113d40330Schristos=pod 213d40330Schristos 313d40330Schristos=head1 NAME 413d40330Schristos 513d40330SchristosSSL_clear - reset SSL object to allow another connection 613d40330Schristos 713d40330Schristos=head1 SYNOPSIS 813d40330Schristos 913d40330Schristos #include <openssl/ssl.h> 1013d40330Schristos 1113d40330Schristos int SSL_clear(SSL *ssl); 1213d40330Schristos 1313d40330Schristos=head1 DESCRIPTION 1413d40330Schristos 1513d40330SchristosReset B<ssl> to allow another connection. All settings (method, ciphers, 1613d40330SchristosBIOs) are kept. 1713d40330Schristos 1813d40330Schristos=head1 NOTES 1913d40330Schristos 2013d40330SchristosSSL_clear is used to prepare an SSL object for a new connection. While all 2113d40330Schristossettings are kept, a side effect is the handling of the current SSL session. 2213d40330SchristosIf a session is still B<open>, it is considered bad and will be removed 2313d40330Schristosfrom the session cache, as required by RFC2246. A session is considered open, 2413d40330Schristosif L<SSL_shutdown(3)> was not called for the connection 2513d40330Schristosor at least L<SSL_set_shutdown(3)> was used to 2613d40330Schristosset the SSL_SENT_SHUTDOWN state. 2713d40330Schristos 2813d40330SchristosIf a session was closed cleanly, the session object will be kept and all 2913d40330Schristossettings corresponding. This explicitly means, that e.g. the special method 3013d40330Schristosused during the session will be kept for the next handshake. So if the 3113d40330Schristossession was a TLSv1 session, a SSL client object will use a TLSv1 client 3213d40330Schristosmethod for the next handshake and a SSL server object will use a TLSv1 3313d40330Schristosserver method, even if TLS_*_methods were chosen on startup. This 3413d40330Schristoswill might lead to connection failures (see L<SSL_new(3)>) 3513d40330Schristosfor a description of the method's properties. 3613d40330Schristos 3713d40330Schristos=head1 WARNINGS 3813d40330Schristos 3913d40330SchristosSSL_clear() resets the SSL object to allow for another connection. The 4013d40330Schristosreset operation however keeps several settings of the last sessions 4113d40330Schristos(some of these settings were made automatically during the last 4213d40330Schristoshandshake). It only makes sense for a new connection with the exact 4313d40330Schristossame peer that shares these settings, and may fail if that peer 4413d40330Schristoschanges its settings between connections. Use the sequence 4513d40330SchristosL<SSL_get_session(3)>; 4613d40330SchristosL<SSL_new(3)>; 4713d40330SchristosL<SSL_set_session(3)>; 4813d40330SchristosL<SSL_free(3)> 4913d40330Schristosinstead to avoid such failures 5013d40330Schristos(or simply L<SSL_free(3)>; L<SSL_new(3)> 5113d40330Schristosif session reuse is not desired). 5213d40330Schristos 5313d40330Schristos=head1 RETURN VALUES 5413d40330Schristos 5513d40330SchristosThe following return values can occur: 5613d40330Schristos 5713d40330Schristos=over 4 5813d40330Schristos 5913d40330Schristos=item Z<>0 6013d40330Schristos 6113d40330SchristosThe SSL_clear() operation could not be performed. Check the error stack to 6213d40330Schristosfind out the reason. 6313d40330Schristos 6413d40330Schristos=item Z<>1 6513d40330Schristos 6613d40330SchristosThe SSL_clear() operation was successful. 6713d40330Schristos 6813d40330Schristos=back 6913d40330Schristos 7013d40330SchristosL<SSL_new(3)>, L<SSL_free(3)>, 7113d40330SchristosL<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>, 7213d40330SchristosL<SSL_CTX_set_options(3)>, L<ssl(7)>, 7313d40330SchristosL<SSL_CTX_set_client_cert_cb(3)> 7413d40330Schristos 7513d40330Schristos=head1 COPYRIGHT 7613d40330Schristos 7713d40330SchristosCopyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. 7813d40330Schristos 79*b0d17251SchristosLicensed under the Apache License 2.0 (the "License"). You may not use 8013d40330Schristosthis file except in compliance with the License. You can obtain a copy 8113d40330Schristosin the file LICENSE in the source distribution or at 8213d40330SchristosL<https://www.openssl.org/source/license.html>. 8313d40330Schristos 8413d40330Schristos=cut 85