SSL_CTX_sess_set_get_cb(3)
- NetBSD Manual Pages
SSL_CTX_sess_set_get_cb(3) OpenSSL SSL_CTX_sess_set_get_cb(3)
NAME
SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb,
SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb,
SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - pro-
vide callback functions for server side external session
caching
LIBRARY
libcrypto, -lcrypto
SYNOPSIS
#include <openssl/ssl.h>
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
int (*new_session_cb)(SSL *, SSL_SESSION *));
void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *));
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *data, int len, int *copy);
int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
int len, int *copy);
DESCRIPTION
SSL_CTX_sess_set_new_cb() sets the callback function,
which is automatically called whenever a new session was
negotiated.
SSL_CTX_sess_set_remove_cb() sets the callback function,
which is automatically called whenever a session is
removed by the SSL engine, because it is considered faulty
or the session has become obsolete because of exceeding
the timeout value.
SSL_CTX_sess_set_get_cb() sets the callback function which
is called, whenever a SSL/TLS client proposed to resume a
session but the session could not be found in the internal
session cache (see SSL_CTX_set_session_cache_mode(3)).
(SSL/TLS server only.)
SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(),
and SSL_CTX_sess_get_get_cb() allow to retrieve the func-
tion pointers of the provided callback functions. If a
callback function has not been set, the NULL pointer is
returned.
2002-07-31 0.9.6g 1
SSL_CTX_sess_set_get_cb(3) OpenSSL SSL_CTX_sess_set_get_cb(3)
NOTES
In order to allow external session caching, synchroniza-
tion with the internal session cache is realized via call-
back functions. Inside these callback functions, session
can be saved to disk or put into a database using the
d2i_SSL_SESSION(3) interface.
The new_session_cb() is called, whenever a new session has
been negotiated and session caching is enabled (see
SSL_CTX_set_session_cache_mode(3)). The new_session_cb()
is passed the ssl connection and the ssl session sess. If
the callback returns 0, the session will be immediately
removed again.
The remove_session_cb() is called, whenever the SSL engine
removes a session from the internal cache. This happens if
the session is removed because it is expired or when a
connection was not shutdown cleanly. The remove_ses-
sion_cb() is passed the ctx and the ssl session sess. It
does not provide any feedback.
The get_session_cb() is only called on SSL/TLS servers
with the session id proposed by the client. The get_ses-
sion_cb() is always called, also when session caching was
disabled. The get_session_cb() is passed the ssl connec-
tion, the session id of length length at the memory loca-
tion data. With the parameter copy the callback can
require the SSL engine to increment the reference count of
the SSL_SESSION object, Normally the reference count is
not incremented and therefore the session must not be
explicitly freed with SSL_SESSION_free(3).
SEE ALSO
ssl(3), d2i_SSL_SESSION(3), SSL_CTX_set_session_cache_mode(3)
, SSL_CTX_flush_sessions(3), SSL_SESSION_free(3)
2002-07-31 0.9.6g 2
Powered by man-cgi (2024-03-20).
Maintained for NetBSD
by Kimmo Suominen.
Based on man-cgi by Panagiotis Christias.