xref: /onnv-gate/usr/src/common/openssl/doc/ssl/SSL_CTX_set_timeout.pod (revision 2175:b0b2f052a486) 
1*2175Sjp161948=pod
2*2175Sjp161948
3*2175Sjp161948=head1 NAME
4*2175Sjp161948
5*2175Sjp161948SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching
6*2175Sjp161948
7*2175Sjp161948=head1 SYNOPSIS
8*2175Sjp161948
9*2175Sjp161948 #include <openssl/ssl.h>
10*2175Sjp161948
11*2175Sjp161948 long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
12*2175Sjp161948 long SSL_CTX_get_timeout(SSL_CTX *ctx);
13*2175Sjp161948
14*2175Sjp161948=head1 DESCRIPTION
15*2175Sjp161948
16*2175Sjp161948SSL_CTX_set_timeout() sets the timeout for newly created sessions for
17*2175Sjp161948B<ctx> to B<t>. The timeout value B<t> must be given in seconds.
18*2175Sjp161948
19*2175Sjp161948SSL_CTX_get_timeout() returns the currently set timeout value for B<ctx>.
20*2175Sjp161948
21*2175Sjp161948=head1 NOTES
22*2175Sjp161948
23*2175Sjp161948Whenever a new session is created, it is assigned a maximum lifetime. This
24*2175Sjp161948lifetime is specified by storing the creation time of the session and the
25*2175Sjp161948timeout value valid at this time. If the actual time is later than creation
26*2175Sjp161948time plus timeout, the session is not reused.
27*2175Sjp161948
28*2175Sjp161948Due to this realization, all sessions behave according to the timeout value
29*2175Sjp161948valid at the time of the session negotiation. Changes of the timeout value
30*2175Sjp161948do not affect already established sessions.
31*2175Sjp161948
32*2175Sjp161948The expiration time of a single session can be modified using the
33*2175Sjp161948L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)> family of functions.
34*2175Sjp161948
35*2175Sjp161948Expired sessions are removed from the internal session cache, whenever
36*2175Sjp161948L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> is called, either
37*2175Sjp161948directly by the application or automatically (see
38*2175Sjp161948L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
39*2175Sjp161948
40*2175Sjp161948The default value for session timeout is decided on a per protocol
41*2175Sjp161948basis, see L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>.
42*2175Sjp161948All currently supported protocols have the same default timeout value
43*2175Sjp161948of 300 seconds.
44*2175Sjp161948
45*2175Sjp161948=head1 RETURN VALUES
46*2175Sjp161948
47*2175Sjp161948SSL_CTX_set_timeout() returns the previously set timeout value.
48*2175Sjp161948
49*2175Sjp161948SSL_CTX_get_timeout() returns the currently set timeout value.
50*2175Sjp161948
51*2175Sjp161948=head1 SEE ALSO
52*2175Sjp161948
53*2175Sjp161948L<ssl(3)|ssl(3)>,
54*2175Sjp161948L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
55*2175Sjp161948L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
56*2175Sjp161948L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
57*2175Sjp161948L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
58*2175Sjp161948
59*2175Sjp161948=cut
60