mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 06:21:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
14ca1b6f46
openssl/doc/man3/SSL_tick.pod
Hugo Landau 8ccc567ef0 QUIC CSM: Tweak docs for tick functions, add DTLSv1 docs 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:36 +00:00

102 lines
3.6 KiB
Plaintext
Raw Blame History

=pod
=head1 NAME
SSL_tick - advance asynchronous state machine and perform network I/O
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_tick(SSL *ssl);
=head1 DESCRIPTION
SSL_tick() performs any internal processing which is due on a SSL object. The
exact operations performed by SSL_tick() vary depending on what kind of protocol
is being used with the given SSL object. For example, SSL_tick() may handle
timeout events which have become due, or may attempt, to the extent currently
possible, to perform network I/O operations on one of the BIOs underlying the
SSL object.
The primary use case for SSL_tick() is to allow an application which uses
OpenSSL in nonblocking mode to give OpenSSL an opportunity to handle timer
events, or to respond to the availability of new data to be read from an
underlying BIO, or to respond to the opportunity to write pending data to an
underlying BIO.
SSL_tick() can be used only with the following types of SSL object:
=over 4
=item DTLS SSL objects
Using SSL_tick() on an SSL object being used with a DTLS method allows timeout
events to be handled properly. This is equivalent to a call to
L<DTLSv1_handle_timeout(3)>. Since SSL_tick() handles a superset of the use
cases of L<DTLSv1_handle_timeout(3)>, it should be preferred for new
applications which do not require support for OpenSSL 3.1 or older.
When using DTLS, an application must call SSL_tick() as indicated by calls to
L<SSL_get_tick_timeout(3)>; ticking is not performed automatically by calls to
other SSL functions such as L<SSL_read(3)> or L<SSL_write(3)>. Note that this is
different to QUIC which also performs ticking implicitly; see below.
=item QUIC connection SSL objects
Using SSL_tick() on an SSL object which represents a QUIC connection allows
timeout events to be handled properly, as well as incoming network data to be
processed, and queued outgoing network data to be written, if the underlying BIO
has the capacity to accept it.
Ordinarily, when an application uses an SSL object in blocking mode, it does not
need to call SSL_tick() because OpenSSL performs ticking internally on an
automatic basis. However, if an application uses a QUIC connection in
nonblocking mode, it must at a minimum ensure that SSL_tick() is called
periodically to allow timeout events to be handled. An application can find out
when it next needs to call SSL_tick() for this purpose (if at all) by calling
L<SSL_get_tick_timeout(3)>.
Calling SSL_tick() on a QUIC connection SSL object being used in blocking mode
is not necessary unless no I/O calls (such as L<SSL_read(3)> or L<SSL_write(3)>)
will be made to the object for a substantial period of time. So long as at least
one call to the SSL object is blocking, no such call is needed. However,
SSL_tick() may optionally be used on a QUIC connection object if desired.
=begin comment
TODO(QUIC): Update the above paragraph once we support thread assisted mode.
=end comment
=back
Calling SSL_tick() on any other kind of SSL object is a no-op. This is
considered a success case.
Note that SSL_tick() supersedes the older L<DTLSv1_handle_timeout(3)> function
for all use cases.
=head1 RETURN VALUES
Returns 1 on success and 0 on failure.
=head1 SEE ALSO
L<SSL_get_tick_timeout(3)>, L<DTLSv1_handle_timeout(3)>, L<ssl(7)>
=head1 HISTORY
The SSL_tick() function was added in OpenSSL 3.2.
=head1 COPYRIGHT
Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink