SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake
int SSL_accept(SSL *ssl);
waits for a TLS/SSL client to initiate the TLS/SSL
handshake. The communication channel must already have been set and assigned
to the ssl
by setting an underlying BIO
The behaviour of SSL_accept()
depends on the underlying BIO.
If the underlying BIO is blocking
will only return
once the handshake has been finished or an error occurred.
If the underlying BIO is non-blocking
return when the underlying BIO could not satisfy the needs of
to continue the handshake, indicating the problem by the
return value -1. In this case a call to SSL_get_error()
with the return
value of SSL_accept()
will yield SSL_ERROR_WANT_READ
. The calling process then must repeat the call
after taking appropriate action to satisfy the needs of SSL_accept()
The action depends on the underlying BIO. When using a non-blocking socket,
nothing is to be done, but select()
can be used to check for the
required condition. When using a buffering BIO, like a BIO pair, data must be
written into or retrieved out of the BIO before being able to continue.
The following return values can occur:
- The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error()
with the return value ret to find out the reason.
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has
- The TLS/SSL handshake was not successful because a fatal error occurred
either at the protocol level or a connection failure occurred. The
shutdown was not clean. It can also occur of action is need to continue
the operation for non-blocking BIOs. Call SSL_get_error() with the
return value ret to find out the reason.