z/OS Cryptographic Services System SSL Programming
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


gsk_secure_socket_shutdown()

z/OS Cryptographic Services System SSL Programming
SC14-7495-00

Shuts down a secure socket connection.

Format

    #include <gskssl.h>

     gsk_status gsk_secure_socket_shutdown (    
                                             gsk_handle     soc_handle)

Parameters

soc_handle
Specifies the connection handle returned by the gsk_secure_socket_open() routine.

Results

The function return value will be 0 (GSK_OK) if no error is detected. Otherwise, it will be one of the return codes listed in the gskssl.h include file. These are some possible errors:
[GSK_CONNECTION_ACTIVE]
The connection has an active write request.
[GSK_ERR_CONNECTION_CLOSED]
The close notification alert has already been sent.
[GSK_ERR_IO]
I/O error communicating with peer application.
[GSK_ERR_NOT_SSLV3]
The session is not using the SSL V3, TLS V1.0, or higher protocol.
[GSK_ERR_SOCKET_CLOSED]
Socket connection closed by peer application.
[GSK_INVALID_HANDLE]
The connection handle is not valid.
[GSK_INVALID_STATE]
The connection is not in the initialized state.
[GSK_WOULD_BLOCK_WRITE]
An attempt to write pending data failed with EWOULDBLOCK.

Usage

The gsk_secure_socket_shutdown() routine will send a close notification alert to the peer application. Any subsequent calls to the gsk_secure_socket_write() routine will return GSK_ERR_CONNECTION_CLOSED. The gsk_secure_socket_shutdown() routine cannot be used with the SSL V2 protocol.

The application should call gsk_secure_socket_shutdown() before calling gsk_secure_socket_close() in order to comply with the SSL V3, TLS V1.0, or higher specifications, which require that a close notification alert be sent before closing the transport connection.

For a 1-step shutdown, the application should call the gsk_secure_socket_shutdown() routine and then call the gsk_secure_socket_close() routine. This sends the close notification alert and then closes the secure socket connection. The application does not wait for acknowledgement from the peer application to the close notification.

For a 2-step shutdown, the application should call the gsk_secure_socket_shutdown() routine to send the close notification alert and then call the gsk_secure_socket_read() routine to process any pending data sent by the peer application. The SSL run time on the peer system will send a close notification alert when it receives the close notification alert from the local system. The gsk_secure_socket_read() routine will return GSK_ERR_CONNECTION_CLOSED when it receives this close notification. The application should then call the gsk_secure_socket_close() routine to close the secure socket connection.

Related Topics

gsk_secure_socket_close()

gsk_secure_socket_open()

gsk_secure_socket_read()

gsk_secure_socket_write()

Parent topic: API reference

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014