SSL_CTX_SET_QUIET_SHUTDOWN(3SSL) | OpenSSL | SSL_CTX_SET_QUIET_SHUTDOWN(3SSL) |
SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour
#include <openssl/ssl.h> void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); void SSL_set_quiet_shutdown(SSL *ssl, int mode); int SSL_get_quiet_shutdown(const SSL *ssl);
SSL_CTX_set_quiet_shutdown() sets the "quiet shutdown" flag for ctx to be mode. SSL objects created from ctx inherit the mode valid at the time SSL_new(3) is called. mode may be 0 or 1.
SSL_CTX_get_quiet_shutdown() returns the "quiet shutdown" setting of ctx.
SSL_set_quiet_shutdown() sets the "quiet shutdown" flag for ssl to be mode. The setting stays valid until ssl is removed with SSL_free(3) or SSL_set_quiet_shutdown() is called again. It is not changed when SSL_clear(3) is called. mode may be 0 or 1.
SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of ssl.
Normally when a SSL connection is finished, the parties must send out close_notify alert messages using SSL_shutdown(3) for a clean shutdown.
When setting the "quiet shutdown" flag to 1, SSL_shutdown(3) will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (SSL_shutdown(3) then behaves like SSL_set_shutdown(3) called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.
The default is normal shutdown behaviour as described by the TLS standard.
SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.
SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.
ssl(7), SSL_shutdown(3), SSL_set_shutdown(3), SSL_new(3), SSL_clear(3), SSL_free(3)
Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
2022-06-24 | 1.1.1n |