SSL_accept — wait for a TLS/SSL client to initiate a TLS/SSL handshake
SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL
handshake. The communication channel must already have been set
and assigned to the ssl by setting an underlying BIO.
The behaviour of SSL_accept() depends on the underlying BIO.
If the underlying BIO is blocking, SSL_accept() will only
return once the handshake has been finished or an error occurred,
except for SGC (Server Gated Cryptography). For SGC, SSL_accept()
may return with -1, but SSL_get_error() will yield SSL_ERROR_WANT_READ/WRITE
and SSL_accept() should be called again.
If the underlying BIO is non-blocking, SSL_accept() will also
return when the underlying BIO could not satisfy the needs of SSL_accept()
to continue the handshake, indicating the problem by the return
value -1. In this case a call to SSL_get_error() with the return
value of SSL_accept() will yield SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE.
The calling process then must repeat the call after taking appropriate
action to satisfy the needs of SSL_accept(). The action depends
on the underlying BIO. When using a non-blocking socket, nothing
is to be done, but select() can be used to check for the required
condition. When using a buffering BIO, like a BIO pair, data must
be written into or retrieved out of the BIO before being able to
The following return values can occur:
The TLS/SSL handshake was successfully completed, a TLS/SSL
connection has been established.
The TLS/SSL handshake was not successful but was shut down
controlled and by the specifications of the TLS/SSL protocol. Call
SSL_get_error() with the return value ret to find out the reason.
The TLS/SSL handshake was not successful because a fatal error
occurred either at the protocol level or a connection failure occurred.
The shutdown was not clean. It can also occur of action is need
to continue the operation for non-blocking BIOs. Call SSL_get_error()
with the return value ret to find out the reason.
SSL_get_error(3), SSL_connect(3), SSL_shutdown(3), ssl(3), bio(3), SSL_set_connect_state(3), SSL_do_handshake(3), SSL_CTX_new(3)