1.\" $OpenBSD: SSL_get_session.3,v 1.8 2022/03/31 17:27:18 naddy Exp $ 2.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 3.\" 4.\" This file was written by Lutz Jaenicke <jaenicke@openssl.org>. 5.\" Copyright (c) 2000, 2001, 2005, 2013, 2016 The OpenSSL Project. 6.\" All rights reserved. 7.\" 8.\" Redistribution and use in source and binary forms, with or without 9.\" modification, are permitted provided that the following conditions 10.\" are met: 11.\" 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in 17.\" the documentation and/or other materials provided with the 18.\" distribution. 19.\" 20.\" 3. All advertising materials mentioning features or use of this 21.\" software must display the following acknowledgment: 22.\" "This product includes software developed by the OpenSSL Project 23.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 24.\" 25.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26.\" endorse or promote products derived from this software without 27.\" prior written permission. For written permission, please contact 28.\" openssl-core@openssl.org. 29.\" 30.\" 5. Products derived from this software may not be called "OpenSSL" 31.\" nor may "OpenSSL" appear in their names without prior written 32.\" permission of the OpenSSL Project. 33.\" 34.\" 6. Redistributions of any form whatsoever must retain the following 35.\" acknowledgment: 36.\" "This product includes software developed by the OpenSSL Project 37.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" 38.\" 39.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" 52.Dd $Mdocdate: March 31 2022 $ 53.Dt SSL_GET_SESSION 3 54.Os 55.Sh NAME 56.Nm SSL_get_session , 57.Nm SSL_get0_session , 58.Nm SSL_get1_session 59.Nd retrieve TLS/SSL session data 60.Sh SYNOPSIS 61.In openssl/ssl.h 62.Ft SSL_SESSION * 63.Fn SSL_get_session "const SSL *ssl" 64.Ft SSL_SESSION * 65.Fn SSL_get0_session "const SSL *ssl" 66.Ft SSL_SESSION * 67.Fn SSL_get1_session "SSL *ssl" 68.Sh DESCRIPTION 69.Fn SSL_get_session 70returns a pointer to the 71.Vt SSL_SESSION 72actually used in 73.Fa ssl . 74The reference count of the 75.Vt SSL_SESSION 76is not incremented, so that the pointer can become invalid by other operations. 77.Pp 78.Fn SSL_get0_session 79is the same as 80.Fn SSL_get_session . 81.Pp 82.Fn SSL_get1_session 83is the same as 84.Fn SSL_get_session , 85but the reference count of the 86.Vt SSL_SESSION 87is incremented by one. 88.Pp 89The 90.Fa ssl 91session contains all information required to re-establish the connection 92without a new handshake. 93.Pp 94.Fn SSL_get0_session 95returns a pointer to the actual session. 96As the reference counter is not incremented, 97the pointer is only valid while the connection is in use. 98If 99.Xr SSL_clear 3 100or 101.Xr SSL_free 3 102is called, the session may be removed completely (if considered bad), 103and the pointer obtained will become invalid. 104Even if the session is valid, 105it can be removed at any time due to timeout during 106.Xr SSL_CTX_flush_sessions 3 . 107.Pp 108If the data is to be kept, 109.Fn SSL_get1_session 110will increment the reference count, so that the session will not be implicitly 111removed by other operations but stays in memory. 112In order to remove the session, 113.Xr SSL_SESSION_free 3 114must be explicitly called once to decrement the reference count again. 115.Pp 116.Vt SSL_SESSION 117objects keep internal link information about the session cache list when being 118inserted into one 119.Vt SSL_CTX 120object's session cache. 121One 122.Vt SSL_SESSION 123object, regardless of its reference count, must therefore only be used with one 124.Vt SSL_CTX 125object (and the 126.Vt SSL 127objects created from this 128.Vt SSL_CTX 129object). 130.Sh RETURN VALUES 131The following return values can occur: 132.Bl -tag -width Ds 133.It Dv NULL 134There is no session available in 135.Fa ssl . 136.It Pointer to an Vt SSL_SESSION 137The return value points to the data of an 138.Vt SSL 139session. 140.El 141.Sh SEE ALSO 142.Xr ssl 3 , 143.Xr SSL_clear 3 , 144.Xr SSL_free 3 , 145.Xr SSL_SESSION_free 3 , 146.Xr SSL_SESSION_get0_peer 3 , 147.Xr SSL_SESSION_get_compress_id 3 , 148.Xr SSL_SESSION_get_id 3 , 149.Xr SSL_SESSION_get_protocol_version 3 , 150.Xr SSL_SESSION_get_time 3 , 151.Xr SSL_SESSION_new 3 , 152.Xr SSL_SESSION_print 3 , 153.Xr SSL_set_session 3 154.Sh HISTORY 155.Fn SSL_get_session 156first appeared in SSLeay 0.5.2 and has been available since 157.Ox 2.4 . 158.Pp 159.Fn SSL_get0_session 160and 161.Fn SSL_get1_session 162first appeared in OpenSSL 0.9.5 and have been available since 163.Ox 2.7 . 164