutdown() will return 1. 84*c9cf7b5cSJung-uk Kim 85e71b7053SJung-uk KimWhether SSL_RECEIVED_SHUTDOWN is already set can be checked using the 86e71b7053SJung-uk KimSSL_get_shutdown() (see also L<SSL_set_shutdown(3)> call. 87e71b7053SJung-uk Kim 88e71b7053SJung-uk Kim=head1 NOTES 89e71b7053SJung-uk Kim 90e71b7053SJung-uk KimThe behaviour of SSL_shutdown() additionally depends on the underlying BIO. 91e71b7053SJung-uk KimIf the underlying BIO is B<blocking>, SSL_shutdown() will only return once the 92e71b7053SJung-uk Kimhandshake step has been finished or an error occurred. 93e71b7053SJung-uk Kim 94e71b7053SJung-uk KimIf the underlying BIO is B<non-blocking>, SSL_shutdown() will also return 95e71b7053SJung-uk Kimwhen the underlying BIO could not satisfy the needs of SSL_shutdown() 96e71b7053SJung-uk Kimto continue the handshake. In this case a call to SSL_get_error() with the 97e71b7053SJung-uk Kimreturn value of SSL_shutdown() will yield B<SSL_ERROR_WANT_READ> or 98e71b7053SJung-uk KimB<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after 99e71b7053SJung-uk Kimtaking appropriate action to satisfy the needs of SSL_shutdown(). 100e71b7053SJung-uk KimThe action depends on the underlying BIO. When using a non-blocking socket, 101e71b7053SJung-uk Kimnothing is to be done, but select() can be used to check for the required 102e71b7053SJung-uk Kimcondition. When using a buffering BIO, like a BIO pair, data must be written 103e71b7053SJung-uk Kiminto or retrieved out of the BIO before being able to continue. 104e71b7053SJung-uk Kim 105*c9cf7b5cSJung-uk KimAfter SSL_shutdown() returned 0, it is possible to call SSL_shutdown() again 106*c9cf7b5cSJung-uk Kimto wait for the peer's close_notify alert. 107*c9cf7b5cSJung-uk KimSSL_shutdown() will return 1 in that case. 108*c9cf7b5cSJung-uk KimHowever, it is recommended to wait for it using SSL_read() instead. 109*c9cf7b5cSJung-uk Kim 110e71b7053SJung-uk KimSSL_shutdown() can be modified to only set the connection to "shutdown" 111*c9cf7b5cSJung-uk Kimstate but not actually send the close_notify alert messages, 112e71b7053SJung-uk Kimsee L<SSL_CTX_set_quiet_shutdown(3)>. 113e71b7053SJung-uk KimWhen "quiet shutdown" is enabled, SSL_shutdown() will always succeed 114e71b7053SJung-uk Kimand return 1. 115e71b7053SJung-uk Kim 116e71b7053SJung-uk Kim=head1 RETURN VALUES 117e71b7053SJung-uk Kim 118e71b7053SJung-uk KimThe following return values can occur: 119e71b7053SJung-uk Kim 120e71b7053SJung-uk Kim=over 4 121e71b7053SJung-uk Kim 122e71b7053SJung-uk Kim=item Z<>0 123e71b7053SJung-uk Kim 124*c9cf7b5cSJung-uk KimThe shutdown is not yet finished: the close_notify was sent but the peer 125e71b7053SJung-uk Kimdid not send it back yet. 126*c9cf7b5cSJung-uk KimCall SSL_read() to do a bidirectional shutdown. 127e71b7053SJung-uk KimThe output of L<SSL_get_error(3)> may be misleading, as an 128e71b7053SJung-uk Kimerroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. 129e71b7053SJung-uk Kim 130e71b7053SJung-uk Kim=item Z<>1 131e71b7053SJung-uk Kim 132*c9cf7b5cSJung-uk KimThe shutdown was successfully completed. The close_notify alert was sent 133*c9cf7b5cSJung-uk Kimand the peer's close_notify alert was received. 134e71b7053SJung-uk Kim 135e71b7053SJung-uk Kim=item E<lt>0 136e71b7053SJung-uk Kim 137e71b7053SJung-uk KimThe shutdown was not successful. 138e71b7053SJung-uk KimCall L<SSL_get_error(3)> with the return value B<ret> to find out the reason. 139e71b7053SJung-uk KimIt can occur if an action is needed to continue the operation for non-blocking 140e71b7053SJung-uk KimBIOs. 141e71b7053SJung-uk Kim 142e71b7053SJung-uk KimIt can also occur when not all data was read using SSL_read(). 143e71b7053SJung-uk Kim 144e71b7053SJung-uk Kim=back 145e71b7053SJung-uk Kim 146e71b7053SJung-uk Kim=head1 SEE ALSO 147e71b7053SJung-uk Kim 148e71b7053SJung-uk KimL<SSL_get_error(3)>, L<SSL_connect(3)>, 149e71b7053SJung-uk KimL<SSL_accept(3)>, L<SSL_set_shutdown(3)>, 150e71b7053SJung-uk KimL<SSL_CTX_set_quiet_shutdown(3)>, 151e71b7053SJung-uk KimL<SSL_clear(3)>, L<SSL_free(3)>, 152e71b7053SJung-uk KimL<ssl(7)>, L<bio(7)> 153e71b7053SJung-uk Kim 154e71b7053SJung-uk Kim=head1 COPYRIGHT 155e71b7053SJung-uk Kim 156e71b7053SJung-uk KimCopyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. 157e71b7053SJung-uk Kim 158e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 159e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 160e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 161e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 162e71b7053SJung-uk Kim 163e71b7053SJung-uk Kim=cut 164