|
Packit |
c4476c |
=pod
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NAME
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
SSL_CTX_add_session, SSL_CTX_remove_session - manipulate session cache
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SYNOPSIS
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
#include <openssl/ssl.h>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 DESCRIPTION
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
SSL_CTX_add_session() adds the session B<c> to the context B<ctx>. The
|
|
Packit |
c4476c |
reference count for session B<c> is incremented by 1. If a session with
|
|
Packit |
c4476c |
the same session id already exists, the old session is removed by calling
|
|
Packit |
c4476c |
L<SSL_SESSION_free(3)>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
SSL_CTX_remove_session() removes the session B<c> from the context B<ctx> and
|
|
Packit |
c4476c |
marks it as non-resumable. L<SSL_SESSION_free(3)> is called once for B<c>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NOTES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
When adding a new session to the internal session cache, it is examined
|
|
Packit |
c4476c |
whether a session with the same session id already exists. In this case
|
|
Packit |
c4476c |
it is assumed that both sessions are identical. If the same session is
|
|
Packit |
c4476c |
stored in a different SSL_SESSION object, The old session is
|
|
Packit |
c4476c |
removed and replaced by the new session. If the session is actually
|
|
Packit |
c4476c |
identical (the SSL_SESSION object is identical), SSL_CTX_add_session()
|
|
Packit |
c4476c |
is a no-op, and the return value is 0.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE
|
|
Packit |
c4476c |
flag then the internal cache will not be populated automatically by new
|
|
Packit |
c4476c |
sessions negotiated by the SSL/TLS implementation, even though the internal
|
|
Packit |
c4476c |
cache will be searched automatically for session-resume requests (the
|
|
Packit |
c4476c |
latter can be suppressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
|
|
Packit |
c4476c |
application can use SSL_CTX_add_session() directly to have full control
|
|
Packit |
c4476c |
over the sessions that can be resumed if desired.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 RETURN VALUES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The following values are returned by all functions:
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=over 4
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item Z<>0
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The operation failed. In case of the add operation, it was tried to add
|
|
Packit |
c4476c |
the same (identical) session twice. In case of the remove operation, the
|
|
Packit |
c4476c |
session was not found in the cache.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item Z<>1
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The operation succeeded.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=back
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SEE ALSO
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
L<ssl(7)>,
|
|
Packit |
c4476c |
L<SSL_CTX_set_session_cache_mode(3)>,
|
|
Packit |
c4476c |
L<SSL_SESSION_free(3)>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 COPYRIGHT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Licensed under the OpenSSL license (the "License"). You may not use
|
|
Packit |
c4476c |
this file except in compliance with the License. You can obtain a copy
|
|
Packit |
c4476c |
in the file LICENSE in the source distribution or at
|
|
Packit |
c4476c |
L<https://www.openssl.org/source/license.html>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=cut
|