|
|
SSL_CTX_sess_set_get_cb(3)
Contents
|
SSL_CTX_sess_set_get_cb, SSL_CTX_sess_set_new_cb,
SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_get_new_cb,
SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - Provide
callback functions for server side external session
caching
#include <openssl/ssl.h>
void SSL_CTX_sess_set_new_cb(
SSL_CTX *ctx,
int (*new_session_cb) (SSL *, SSL_SESSION *) );
void SSL_CTX_sess_set_remove_cb(
SSL_CTX *ctx,
void (*remove_session_cb) (SSL_CTX *ctx, SSL_SESSION
*) ); void SSL_CTX_sess_set_get_cb(
SSL_CTX *ctx,
SSL_SESSION (*get_session_cb) (SSL *, unsigned
char *, int, int *) ); int*SSL_CTX_sess_get_new_cb
(SSL_CTX *ctx))(
struct ssl_st *ssl,
SSL_SESSION *sess ); void
(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(
struct ssl_ctx_st *ctx,
SSL_SESSION *sess ); SSL_SESSION
*(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(
struct ssl_st *ssl,
unsigned char *data ,
int len ,
int *copy ); int (*new_session_cb)(
struct ssl_st *ssl,
SSL_SESSION *sess ); void(*remove_session_cb)(
struct ssl_ctx_st *ctx,
SSL_SESSION *sess ); SSL_SESSION *(*get_session_cb)(
struct ssl_st *ssl,
unsigned char *data,
int len,
int *copy );
The SSL_CTX_sess_set_get_cb() function sets the callback
function which is called whenever an SSL/TLS client proposes
to resume a session but the session could not be
found in the internal session cache (see SSL_CTX_set_session_cache_mode(3)). (SSL/TLS server only.)
The SSL_CTX_sess_set_new_cb() function sets the callback
function, which is automatically called whenever a new
session is negotiated.
The SSL_CTX_sess_set_remove_cb() function sets the callback
function, which is automatically called whenever a
session is removed by the SSL engine, because it is considered
faulty or the session has become obsolete because
of exceeding the timeout value.
The SSL_CTX_sess_get_new_cb(),
SSL_CTX_sess_get_remove_cb(), and
SSL_CTX_sess_get_get_cb() functions retrieve the function
pointers of the provided callback functions. If a callback
function has not been set, the NULL pointer is returned.
In order to allow external session caching, synchronization
with the internal session cache is realized via callback
functions. Inside these callback functions, session
can be saved to disk or put into a database using the
d2i_SSL_SESSION(3) interface.
The new_session_cb() function is called whenever a new
session has been negotiated and session caching is enabled
(see SSL_CTX_set_session_cache_mode(3)). The new_session_cb()
function is passed the ssl connection and the
ssl session sess. If the callback returns 0, the session
will be removed immediately.
The remove_session_cb() function is called whenever the
SSL engine removes a session from the internal cache. This
happens if the session is removed because it is expired or
when a connection was not shutdown cleanly. The
remove_session_cb() function is passed the ctx and the ssl
session sess. It does not provide any feedback.
The get_session_cb() function is only called on SSL/TLS
servers with the session id proposed by the client. The
get_session_cb() function is always called, also when session
caching is disabled. The get_session_cb() function
is passed the ssl connection, the session id of length
length at the memory location data. With the parameter
copy the callback can require the SSL engine to increment
the reference count of the SSL_SESSION object. Normally
the reference count is not incremented, and therefore the
session must not be explicitly freed with SSL_SESSION_free().
Functions: ssl(3), d2i_SSL_SESSION(3), SSL_CTX_set_session_cache_mode(3), SSL_CTX_flush_sessions(3), SSL_SESSION_free(3)
SSL_CTX_sess_set_get_cb(3)
[ Back ] |
