]>
Commit | Line | Data |
---|---|---|
cc99526d RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
1e4e5492 | 5 | SSL_clear - reset SSL object to allow another connection |
cc99526d RL |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/ssl.h> | |
10 | ||
c6def253 | 11 | int SSL_clear(SSL *ssl); |
cc99526d RL |
12 | |
13 | =head1 DESCRIPTION | |
14 | ||
1e4e5492 | 15 | Reset B<ssl> to allow another connection. All settings (method, ciphers, |
8e495e4a LJ |
16 | BIOs) are kept. |
17 | ||
18 | =head1 NOTES | |
19 | ||
20 | SSL_clear is used to prepare an SSL object for a new connection. While all | |
21 | settings are kept, a side effect is the handling of the current SSL session. | |
22 | If a session is still B<open>, it is considered bad and will be removed | |
23 | from the session cache, as required by RFC2246. A session is considered open, | |
9b86974e RS |
24 | if L<SSL_shutdown(3)> was not called for the connection |
25 | or at least L<SSL_set_shutdown(3)> was used to | |
8e495e4a | 26 | set the SSL_SENT_SHUTDOWN state. |
cc99526d | 27 | |
ce4b274a LJ |
28 | If a session was closed cleanly, the session object will be kept and all |
29 | settings corresponding. This explicitly means, that e.g. the special method | |
30 | used during the session will be kept for the next handshake. So if the | |
31 | session was a TLSv1 session, a SSL client object will use a TLSv1 client | |
32 | method for the next handshake and a SSL server object will use a TLSv1 | |
a27e81ee | 33 | server method, even if TLS_*_methods were chosen on startup. This |
9b86974e | 34 | will might lead to connection failures (see L<SSL_new(3)>) |
ce4b274a LJ |
35 | for a description of the method's properties. |
36 | ||
37 | =head1 WARNINGS | |
38 | ||
39 | SSL_clear() resets the SSL object to allow for another connection. The | |
40 | reset operation however keeps several settings of the last sessions | |
41 | (some of these settings were made automatically during the last | |
9d74befd BM |
42 | handshake). It only makes sense for a new connection with the exact |
43 | same peer that shares these settings, and may fail if that peer | |
44 | changes its settings between connections. Use the sequence | |
9b86974e RS |
45 | L<SSL_get_session(3)>; |
46 | L<SSL_new(3)>; | |
47 | L<SSL_set_session(3)>; | |
48 | L<SSL_free(3)> | |
9d74befd | 49 | instead to avoid such failures |
9b86974e | 50 | (or simply L<SSL_free(3)>; L<SSL_new(3)> |
9d74befd | 51 | if session reuse is not desired). |
ce4b274a | 52 | |
cc99526d RL |
53 | =head1 RETURN VALUES |
54 | ||
55 | The following return values can occur: | |
56 | ||
57 | =over 4 | |
58 | ||
c8919dde | 59 | =item Z<>0 |
cc99526d RL |
60 | |
61 | The SSL_clear() operation could not be performed. Check the error stack to | |
62 | find out the reason. | |
63 | ||
c8919dde | 64 | =item Z<>1 |
cc99526d | 65 | |
1e4e5492 | 66 | The SSL_clear() operation was successful. |
cc99526d RL |
67 | |
68 | =back | |
69 | ||
9b86974e RS |
70 | L<SSL_new(3)>, L<SSL_free(3)>, |
71 | L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>, | |
b97fdb57 | 72 | L<SSL_CTX_set_options(3)>, L<ssl(7)>, |
9b86974e | 73 | L<SSL_CTX_set_client_cert_cb(3)> |
cc99526d | 74 | |
e2f92610 RS |
75 | =head1 COPYRIGHT |
76 | ||
77 | Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. | |
78 | ||
79 | Licensed under the OpenSSL license (the "License"). You may not use | |
80 | this file except in compliance with the License. You can obtain a copy | |
81 | in the file LICENSE in the source distribution or at | |
82 | L<https://www.openssl.org/source/license.html>. | |
83 | ||
84 | =cut |