DOKK / manpages / debian 11 / libssl-doc / SSL_CTX_set_quiet_shutdown.3ssl.en
SSL_CTX_SET_QUIET_SHUTDOWN(3SSL) OpenSSL SSL_CTX_SET_QUIET_SHUTDOWN(3SSL)

SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour

 #include <openssl/ssl.h>
 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
 void SSL_set_quiet_shutdown(SSL *ssl, int mode);
 int SSL_get_quiet_shutdown(const SSL *ssl);

SSL_CTX_set_quiet_shutdown() sets the "quiet shutdown" flag for ctx to be mode. SSL objects created from ctx inherit the mode valid at the time SSL_new(3) is called. mode may be 0 or 1.

SSL_CTX_get_quiet_shutdown() returns the "quiet shutdown" setting of ctx.

SSL_set_quiet_shutdown() sets the "quiet shutdown" flag for ssl to be mode. The setting stays valid until ssl is removed with SSL_free(3) or SSL_set_quiet_shutdown() is called again. It is not changed when SSL_clear(3) is called. mode may be 0 or 1.

SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of ssl.

Normally when a SSL connection is finished, the parties must send out close_notify alert messages using SSL_shutdown(3) for a clean shutdown.

When setting the "quiet shutdown" flag to 1, SSL_shutdown(3) will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN. (SSL_shutdown(3) then behaves like SSL_set_shutdown(3) called with SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.) The session is thus considered to be shutdown, but no close_notify alert is sent to the peer. This behaviour violates the TLS standard.

The default is normal shutdown behaviour as described by the TLS standard.

SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return diagnostic information.

SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current setting.

ssl(7), SSL_shutdown(3), SSL_set_shutdown(3), SSL_new(3), SSL_clear(3), SSL_free(3)

Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

2023-09-13 1.1.1w