SSL_clear(3) - NetBSD Manual Pages

Command: Section: Arch: Collection:   
SSL_clear(3)                        OpenSSL                       SSL_clear(3)




NAME

       SSL_clear - reset SSL object to allow another connection


LIBRARY

       libcrypto, -lcrypto


SYNOPSIS

        #include <openssl/ssl.h>

        int SSL_clear(SSL *ssl);


DESCRIPTION

       Reset ssl to allow another connection. All settings (method, ciphers,
       BIOs) are kept.


NOTES

       SSL_clear is used to prepare an SSL object for a new connection. While
       all settings are kept, a side effect is the handling of the current SSL
       session.  If a session is still open, it is considered bad and will be
       removed from the session cache, as required by RFC2246. A session is
       considered open, if SSL_shutdown(3) was not called for the connection
       or at least SSL_set_shutdown(3) was used to set the SSL_SENT_SHUTDOWN
       state.

       If a session was closed cleanly, the session object will be kept and
       all settings corresponding. This explicitly means, that e.g. the spe-
       cial method used during the session will be kept for the next hand-
       shake. So if the session was a TLSv1 session, a SSL client object will
       use a TLSv1 client method for the next handshake and a SSL server
       object will use a TLSv1 server method, even if SSLv23_*_methods were
       chosen on startup. This will might lead to connection failures (see
       SSL_new(3)) for a description of the method's properties.


WARNINGS

       SSL_clear() resets the SSL object to allow for another connection. The
       reset operation however keeps several settings of the last sessions
       (some of these settings were made automatically during the last hand-
       shake). It only makes sense when opening a new session (or reusing an
       old one) with the same peer that shares these settings.  SSL_clear() is
       not a short form for the sequence SSL_free(3); SSL_new(3); .


RETURN VALUES

       The following return values can occur:

       0   The SSL_clear() operation could not be performed. Check the error
           stack to find out the reason.

       1   The SSL_clear() operation was successful.

       SSL_new(3), SSL_free(3), SSL_shutdown(3), SSL_set_shutdown(3),
       SSL_CTX_set_options(3), ssl(3), SSL_CTX_set_client_cert_cb(3)



0.9.8e                            2002-06-09                      SSL_clear(3)
Powered by man-cgi (2024-03-20). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.