SSL_GET_STATE(3) Library Functions Manual SSL_GET_STATE(3)
NAME
SSL_get_state, SSL_state, SSL_in_accept_init, SSL_in_before, SSL_in_connect_init, SSL_in_init, SSL_is_init_finished — inspect the state of the SSL state machine
SYNOPSIS
#include <openssl/ssl.h>
int
SSL_get_state(const SSL *ssl);
int
SSL_state(const SSL *ssl);
int
SSL_in_accept_init(const SSL *ssl);
int
SSL_in_before(const SSL *ssl);
int
SSL_in_connect_init(const SSL *ssl);
int
SSL_in_init(const SSL *ssl);
int
SSL_is_init_finished(const SSL *ssl);
DESCRIPTION
SSL_get_state() returns an encoded representation of the current state of the SSL state machine. SSL_state() is a deprecated alias for SSL_get_state().
The following bits may be set:
SSL_ST_ACCEPT
This bit is set by SSL_accept(3) and by SSL_set_accept_state(3). It indicates that ssl is set up for server mode and no client initiated the TLS handshake yet. The function SSL_in_accept_init() returns non-zero if this bit is set or 0 otherwise.
SSL_ST_BEFORE
This bit is set by the SSL_accept(3), SSL_connect(3), SSL_set_accept_state(3), and SSL_set_connect_state(3) functions. It indicates that the TLS handshake was not initiated yet. The function SSL_in_before() returns non-zero if this bit is set or 0 otherwise.
SSL_ST_CONNECT
This bit is set by SSL_connect(3) and by SSL_set_connect_state(3). It indicates that ssl is set up for client mode and no TLS handshake was initiated yet. The function SSL_in_connect_init() returns non-zero if this bit is set or 0 otherwise.
The following masks can be used:
SSL_ST_INIT
Set if SSL_ST_ACCEPT or SSL_ST_CONNECT is set. The function SSL_in_init() returns a non-zero value if one of these is set or 0 otherwise.
SSL_ST_MASK
This mask includes all bits except SSL_ST_ACCEPT, SSL_ST_BEFORE, and SSL_ST_CONNECT.
SSL_ST_OK
The state is set to this value when a connection is established. The function SSL_is_init_finished() returns a non-zero value if the state equals this constant, or 0 otherwise.
SSL_ST_RENEGOTIATE
The program is about to renegotiate, for example when entering SSL_read(3) or SSL_write(3) right after SSL_renegotiate(3) was called.
The meaning of other bits is protocol-dependent. Application programs usually do not need to inspect any of those other bits.
All these functions may be implemented as macros.
SEE ALSO
ssl(3), SSL_renegotiate(3), SSL_set_connect_state(3)
HISTORY
SSL_is_init_finished() first appeared in SSLeay 0.4.5b. SSL_state() first appeared in SSLeay 0.5.2. SSL_in_accept_init(), SSL_in_connect_init(), and SSL_in_init() first appeared in SSLeay 0.6.0. SSL_in_before() first appeared in SSLeay 0.8.0. SSL_get_state() first appeared in SSLeay 0.9.0. All these functions have been available since OpenBSD 2.4. GNU June 12, 2019 SSL_GET_STATE(3)