gsk_secure_socket_shutdown()
Shuts down a secure socket connection.
Format
#include <gskssl.h>
gsk_status gsk_secure_socket_shutdown (
gsk_handle soc_handle)
Parameters
- soc_handle
- Specifies the connection handle returned by the gsk_secure_socket_open() routine.
Results
- [GSK_CONNECTION_ACTIVE]
- The connection has an active write request.
- [GSK_ERR_CONNECTION_CLOSED]
- The close notification alert has already been sent.
- [GSK_ERR_IO]
- I/O error communicating with peer application.
- [GSK_ERR_NOT_SSLV3]
- The session is not using the SSL V3, TLS V1.0, or higher protocol.
- [GSK_ERR_SOCKET_CLOSED]
- Socket connection closed by peer application.
- [GSK_INVALID_HANDLE]
- The connection handle is not valid.
- [GSK_INVALID_STATE]
- The connection is not in the initialized state.
- [GSK_WOULD_BLOCK_WRITE]
- An attempt to write pending data failed with EWOULDBLOCK.
Usage
The gsk_secure_socket_shutdown() routine will send a close notification alert to the peer application. Any subsequent calls to the gsk_secure_socket_write() routine will return GSK_ERR_CONNECTION_CLOSED. The gsk_secure_socket_shutdown() routine cannot be used with the SSL V2 protocol.
The application should call gsk_secure_socket_shutdown() before calling gsk_secure_socket_close() in order to comply with the SSL V3, TLS V1.0, or higher specifications, which require that a close notification alert be sent before closing the transport connection.
For a 1-step shutdown, the application should call the gsk_secure_socket_shutdown() routine and then call the gsk_secure_socket_close() routine. This sends the close notification alert and then closes the secure socket connection. The application does not wait for acknowledgement from the peer application to the close notification.
For a 2-step shutdown, the application should call the gsk_secure_socket_shutdown() routine to send the close notification alert and then call the gsk_secure_socket_read() routine to process any pending data sent by the peer application. The SSL run time on the peer system will send a close notification alert when it receives the close notification alert from the local system. The gsk_secure_socket_read() routine will return GSK_ERR_CONNECTION_CLOSED when it receives this close notification. The application should then call the gsk_secure_socket_close() routine to close the secure socket connection.