1*2175Sjp161948=pod 2*2175Sjp161948 3*2175Sjp161948=head1 NAME 4*2175Sjp161948 5*2175Sjp161948SSL_get_session - retrieve TLS/SSL session data 6*2175Sjp161948 7*2175Sjp161948=head1 SYNOPSIS 8*2175Sjp161948 9*2175Sjp161948 #include <openssl/ssl.h> 10*2175Sjp161948 11*2175Sjp161948 SSL_SESSION *SSL_get_session(const SSL *ssl); 12*2175Sjp161948 SSL_SESSION *SSL_get0_session(const SSL *ssl); 13*2175Sjp161948 SSL_SESSION *SSL_get1_session(SSL *ssl); 14*2175Sjp161948 15*2175Sjp161948=head1 DESCRIPTION 16*2175Sjp161948 17*2175Sjp161948SSL_get_session() returns a pointer to the B<SSL_SESSION> actually used in 18*2175Sjp161948B<ssl>. The reference count of the B<SSL_SESSION> is not incremented, so 19*2175Sjp161948that the pointer can become invalid by other operations. 20*2175Sjp161948 21*2175Sjp161948SSL_get0_session() is the same as SSL_get_session(). 22*2175Sjp161948 23*2175Sjp161948SSL_get1_session() is the same as SSL_get_session(), but the reference 24*2175Sjp161948count of the B<SSL_SESSION> is incremented by one. 25*2175Sjp161948 26*2175Sjp161948=head1 NOTES 27*2175Sjp161948 28*2175Sjp161948The ssl session contains all information required to re-establish the 29*2175Sjp161948connection without a new handshake. 30*2175Sjp161948 31*2175Sjp161948SSL_get0_session() returns a pointer to the actual session. As the 32*2175Sjp161948reference counter is not incremented, the pointer is only valid while 33*2175Sjp161948the connection is in use. If L<SSL_clear(3)|SSL_clear(3)> or 34*2175Sjp161948L<SSL_free(3)|SSL_free(3)> is called, the session may be removed completely 35*2175Sjp161948(if considered bad), and the pointer obtained will become invalid. Even 36*2175Sjp161948if the session is valid, it can be removed at any time due to timeout 37*2175Sjp161948during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>. 38*2175Sjp161948 39*2175Sjp161948If the data is to be kept, SSL_get1_session() will increment the reference 40*2175Sjp161948count, so that the session will not be implicitly removed by other operations 41*2175Sjp161948but stays in memory. In order to remove the session 42*2175Sjp161948L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once 43*2175Sjp161948to decrement the reference count again. 44*2175Sjp161948 45*2175Sjp161948SSL_SESSION objects keep internal link information about the session cache 46*2175Sjp161948list, when being inserted into one SSL_CTX object's session cache. 47*2175Sjp161948One SSL_SESSION object, regardless of its reference count, must therefore 48*2175Sjp161948only be used with one SSL_CTX object (and the SSL objects created 49*2175Sjp161948from this SSL_CTX object). 50*2175Sjp161948 51*2175Sjp161948=head1 RETURN VALUES 52*2175Sjp161948 53*2175Sjp161948The following return values can occur: 54*2175Sjp161948 55*2175Sjp161948=over 4 56*2175Sjp161948 57*2175Sjp161948=item NULL 58*2175Sjp161948 59*2175Sjp161948There is no session available in B<ssl>. 60*2175Sjp161948 61*2175Sjp161948=item Pointer to an SSL 62*2175Sjp161948 63*2175Sjp161948The return value points to the data of an SSL session. 64*2175Sjp161948 65*2175Sjp161948=back 66*2175Sjp161948 67*2175Sjp161948=head1 SEE ALSO 68*2175Sjp161948 69*2175Sjp161948L<ssl(3)|ssl(3)>, L<SSL_free(3)|SSL_free(3)>, 70*2175Sjp161948L<SSL_clear(3)|SSL_clear(3)>, 71*2175Sjp161948L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> 72*2175Sjp161948 73*2175Sjp161948=cut 74