SSL_set_fd, SSL_set_rfd, SSL_set_wfd - connect the SSL object with a file
descriptor
#include <openssl/ssl.h>
int SSL_set_fd(SSL *ssl, int fd);
int SSL_set_rfd(SSL *ssl, int fd);
int SSL_set_wfd(SSL *ssl, int fd);
SSL_set_fd() sets the file descriptor fd as the input/output
facility for the TLS/SSL (encrypted) side of ssl. fd will
typically be the socket file descriptor of a network connection.
When performing the operation, a socket BIO is
automatically created to interface between the ssl and fd. The
BIO and hence the SSL engine inherit the behaviour of fd. If
fd is nonblocking, the ssl will also have nonblocking
behaviour.
If there was already a BIO connected to ssl,
BIO_free() will be called (for both the reading and writing side, if
different).
SSL_set_rfd() and SSL_set_wfd() perform the
respective action, but only for the read channel or the write channel, which
can be set independently.
The following return values can occur:
- 0
- The operation failed. Check the error stack to find out why.
- 1
- The operation succeeded.
On Windows, a socket handle is a 64-bit data type (UINT_PTR), which leads to a
compiler warning (conversion from 'SOCKET' to 'int', possible loss of data)
when passing the socket handle to SSL_set_*fd(). For the time being,
this warning can safely be ignored, because although the Microsoft
documentation claims that the upper limit is INVALID_SOCKET-1 (2^64 - 2), in
practice the current socket() implementation returns an index into the
kernel handle table, the size of which is limited to 2^24.
SSL_get_fd(3), SSL_set_bio(3), SSL_connect(3),
SSL_accept(3), SSL_shutdown(3), ssl(7) , bio(7)
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License").
You may not use this file except in compliance with the License. You can
obtain a copy in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.