libssl/man/SSL_get_session.3

*41ce3b17Snaddy.\"	$OpenBSD: SSL_get_session.3,v 1.8 2022/03/31 17:27:18 naddy Exp $
6fa237d3Sschwarze.\"	OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
f1a3c524Sschwarze.\"
6fa237d3Sschwarze.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>.
6fa237d3Sschwarze.\" Copyright (c) 2000, 2001, 2005, 2013, 2016 The OpenSSL Project.
6fa237d3Sschwarze.\" All rights reserved.
f1a3c524Sschwarze.\"
6fa237d3Sschwarze.\" Redistribution and use in source and binary forms, with or without
6fa237d3Sschwarze.\" modification, are permitted provided that the following conditions
6fa237d3Sschwarze.\" are met:
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 1. Redistributions of source code must retain the above copyright
6fa237d3Sschwarze.\"    notice, this list of conditions and the following disclaimer.
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 2. Redistributions in binary form must reproduce the above copyright
6fa237d3Sschwarze.\"    notice, this list of conditions and the following disclaimer in
6fa237d3Sschwarze.\"    the documentation and/or other materials provided with the
6fa237d3Sschwarze.\"    distribution.
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 3. All advertising materials mentioning features or use of this
6fa237d3Sschwarze.\"    software must display the following acknowledgment:
6fa237d3Sschwarze.\"    "This product includes software developed by the OpenSSL Project
6fa237d3Sschwarze.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
6fa237d3Sschwarze.\"    endorse or promote products derived from this software without
6fa237d3Sschwarze.\"    prior written permission. For written permission, please contact
6fa237d3Sschwarze.\"    openssl-core@openssl.org.
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 5. Products derived from this software may not be called "OpenSSL"
6fa237d3Sschwarze.\"    nor may "OpenSSL" appear in their names without prior written
6fa237d3Sschwarze.\"    permission of the OpenSSL Project.
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" 6. Redistributions of any form whatsoever must retain the following
6fa237d3Sschwarze.\"    acknowledgment:
6fa237d3Sschwarze.\"    "This product includes software developed by the OpenSSL Project
6fa237d3Sschwarze.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
6fa237d3Sschwarze.\"
6fa237d3Sschwarze.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
6fa237d3Sschwarze.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
6fa237d3Sschwarze.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
6fa237d3Sschwarze.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
6fa237d3Sschwarze.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
6fa237d3Sschwarze.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
6fa237d3Sschwarze.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
6fa237d3Sschwarze.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
6fa237d3Sschwarze.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
6fa237d3Sschwarze.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
6fa237d3Sschwarze.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
6fa237d3Sschwarze.\" OF THE POSSIBILITY OF SUCH DAMAGE.
6fa237d3Sschwarze.\"
*41ce3b17Snaddy.Dd $Mdocdate: March 31 2022 $
f1a3c524Sschwarze.Dt SSL_GET_SESSION 3
f1a3c524Sschwarze.Os
f1a3c524Sschwarze.Sh NAME
f1a3c524Sschwarze.Nm SSL_get_session ,
f1a3c524Sschwarze.Nm SSL_get0_session ,
f1a3c524Sschwarze.Nm SSL_get1_session
f1a3c524Sschwarze.Nd retrieve TLS/SSL session data
f1a3c524Sschwarze.Sh SYNOPSIS
f1a3c524Sschwarze.In openssl/ssl.h
f1a3c524Sschwarze.Ft SSL_SESSION *
f1a3c524Sschwarze.Fn SSL_get_session "const SSL *ssl"
f1a3c524Sschwarze.Ft SSL_SESSION *
f1a3c524Sschwarze.Fn SSL_get0_session "const SSL *ssl"
f1a3c524Sschwarze.Ft SSL_SESSION *
f1a3c524Sschwarze.Fn SSL_get1_session "SSL *ssl"
f1a3c524Sschwarze.Sh DESCRIPTION
f1a3c524Sschwarze.Fn SSL_get_session
f1a3c524Sschwarzereturns a pointer to the
f1a3c524Sschwarze.Vt SSL_SESSION
f1a3c524Sschwarzeactually used in
f1a3c524Sschwarze.Fa ssl .
f1a3c524SschwarzeThe reference count of the
f1a3c524Sschwarze.Vt SSL_SESSION
f1a3c524Sschwarzeis not incremented, so that the pointer can become invalid by other operations.
f1a3c524Sschwarze.Pp
f1a3c524Sschwarze.Fn SSL_get0_session
f1a3c524Sschwarzeis the same as
f1a3c524Sschwarze.Fn SSL_get_session .
f1a3c524Sschwarze.Pp
f1a3c524Sschwarze.Fn SSL_get1_session
f1a3c524Sschwarzeis the same as
f1a3c524Sschwarze.Fn SSL_get_session ,
f1a3c524Sschwarzebut the reference count of the
f1a3c524Sschwarze.Vt SSL_SESSION
f1a3c524Sschwarzeis incremented by one.
6fa237d3Sschwarze.Pp
f1a3c524SschwarzeThe
6fa237d3Sschwarze.Fa ssl
f1a3c524Sschwarzesession contains all information required to re-establish the connection
f1a3c524Sschwarzewithout a new handshake.
f1a3c524Sschwarze.Pp
f1a3c524Sschwarze.Fn SSL_get0_session
f1a3c524Sschwarzereturns a pointer to the actual session.
f1a3c524SschwarzeAs the reference counter is not incremented,
f1a3c524Sschwarzethe pointer is only valid while the connection is in use.
f1a3c524SschwarzeIf
f1a3c524Sschwarze.Xr SSL_clear 3
f1a3c524Sschwarzeor
f1a3c524Sschwarze.Xr SSL_free 3
f1a3c524Sschwarzeis called, the session may be removed completely (if considered bad),
f1a3c524Sschwarzeand the pointer obtained will become invalid.
f1a3c524SschwarzeEven if the session is valid,
f1a3c524Sschwarzeit can be removed at any time due to timeout during
f1a3c524Sschwarze.Xr SSL_CTX_flush_sessions 3 .
f1a3c524Sschwarze.Pp
f1a3c524SschwarzeIf the data is to be kept,
f1a3c524Sschwarze.Fn SSL_get1_session
f1a3c524Sschwarzewill increment the reference count, so that the session will not be implicitly
f1a3c524Sschwarzeremoved by other operations but stays in memory.
*41ce3b17SnaddyIn order to remove the session,
f1a3c524Sschwarze.Xr SSL_SESSION_free 3
f1a3c524Sschwarzemust be explicitly called once to decrement the reference count again.
f1a3c524Sschwarze.Pp
f1a3c524Sschwarze.Vt SSL_SESSION
f1a3c524Sschwarzeobjects keep internal link information about the session cache list when being
f1a3c524Sschwarzeinserted into one
f1a3c524Sschwarze.Vt SSL_CTX
f1a3c524Sschwarzeobject's session cache.
f1a3c524SschwarzeOne
f1a3c524Sschwarze.Vt SSL_SESSION
f1a3c524Sschwarzeobject, regardless of its reference count, must therefore only be used with one
f1a3c524Sschwarze.Vt SSL_CTX
f1a3c524Sschwarzeobject (and the
f1a3c524Sschwarze.Vt SSL
f1a3c524Sschwarzeobjects created from this
f1a3c524Sschwarze.Vt SSL_CTX
f1a3c524Sschwarzeobject).
f1a3c524Sschwarze.Sh RETURN VALUES
f1a3c524SschwarzeThe following return values can occur:
f1a3c524Sschwarze.Bl -tag -width Ds
f1a3c524Sschwarze.It Dv NULL
f1a3c524SschwarzeThere is no session available in
f1a3c524Sschwarze.Fa ssl .
6fa237d3Sschwarze.It Pointer to an Vt SSL_SESSION
f1a3c524SschwarzeThe return value points to the data of an
f1a3c524Sschwarze.Vt SSL
f1a3c524Sschwarzesession.
f1a3c524Sschwarze.El
f1a3c524Sschwarze.Sh SEE ALSO
f1a3c524Sschwarze.Xr ssl 3 ,
f1a3c524Sschwarze.Xr SSL_clear 3 ,
f1a3c524Sschwarze.Xr SSL_free 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_free 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_get0_peer 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_get_compress_id 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_get_id 3 ,
81636af2Sschwarze.Xr SSL_SESSION_get_protocol_version 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_get_time 3 ,
a1e5cce1Sschwarze.Xr SSL_SESSION_new 3 ,
81636af2Sschwarze.Xr SSL_SESSION_print 3 ,
81636af2Sschwarze.Xr SSL_set_session 3
8fba1ec8Sschwarze.Sh HISTORY
8fba1ec8Sschwarze.Fn SSL_get_session
10e00d17Sschwarzefirst appeared in SSLeay 0.5.2 and has been available since
8fba1ec8Sschwarze.Ox 2.4 .
1c77d1feSschwarze.Pp
1c77d1feSschwarze.Fn SSL_get0_session
1c77d1feSschwarzeand
1c77d1feSschwarze.Fn SSL_get1_session
1c77d1feSschwarzefirst appeared in OpenSSL 0.9.5 and have been available since
1c77d1feSschwarze.Ox 2.7 .