SSL_CTX_sess_set_get_cb(3)SSL_CTX_sess_set_get_cb(3)NAME
SSL_CTX_sess_set_get_cb, SSL_CTX_sess_set_new_cb,
SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_get_new_cb,
SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - Provide callback
functions for server side external session caching
SYNOPSIS
#include <openssl/ssl.h>
void SSL_CTX_sess_set_new_cb(
SSL_CTX *ctx,
int (*new_session_cb) (SSL *, SSL_SESSION *) ); void
SSL_CTX_sess_set_remove_cb(
SSL_CTX *ctx,
void (*remove_session_cb) (SSL_CTX *ctx, SSL_SESSION *) ); void
SSL_CTX_sess_set_get_cb(
SSL_CTX *ctx,
SSL_SESSION (*get_session_cb) (SSL *, unsigned char *, int, int
*) ); int*SSL_CTX_sess_get_new_cb (SSL_CTX *ctx))(
struct ssl_st *ssl,
SSL_SESSION *sess ); void (*SSL_CTX_sess_get_remove_cb(SSL_CTX
*ctx))(
struct ssl_ctx_st *ctx,
SSL_SESSION *sess ); SSL_SESSION
*(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(
struct ssl_st *ssl,
unsigned char *data ,
int len ,
int *copy ); int (*new_session_cb)(
struct ssl_st *ssl,
SSL_SESSION *sess ); void(*remove_session_cb)(
struct ssl_ctx_st *ctx,
SSL_SESSION *sess ); SSL_SESSION *(*get_session_cb)(
struct ssl_st *ssl,
unsigned char *data,
int len,
int *copy );
DESCRIPTION
The SSL_CTX_sess_set_get_cb() function sets the callback function which
is called whenever an SSL/TLS client proposes to resume a session but
the session could not be found in the internal session cache (see
SSL_CTX_set_session_cache_mode(3)). (SSL/TLS server only.)
The SSL_CTX_sess_set_new_cb() function sets the callback function,
which is automatically called whenever a new session is negotiated.
The SSL_CTX_sess_set_remove_cb() function sets the callback function,
which is automatically called whenever a session is removed by the SSL
engine, because it is considered faulty or the session has become obso‐
lete because of exceeding the timeout value.
The SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and
SSL_CTX_sess_get_get_cb() functions retrieve the function pointers of
the provided callback functions. If a callback function has not been
set, the NULL pointer is returned.
NOTES
In order to allow external session caching, synchronization with the
internal session cache is realized via callback functions. Inside these
callback functions, session can be saved to disk or put into a database
using the d2i_SSL_SESSION(3) interface.
The new_session_cb() function is called whenever a new session has been
negotiated and session caching is enabled (see SSL_CTX_set_ses‐
sion_cache_mode(3)). The new_session_cb() function is passed the ssl
connection and the ssl session sess. If the callback returns 0, the
session will be removed immediately.
The remove_session_cb() function is called whenever the SSL engine
removes a session from the internal cache. This happens if the session
is removed because it is expired or when a connection was not shutdown
cleanly. The remove_session_cb() function is passed the ctx and the ssl
session sess. It does not provide any feedback.
The get_session_cb() function is only called on SSL/TLS servers with
the session id proposed by the client. The get_session_cb() function is
always called, also when session caching is disabled. The get_ses‐
sion_cb() function is passed the ssl connection, the session id of
length length at the memory location data. With the parameter copy the
callback can require the SSL engine to increment the reference count of
the SSL_SESSION object. Normally the reference count is not incre‐
mented, and therefore the session must not be explicitly freed with
SSL_SESSION_free().
SEE ALSO
Functions: ssl(3), d2i_SSL_SESSION(3), SSL_CTX_set_ses‐
sion_cache_mode(3), SSL_CTX_flush_sessions(3), SSL_SESSION_free(3)SSL_CTX_sess_set_get_cb(3)