1*2175Sjp161948=pod 2*2175Sjp161948 3*2175Sjp161948=head1 NAME 4*2175Sjp161948 5*2175Sjp161948SSL_clear - reset SSL object to allow another connection 6*2175Sjp161948 7*2175Sjp161948=head1 SYNOPSIS 8*2175Sjp161948 9*2175Sjp161948 #include <openssl/ssl.h> 10*2175Sjp161948 11*2175Sjp161948 int SSL_clear(SSL *ssl); 12*2175Sjp161948 13*2175Sjp161948=head1 DESCRIPTION 14*2175Sjp161948 15*2175Sjp161948Reset B<ssl> to allow another connection. All settings (method, ciphers, 16*2175Sjp161948BIOs) are kept. 17*2175Sjp161948 18*2175Sjp161948=head1 NOTES 19*2175Sjp161948 20*2175Sjp161948SSL_clear is used to prepare an SSL object for a new connection. While all 21*2175Sjp161948settings are kept, a side effect is the handling of the current SSL session. 22*2175Sjp161948If a session is still B<open>, it is considered bad and will be removed 23*2175Sjp161948from the session cache, as required by RFC2246. A session is considered open, 24*2175Sjp161948if L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection 25*2175Sjp161948or at least L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was used to 26*2175Sjp161948set the SSL_SENT_SHUTDOWN state. 27*2175Sjp161948 28*2175Sjp161948If a session was closed cleanly, the session object will be kept and all 29*2175Sjp161948settings corresponding. This explicitly means, that e.g. the special method 30*2175Sjp161948used during the session will be kept for the next handshake. So if the 31*2175Sjp161948session was a TLSv1 session, a SSL client object will use a TLSv1 client 32*2175Sjp161948method for the next handshake and a SSL server object will use a TLSv1 33*2175Sjp161948server method, even if SSLv23_*_methods were chosen on startup. This 34*2175Sjp161948will might lead to connection failures (see L<SSL_new(3)|SSL_new(3)>) 35*2175Sjp161948for a description of the method's properties. 36*2175Sjp161948 37*2175Sjp161948=head1 WARNINGS 38*2175Sjp161948 39*2175Sjp161948SSL_clear() resets the SSL object to allow for another connection. The 40*2175Sjp161948reset operation however keeps several settings of the last sessions 41*2175Sjp161948(some of these settings were made automatically during the last 42*2175Sjp161948handshake). It only makes sense when opening a new session (or reusing 43*2175Sjp161948an old one) with the same peer that shares these settings. 44*2175Sjp161948SSL_clear() is not a short form for the sequence 45*2175Sjp161948L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>; . 46*2175Sjp161948 47*2175Sjp161948=head1 RETURN VALUES 48*2175Sjp161948 49*2175Sjp161948The following return values can occur: 50*2175Sjp161948 51*2175Sjp161948=over 4 52*2175Sjp161948 53*2175Sjp161948=item 0 54*2175Sjp161948 55*2175Sjp161948The SSL_clear() operation could not be performed. Check the error stack to 56*2175Sjp161948find out the reason. 57*2175Sjp161948 58*2175Sjp161948=item 1 59*2175Sjp161948 60*2175Sjp161948The SSL_clear() operation was successful. 61*2175Sjp161948 62*2175Sjp161948=back 63*2175Sjp161948 64*2175Sjp161948L<SSL_new(3)|SSL_new(3)>, L<SSL_free(3)|SSL_free(3)>, 65*2175Sjp161948L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, 66*2175Sjp161948L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, L<ssl(3)|ssl(3)>, 67*2175Sjp161948L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)> 68*2175Sjp161948 69*2175Sjp161948=cut 70