xref: /freebsd/secure/lib/libcrypto/man/man3/SSL_clear.3 (revision e9ac41698b2f322d55ccf9da50a3596edb2c1800)
Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)

Standard preamble:
========================================================================
..
..
.. Set up some character translations and predefined strings. \*(-- will
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. \*(C+ will
give a nicer C++. Capital omega is used to do unbreakable dashes and
therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
nothing in troff, for use with C<>.
.tr \(*W- . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.

If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.

Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================

Title "SSL_CLEAR 3ossl"
SSL_CLEAR 3ossl "2023-09-19" "3.0.11" "OpenSSL"
For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
"NAME"
SSL_clear - reset SSL object to allow another connection
"SYNOPSIS"
Header "SYNOPSIS" .Vb 1 #include <openssl/ssl.h> \& int SSL_clear(SSL *ssl); .Ve
"DESCRIPTION"
Header "DESCRIPTION" Reset ssl to allow another connection. All settings (method, ciphers, BIOs) are kept.
"NOTES"
Header "NOTES" SSL_clear is used to prepare an \s-1SSL\s0 object for a new connection. While all settings are kept, a side effect is the handling of the current \s-1SSL\s0 session. If a session is still open, it is considered bad and will be removed from the session cache, as required by \s-1RFC2246. A\s0 session is considered open, if SSL_shutdown\|(3) was not called for the connection or at least SSL_set_shutdown\|(3) was used to set the \s-1SSL_SENT_SHUTDOWN\s0 state.

If a session was closed cleanly, the session object will be kept and all settings corresponding. This explicitly means, that e.g. the special method used during the session will be kept for the next handshake. So if the session was a TLSv1 session, a \s-1SSL\s0 client object will use a TLSv1 client method for the next handshake and a \s-1SSL\s0 server object will use a TLSv1 server method, even if TLS_*_methods were chosen on startup. This will might lead to connection failures (see SSL_new\|(3)) for a description of the method's properties.

"WARNINGS"
Header "WARNINGS" \fBSSL_clear() resets the \s-1SSL\s0 object to allow for another connection. The reset operation however keeps several settings of the last sessions (some of these settings were made automatically during the last handshake). It only makes sense for a new connection with the exact same peer that shares these settings, and may fail if that peer changes its settings between connections. Use the sequence \fBSSL_get_session\|(3); \fBSSL_new\|(3); \fBSSL_set_session\|(3); \fBSSL_free\|(3) instead to avoid such failures (or simply SSL_free\|(3); SSL_new\|(3) if session reuse is not desired).
"RETURN VALUES"
Header "RETURN VALUES" The following return values can occur:
"0" 4
The SSL_clear() operation could not be performed. Check the error stack to find out the reason.
"1" 4
Item "1" The SSL_clear() operation was successful.

\fBSSL_new\|(3), SSL_free\|(3), \fBSSL_shutdown\|(3), SSL_set_shutdown\|(3), \fBSSL_CTX_set_options\|(3), ssl\|(7), \fBSSL_CTX_set_client_cert_cb\|(3)

"COPYRIGHT"
Header "COPYRIGHT" Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>.