NAME
tls_config_set_session_id
,
tls_config_set_session_lifetime
,
tls_config_add_ticket_key
—
configure resuming of TLS
handshakes
SYNOPSIS
#include
<tls.h>
int
tls_config_set_session_id
(struct
tls_config *config, const unsigned char
*session_id, size_t len);
int
tls_config_set_session_lifetime
(struct
tls_config *config, int lifetime);
int
tls_config_add_ticket_key
(struct
tls_config *config, uint32_t keyrev,
unsigned char *key, size_t
keylen);
DESCRIPTION
tls_config_set_session_id
()
sets the session identifier that will be used by the TLS server when
sessions are enabled. By default a random value is used.
tls_config_set_session_lifetime
()
sets the lifetime to be used for TLS sessions. Session support is disabled
if a lifetime of zero is specified, which is the default.
tls_config_add_ticket_key
()
adds a key used for the encryption and authentication of TLS tickets. By
default keys are generated and rotated automatically based on their
lifetime. This function should only be used to synchronise ticket encryption
key across multiple processes. Re-adding a known key will result in an
error, unless it is the most recently added key.
RETURN VALUES
These functions return 0 on success or -1 on error.
SEE ALSO
tls_accept_socket(3), tls_config_set_protocols(3), tls_init(3), tls_load_file(3), tls_server(3)
HISTORY
These functions appeared in OpenBSD 6.1.
AUTHORS
Claudio Jeker <claudio@openbsd.org>