mirror of https://github.com/openssl/openssl.git
91 lines
3.1 KiB
Plaintext
91 lines
3.1 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
SSL_tick - advance asynchronous state machine and perform network I/O
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
int SSL_tick(SSL *ssl);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
SSL_tick() performs any internal processing which is due on a SSL object. The
|
|
exact operations performed by SSL_tick() vary depending on what kind of protocol
|
|
is being used with the given SSL object. For example, SSL_tick() may handle
|
|
timeout events which have become due, or may attempt, to the extent currently
|
|
possible, to perform network I/O operations on one of the BIOs underlying the
|
|
SSL object.
|
|
|
|
The primary use case for SSL_tick() is to allow an application which uses
|
|
OpenSSL in nonblocking mode to give OpenSSL an opportunity to handle timer
|
|
events, or to respond to the availability of new data to be read from an
|
|
underlying BIO, or to respond to the opportunity to write pending data to an
|
|
underlying BIO.
|
|
|
|
SSL_tick() can be used only with the following types of SSL object:
|
|
|
|
=over 4
|
|
|
|
=item DTLS SSL objects
|
|
|
|
Using SSL_tick() on an SSL object being used with a DTLS method allows timeout
|
|
events to be handled properly. This is equivalent to a call to
|
|
DTLSv1_handle_timeout(). Since SSL_tick() handles a superset of the use cases of
|
|
DTLSv1_handle_timeout(), it should be preferred for new applications which do
|
|
not require support for OpenSSL 3.1 or older.
|
|
|
|
=item QUIC connection SSL objects
|
|
|
|
Using SSL_tick() on an SSL object which represents a QUIC connection allows
|
|
timeout events to be handled properly, as well as incoming network data to be
|
|
processed, and queued outgoing network data to be written, if the underlying BIO
|
|
has the capacity to accept it.
|
|
|
|
Ordinarily, when an application uses an SSL object in blocking mode, it does not
|
|
need to call SSL_tick() because OpenSSL performs ticking internally on an
|
|
automatic basis. However, if an application uses a QUIC connection in
|
|
nonblocking mode, it must at a minimum ensure that SSL_tick() is called
|
|
periodically to allow timeout events to be handled. An application can
|
|
find out when it next needs to call SSL_tick() for this purpose (if at all) by
|
|
calling SSL_get_tick_timeout().
|
|
|
|
Calling SSL_tick() on a QUIC connection SSL object being used in blocking mode
|
|
is not necessary unless no I/O calls (such as SSL_read() or SSL_write()) will be
|
|
made to the object for a substantial period of time. So long as at least one
|
|
call to the SSL object is blocking, no such call is needed. However, SSL_tick()
|
|
may optionally be used on a QUIC connection object if desired.
|
|
|
|
=begin comment
|
|
|
|
TODO(QUIC): Update the above paragraph once we support thread assisted mode.
|
|
|
|
=end comment
|
|
|
|
=back
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
Returns 1 on success and 0 on failure.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<SSL_get_tick_timeout(3)>, L<ssl(7)>
|
|
|
|
=head1 HISTORY
|
|
|
|
The SSL_tick() function was added in OpenSSL 3.2.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|