|SSL_GET_SESSION(3)||Library Functions Manual||SSL_GET_SESSION(3)|
SSL_get_session() returns a pointer to the SSL_SESSION actually used in ssl. The reference count of the SSL_SESSION is not incremented, so that the pointer can become invalid by other operations.
SSL_get0_session() is the same as
SSL_get1_session() is the same as
SSL_get_session(), but the reference count of the
SSL_SESSION is incremented by one.
The ssl session contains all information required to re-establish the connection without a new handshake.
SSL_get0_session() returns a pointer to
the actual session. As the reference counter is not incremented, the pointer
is only valid while the connection is in use. If
SSL_free(3) is called, the session may
be removed completely (if considered bad), and the pointer obtained will
become invalid. Even if the session is valid, it can be removed at any time
due to timeout during
If the data is to be kept,
SSL_get1_session() will increment the reference
count, so that the session will not be implicitly removed by other
operations but stays in memory. In order to remove the session
SSL_SESSION_free(3) must be
explicitly called once to decrement the reference count again.
SSL_SESSION objects keep internal link information about the session cache list when being inserted into one SSL_CTX object's session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).
SSL_get_session() first appeared in SSLeay 0.5.2 and has been available since OpenBSD 2.4.
SSL_get1_session() first appeared in OpenSSL 0.9.5
and have been available since OpenBSD 2.7.
|March 27, 2018||OpenBSD-current|