1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_SESSION_new, 6e71b7053SJung-uk KimSSL_SESSION_dup, 7e71b7053SJung-uk KimSSL_SESSION_up_ref, 8e71b7053SJung-uk KimSSL_SESSION_free - create, free and manage SSL_SESSION structures 9e71b7053SJung-uk Kim 10e71b7053SJung-uk Kim=head1 SYNOPSIS 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim #include <openssl/ssl.h> 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim SSL_SESSION *SSL_SESSION_new(void); 15*b077aed3SPierre Pronchery SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src); 16e71b7053SJung-uk Kim int SSL_SESSION_up_ref(SSL_SESSION *ses); 17e71b7053SJung-uk Kim void SSL_SESSION_free(SSL_SESSION *session); 18e71b7053SJung-uk Kim 19e71b7053SJung-uk Kim=head1 DESCRIPTION 20e71b7053SJung-uk Kim 21e71b7053SJung-uk KimSSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to 22e71b7053SJung-uk Kimit. 23e71b7053SJung-uk Kim 24*b077aed3SPierre ProncherySSL_SESSION_dup() creates a new SSL_SESSION structure that is a copy of B<src>. 25*b077aed3SPierre ProncheryThe copy is not owned by any cache that B<src> may have been in. 26e71b7053SJung-uk Kim 27e71b7053SJung-uk KimSSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION 28e71b7053SJung-uk Kimstructure. 29e71b7053SJung-uk Kim 30e71b7053SJung-uk KimSSL_SESSION_free() decrements the reference count of B<session> and removes 31e71b7053SJung-uk Kimthe B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated 32e71b7053SJung-uk Kimmemory, if the reference count has reached 0. 33e71b7053SJung-uk KimIf B<session> is NULL nothing is done. 34e71b7053SJung-uk Kim 35e71b7053SJung-uk Kim=head1 NOTES 36e71b7053SJung-uk Kim 37e71b7053SJung-uk KimSSL_SESSION objects are allocated, when a TLS/SSL handshake operation 38e71b7053SJung-uk Kimis successfully completed. Depending on the settings, see 39e71b7053SJung-uk KimL<SSL_CTX_set_session_cache_mode(3)>, 40e71b7053SJung-uk Kimthe SSL_SESSION objects are internally referenced by the SSL_CTX and 41e71b7053SJung-uk Kimlinked into its session cache. SSL objects may be using the SSL_SESSION object; 42e71b7053SJung-uk Kimas a session may be reused, several SSL objects may be using one SSL_SESSION 43e71b7053SJung-uk Kimobject at the same time. It is therefore crucial to keep the reference 44e71b7053SJung-uk Kimcount (usage information) correct and not delete a SSL_SESSION object 45e71b7053SJung-uk Kimthat is still used, as this may lead to program failures due to 46e71b7053SJung-uk Kimdangling pointers. These failures may also appear delayed, e.g. 47e71b7053SJung-uk Kimwhen an SSL_SESSION object was completely freed as the reference count 48e71b7053SJung-uk Kimincorrectly became 0, but it is still referenced in the internal 49e71b7053SJung-uk Kimsession cache and the cache list is processed during a 50e71b7053SJung-uk KimL<SSL_CTX_flush_sessions(3)> operation. 51e71b7053SJung-uk Kim 52e71b7053SJung-uk KimSSL_SESSION_free() must only be called for SSL_SESSION objects, for 53e71b7053SJung-uk Kimwhich the reference count was explicitly incremented (e.g. 54e71b7053SJung-uk Kimby calling SSL_get1_session(), see L<SSL_get_session(3)>) 55e71b7053SJung-uk Kimor when the SSL_SESSION object was generated outside a TLS handshake 56e71b7053SJung-uk Kimoperation, e.g. by using L<d2i_SSL_SESSION(3)>. 57e71b7053SJung-uk KimIt must not be called on other SSL_SESSION objects, as this would cause 58e71b7053SJung-uk Kimincorrect reference counts and therefore program failures. 59e71b7053SJung-uk Kim 60e71b7053SJung-uk Kim=head1 RETURN VALUES 61e71b7053SJung-uk Kim 62e71b7053SJung-uk KimSSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure 63e71b7053SJung-uk Kimor NULL on error. 64e71b7053SJung-uk Kim 65*b077aed3SPierre ProncherySSL_SESSION_dup returns a pointer to the new copy or NULL on error. 66*b077aed3SPierre Pronchery 67e71b7053SJung-uk KimSSL_SESSION_up_ref returns 1 on success or 0 on error. 68e71b7053SJung-uk Kim 69e71b7053SJung-uk Kim=head1 SEE ALSO 70e71b7053SJung-uk Kim 71e71b7053SJung-uk KimL<ssl(7)>, L<SSL_get_session(3)>, 72e71b7053SJung-uk KimL<SSL_CTX_set_session_cache_mode(3)>, 73e71b7053SJung-uk KimL<SSL_CTX_flush_sessions(3)>, 74e71b7053SJung-uk KimL<d2i_SSL_SESSION(3)> 75e71b7053SJung-uk Kim 76e71b7053SJung-uk Kim=head1 HISTORY 77e71b7053SJung-uk Kim 786935a639SJung-uk KimThe SSL_SESSION_dup() function was added in OpenSSL 1.1.1. 79e71b7053SJung-uk Kim 80e71b7053SJung-uk Kim=head1 COPYRIGHT 81e71b7053SJung-uk Kim 82*b077aed3SPierre ProncheryCopyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. 83e71b7053SJung-uk Kim 84*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 85e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 86e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 87e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 88e71b7053SJung-uk Kim 89e71b7053SJung-uk Kim=cut 90