plucky (3) SSL_handle_events.3ssl.gz
NAME
SSL_handle_events - advance asynchronous state machine and perform network I/O
SYNOPSIS
#include <openssl/ssl.h>
int SSL_handle_events(SSL *ssl);
DESCRIPTION
SSL_handle_events() performs any internal processing which is due on a SSL object. The exact operations
performed by SSL_handle_events() vary depending on what kind of protocol is being used with the given SSL
object. For example, SSL_handle_events() may handle timeout events which have become due, or may attempt,
to the extent currently possible, to perform network I/O operations on one of the BIOs underlying the SSL
object.
The primary use case for SSL_handle_events() is to allow an application which uses OpenSSL in nonblocking
mode to give OpenSSL an opportunity to handle timer events, or to respond to the availability of new data
to be read from an underlying BIO, or to respond to the opportunity to write pending data to an
underlying BIO.
SSL_handle_events() can be used only with the following types of SSL object:
DTLS SSL objects
Using SSL_handle_events() on an SSL object being used with a DTLS method allows timeout events to be
handled properly. This is equivalent to a call to DTLSv1_handle_timeout(3). Since SSL_handle_events()
handles a superset of the use cases of DTLSv1_handle_timeout(3), it should be preferred for new
applications which do not require support for OpenSSL 3.1 or older.
When using DTLS, an application must call SSL_handle_events() as indicated by calls to
SSL_get_event_timeout(3); event handling is not performed automatically by calls to other SSL
functions such as SSL_read(3) or SSL_write(3). Note that this is different to QUIC which also
performs event handling implicitly; see below.
QUIC connection SSL objects
Using SSL_handle_events() on an SSL object which represents a QUIC connection allows timeout events
to be handled properly, as well as incoming network data to be processed, and queued outgoing network
data to be written, if the underlying BIO has the capacity to accept it.
Ordinarily, when an application uses an SSL object in blocking mode, it does not need to call
SSL_handle_events() because OpenSSL performs ticking internally on an automatic basis. However, if an
application uses a QUIC connection in nonblocking mode, it must at a minimum ensure that
SSL_handle_events() is called periodically to allow timeout events to be handled. An application can
find out when it next needs to call SSL_handle_events() for this purpose (if at all) by calling
SSL_get_event_timeout(3).
Calling SSL_handle_events() on a QUIC connection SSL object being used in blocking mode is not
necessary unless no I/O calls (such as SSL_read(3) or SSL_write(3)) will be made to the object for a
substantial period of time. So long as at least one call to the SSL object is blocking, no such call
is needed. However, SSL_handle_events() may optionally be used on a QUIC connection object if
desired.
With the thread-assisted mode of operation OSSL_QUIC_client_thread_method(3) it is unnecessary to
call SSL_handle_events() as the assist thread handles the QUIC connection events.
Calling SSL_handle_events() on any other kind of SSL object is a no-op. This is considered a success
case.
Note that SSL_handle_events() supersedes the older DTLSv1_handle_timeout(3) function for all use cases.
RETURN VALUES
Returns 1 on success and 0 on failure.
SEE ALSO
SSL_get_event_timeout(3), DTLSv1_handle_timeout(3), ssl(7)
HISTORY
The SSL_handle_events() function was added in OpenSSL 3.2.
COPYRIGHT
Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance
with the License. You can obtain a copy in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.