Почетна Преглед Помоћ
Пријавите се
dream
/
Android_verify
1
1
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: af1c26ddb5
Гране Ознаке
Android_verify
/
lib
/
openssl
/
share
/
man
/
man3
/
SSL_get_session.3ossl

SSL_get_session.3ossl 6.1 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160 
  1. .\" -*- mode: troff; coding: utf-8 -*-
    2. 

  2. .\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
    3. 

  3. .\"
    4. 

  4. .\" Standard preamble:
    5. 

  5. .\" ========================================================================
    6. 

  6. .de Sp \" Vertical space (when we can't use .PP)
    7. 

  7. .if t .sp .5v
    8. 

  8. .if n .sp
    9. 

  9. ..
    10. 

  10. .de Vb \" Begin verbatim text
    11. 

  11. .ft CW
    12. 

  12. .nf
    13. 

  13. .ne \\$1
    14. 

  14. ..
    15. 

  15. .de Ve \" End verbatim text
    16. 

  16. .ft R
    17. 

  17. .fi
    18. 

  18. ..
    19. 

  19. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
    20. 

  20. .ie n \{\
    21. 

  21. .    ds C` ""
    22. 

  22. .    ds C' ""
    23. 

  23. 'br\}
    24. 

  24. .el\{\
    25. 

  25. .    ds C`
    26. 

  26. .    ds C'
    27. 

  27. 'br\}
    28. 

  28. .\"
    29. 

  29. .\" Escape single quotes in literal strings from groff's Unicode transform.
    30. 

  30. .ie \n(.g .ds Aq \(aq
    31. 

  31. .el       .ds Aq '
    32. 

  32. .\"
    33. 

  33. .\" If the F register is >0, we'll generate index entries on stderr for
    34. 

  34. .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
    35. 

  35. .\" entries marked with X<> in POD.  Of course, you'll have to process the
    36. 

  36. .\" output yourself in some meaningful fashion.
    37. 

  37. .\"
    38. 

  38. .\" Avoid warning from groff about undefined register 'F'.
    39. 

  39. .de IX
    40. 

  40. ..
    41. 

  41. .nr rF 0
    42. 

  42. .if \n(.g .if rF .nr rF 1
    43. 

  43. .if (\n(rF:(\n(.g==0)) \{\
    44. 

  44. .    if \nF \{\
    45. 

  45. .        de IX
    46. 

  46. .        tm Index:\\$1\t\\n%\t"\\$2"
    47. 

  47. ..
    48. 

  48. .        if !\nF==2 \{\
    49. 

  49. .            nr % 0
    50. 

  50. .            nr F 2
    51. 

  51. .        \}
    52. 

  52. .    \}
    53. 

  53. .\}
    54. 

  54. .rr rF
    55. 

  55. .\" ========================================================================
    56. 

  56. .\"
    57. 

  57. .IX Title "SSL_GET_SESSION 3ossl"
    58. 

  58. .TH SSL_GET_SESSION 3ossl 2025-01-17 3.4.0 OpenSSL
    59. 

  59. .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
    60. 

  60. .\" way too many mistakes in technical documents.
    61. 

  61. .if n .ad l
    62. 

  62. .nh
    63. 

  63. .SH NAME
    64. 

  64. SSL_get_session, SSL_get0_session, SSL_get1_session \- retrieve TLS/SSL session data
    65. 

  65. .SH SYNOPSIS
    66. 

  66. .IX Header "SYNOPSIS"
    67. 

  67. .Vb 1
    68. 

  68. \& #include <openssl/ssl.h>
    69. 

  69. \&
    70. 

  70. \& SSL_SESSION *SSL_get_session(const SSL *ssl);
    71. 

  71. \& SSL_SESSION *SSL_get0_session(const SSL *ssl);
    72. 

  72. \& SSL_SESSION *SSL_get1_session(SSL *ssl);
    73. 

  73. .Ve
    74. 

  74. .SH DESCRIPTION
    75. 

  75. .IX Header "DESCRIPTION"
    76. 

  76. \&\fBSSL_get_session()\fR returns a pointer to the \fBSSL_SESSION\fR actually used in
    77. 

  77. \&\fBssl\fR. The reference count of the \fBSSL_SESSION\fR is not incremented, so
    78. 

  78. that the pointer can become invalid by other operations.
    79. 

  79. .PP
    80. 

  80. \&\fBSSL_get0_session()\fR is the same as \fBSSL_get_session()\fR.
    81. 

  81. .PP
    82. 

  82. \&\fBSSL_get1_session()\fR is the same as \fBSSL_get_session()\fR, but the reference
    83. 

  83. count of the \fBSSL_SESSION\fR is incremented by one.
    84. 

  84. .SH NOTES
    85. 

  85. .IX Header "NOTES"
    86. 

  86. The ssl session contains all information required to re-establish the
    87. 

  87. connection without a full handshake for SSL versions up to and including
    88. 

  88. TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the
    89. 

  89. main handshake has occurred. The server will send the session information to the
    90. 

  90. client at a time of its choosing, which may be some while after the initial
    91. 

  91. connection is established (or never). Calling these functions on the client side
    92. 

  92. in TLSv1.3 before the session has been established will still return an
    93. 

  93. SSL_SESSION object but that object cannot be used for resuming the session. See
    94. 

  94. \&\fBSSL_SESSION_is_resumable\fR\|(3) for information on how to determine whether an
    95. 

  95. SSL_SESSION object can be used for resumption or not.
    96. 

  96. .PP
    97. 

  97. Additionally, in TLSv1.3, a server can send multiple messages that establish a
    98. 

  98. session for a single connection. In that case, on the client side, the above
    99. 

  99. functions will only return information on the last session that was received. On
    100. 

  100. the server side they will only return information on the last session that was
    101. 

  101. sent, or if no session tickets were sent then the session for the current
    102. 

  102. connection.
    103. 

  103. .PP
    104. 

  104. The preferred way for applications to obtain a resumable SSL_SESSION object is
    105. 

  105. to use a new session callback as described in \fBSSL_CTX_sess_set_new_cb\fR\|(3).
    106. 

  106. The new session callback is only invoked when a session is actually established,
    107. 

  107. so this avoids the problem described above where an application obtains an
    108. 

  108. SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also
    109. 

  109. enables applications to obtain information about all sessions sent by the
    110. 

  110. server.
    111. 

  111. .PP
    112. 

  112. A session will be automatically removed from the session cache and marked as
    113. 

  113. non-resumable if the connection is not closed down cleanly, e.g. if a fatal
    114. 

  114. error occurs on the connection or \fBSSL_shutdown\fR\|(3) is not called prior to
    115. 

  115. \&\fBSSL_free\fR\|(3).
    116. 

  116. .PP
    117. 

  117. In TLSv1.3 it is recommended that each SSL_SESSION object is only used for
    118. 

  118. resumption once.
    119. 

  119. .PP
    120. 

  120. \&\fBSSL_get0_session()\fR returns a pointer to the actual session. As the
    121. 

  121. reference counter is not incremented, the pointer is only valid while
    122. 

  122. the connection is in use. If \fBSSL_clear\fR\|(3) or
    123. 

  123. \&\fBSSL_free\fR\|(3) is called, the session may be removed completely
    124. 

  124. (if considered bad), and the pointer obtained will become invalid. Even
    125. 

  125. if the session is valid, it can be removed at any time due to timeout
    126. 

  126. during \fBSSL_CTX_flush_sessions\fR\|(3).
    127. 

  127. .PP
    128. 

  128. If the data is to be kept, \fBSSL_get1_session()\fR will increment the reference
    129. 

  129. count, so that the session will not be implicitly removed by other operations
    130. 

  130. but stays in memory. In order to remove the session
    131. 

  131. \&\fBSSL_SESSION_free\fR\|(3) must be explicitly called once
    132. 

  132. to decrement the reference count again.
    133. 

  133. .PP
    134. 

  134. SSL_SESSION objects keep internal link information about the session cache
    135. 

  135. list, when being inserted into one SSL_CTX object's session cache.
    136. 

  136. One SSL_SESSION object, regardless of its reference count, must therefore
    137. 

  137. only be used with one SSL_CTX object (and the SSL objects created
    138. 

  138. from this SSL_CTX object).
    139. 

  139. .SH "RETURN VALUES"
    140. 

  140. .IX Header "RETURN VALUES"
    141. 

  141. The following return values can occur:
    142. 

  142. .IP NULL 4
    143. 

  143. .IX Item "NULL"
    144. 

  144. There is no session available in \fBssl\fR.
    145. 

  145. .IP "Pointer to an SSL_SESSION" 4
    146. 

  146. .IX Item "Pointer to an SSL_SESSION"
    147. 

  147. The return value points to the data of an SSL session.
    148. 

  148. .SH "SEE ALSO"
    149. 

  149. .IX Header "SEE ALSO"
    150. 

  150. \&\fBssl\fR\|(7), \fBSSL_free\fR\|(3),
    151. 

  151. \&\fBSSL_clear\fR\|(3),
    152. 

  152. \&\fBSSL_SESSION_free\fR\|(3)
    153. 

  153. .SH COPYRIGHT
    154. 

  154. .IX Header "COPYRIGHT"
    155. 

  155. Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
    156. 

  156. .PP
    157. 

  157. Licensed under the Apache License 2.0 (the "License").  You may not use
    158. 

  158. this file except in compliance with the License.  You can obtain a copy
    159. 

  159. in the file LICENSE in the source distribution or at
    160. 

  160. <https://www.openssl.org/source/license.html>.
    161.