source-git / gnutls

Clone
Source Code
GIT

Blame doc/functions/gnutls_session_get_data2

c8 c8s master
  1.   c8s
  2.   doc
  3.   functions
  4.   gnutls_session_get_data2
Blob History Raw
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
@deftypefun {int} {gnutls_session_get_data2} (gnutls_session_t @var{session}, gnutls_datum_t * @var{data})
Packit Service 4684c1 
@var{session}: is a @code{gnutls_session_t}  type.
Packit Service 4684c1
Packit Service 4684c1 
@var{data}: is a pointer to a datum that will hold the session.
Packit Service 4684c1
Packit Service 4684c1 
Returns necessary parameters to support resumption. The client
Packit Service 4684c1 
should call this function and store the returned session data. A session
Packit Service 4684c1 
can be resumed later by calling @code{gnutls_session_set_data()}  with the returned
Packit Service 4684c1 
data. Note that under TLS 1.3, it is recommended for clients to use
Packit Service 4684c1 
session parameters only once, to prevent passive-observers from correlating
Packit Service 4684c1 
the different connections.
Packit Service 4684c1
Packit Service 4684c1 
The returned  @code{data} are allocated and must be released using @code{gnutls_free()} .
Packit Service 4684c1
Packit Service 4684c1 
This function will fail if called prior to handshake completion. In
Packit Service 4684c1 
case of false start TLS, the handshake completes only after data have
Packit Service 4684c1 
been successfully received from the peer.
Packit Service 4684c1
Packit Service 4684c1 
Under TLS1.3 session resumption is possible only after a session ticket
Packit Service 4684c1 
is received by the client. To ensure that such a ticket has been received use
Packit Service 4684c1 
@code{gnutls_session_get_flags()}  and check for flag @code{GNUTLS_SFLAGS_SESSION_TICKET} ;
Packit Service 4684c1 
if this flag is not set, this function will wait for a new ticket within
Packit Service 4684c1 
an estimated rountrip, and if not received will return dummy data which
Packit Service 4684c1 
cannot lead to resumption.
Packit Service 4684c1
Packit Service 4684c1 
To get notified when new tickets are received by the server
Packit Service 4684c1 
use @code{gnutls_handshake_set_hook_function()}  to wait for @code{GNUTLS_HANDSHAKE_NEW_SESSION_TICKET}
Packit Service 4684c1 
messages. Each call of @code{gnutls_session_get_data2()}  after a ticket is
Packit Service 4684c1 
received, will return session resumption data corresponding to the last
Packit Service 4684c1 
received ticket.
Packit Service 4684c1
Packit Service 4684c1 
Note that this function under TLS1.3 requires a callback to be set with
Packit Service 4684c1 
@code{gnutls_transport_set_pull_timeout_function()}  for successful operation. There
Packit Service 4684c1 
was a bug before 3.6.10 which could make this function fail if that callback
Packit Service 4684c1 
was not set. On later versions if not set, the function will return a successful
Packit Service 4684c1 
error code, but will return dummy data that cannot lead to a resumption.
Packit Service 4684c1
Packit Service 4684c1 
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS}  (0) is returned, otherwise
Packit Service 4684c1 
an error code is returned.
Packit Service 4684c1 
@end deftypefun

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation