|TLS_CONFIG_SET_SESSION_ID(3)||Library Functions Manual||TLS_CONFIG_SET_SESSION_ID(3)|
tls_config *config, int session_fd);
tls_config *config, const unsigned char
*session_id, size_t len);
tls_config *config, int lifetime);
tls_config *config, uint32_t keyrev,
unsigned char *key, size_t
tls_config_set_session_fd() sets a file descriptor to be used to manage data for TLS sessions (client only). The given file descriptor must be a regular file and be owned by the current user, with permissions being restricted to only allow the owner to read and write the file (0600). If the file has a non-zero length, the client will attempt to read session data from this file and resume the previous TLS session with the server. Upon a successful handshake the file will be updated with current session data, if available. The caller is responsible for closing this file descriptor, after all TLS contexts that have been configured to use it have been freed via
tls_config_set_session_id() sets the
session identifier that will be used by the TLS server when sessions are
enabled (server only). By default a random value is used.
tls_config_set_session_lifetime() sets the
lifetime to be used for TLS sessions (server only). Session support is
disabled if a lifetime of zero is specified, which is the default.
tls_config_add_ticket_key() adds a key
used for the encryption and authentication of TLS tickets (server only). By
default keys are generated and rotated automatically based on their
lifetime. This function should only be used to synchronise ticket encryption
key across multiple processes. Re-adding a known key will result in an
error, unless it is the most recently added key.
tls_config_add_ticket_key() appeared in OpenBSD 6.1.
tls_config_set_session_fd() appeared in
|February 10, 2018||OpenBSD-current|