xref: /onnv-gate/usr/src/common/openssl/doc/ssl/SSL_get_session.pod (revision 2175:b0b2f052a486)
1*2175Sjp161948=pod
2*2175Sjp161948
3*2175Sjp161948=head1 NAME
4*2175Sjp161948
5*2175Sjp161948SSL_get_session - retrieve TLS/SSL session data
6*2175Sjp161948
7*2175Sjp161948=head1 SYNOPSIS
8*2175Sjp161948
9*2175Sjp161948 #include <openssl/ssl.h>
10*2175Sjp161948
11*2175Sjp161948 SSL_SESSION *SSL_get_session(const SSL *ssl);
12*2175Sjp161948 SSL_SESSION *SSL_get0_session(const SSL *ssl);
13*2175Sjp161948 SSL_SESSION *SSL_get1_session(SSL *ssl);
14*2175Sjp161948
15*2175Sjp161948=head1 DESCRIPTION
16*2175Sjp161948
17*2175Sjp161948SSL_get_session() returns a pointer to the B<SSL_SESSION> actually used in
18*2175Sjp161948B<ssl>. The reference count of the B<SSL_SESSION> is not incremented, so
19*2175Sjp161948that the pointer can become invalid by other operations.
20*2175Sjp161948
21*2175Sjp161948SSL_get0_session() is the same as SSL_get_session().
22*2175Sjp161948
23*2175Sjp161948SSL_get1_session() is the same as SSL_get_session(), but the reference
24*2175Sjp161948count of the B<SSL_SESSION> is incremented by one.
25*2175Sjp161948
26*2175Sjp161948=head1 NOTES
27*2175Sjp161948
28*2175Sjp161948The ssl session contains all information required to re-establish the
29*2175Sjp161948connection without a new handshake.
30*2175Sjp161948
31*2175Sjp161948SSL_get0_session() returns a pointer to the actual session. As the
32*2175Sjp161948reference counter is not incremented, the pointer is only valid while
33*2175Sjp161948the connection is in use. If L<SSL_clear(3)|SSL_clear(3)> or
34*2175Sjp161948L<SSL_free(3)|SSL_free(3)> is called, the session may be removed completely
35*2175Sjp161948(if considered bad), and the pointer obtained will become invalid. Even
36*2175Sjp161948if the session is valid, it can be removed at any time due to timeout
37*2175Sjp161948during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
38*2175Sjp161948
39*2175Sjp161948If the data is to be kept, SSL_get1_session() will increment the reference
40*2175Sjp161948count, so that the session will not be implicitly removed by other operations
41*2175Sjp161948but stays in memory. In order to remove the session
42*2175Sjp161948L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
43*2175Sjp161948to decrement the reference count again.
44*2175Sjp161948
45*2175Sjp161948SSL_SESSION objects keep internal link information about the session cache
46*2175Sjp161948list, when being inserted into one SSL_CTX object's session cache.
47*2175Sjp161948One SSL_SESSION object, regardless of its reference count, must therefore
48*2175Sjp161948only be used with one SSL_CTX object (and the SSL objects created
49*2175Sjp161948from this SSL_CTX object).
50*2175Sjp161948
51*2175Sjp161948=head1 RETURN VALUES
52*2175Sjp161948
53*2175Sjp161948The following return values can occur:
54*2175Sjp161948
55*2175Sjp161948=over 4
56*2175Sjp161948
57*2175Sjp161948=item NULL
58*2175Sjp161948
59*2175Sjp161948There is no session available in B<ssl>.
60*2175Sjp161948
61*2175Sjp161948=item Pointer to an SSL
62*2175Sjp161948
63*2175Sjp161948The return value points to the data of an SSL session.
64*2175Sjp161948
65*2175Sjp161948=back
66*2175Sjp161948
67*2175Sjp161948=head1 SEE ALSO
68*2175Sjp161948
69*2175Sjp161948L<ssl(3)|ssl(3)>, L<SSL_free(3)|SSL_free(3)>,
70*2175Sjp161948L<SSL_clear(3)|SSL_clear(3)>,
71*2175Sjp161948L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
72*2175Sjp161948
73*2175Sjp161948=cut
74