SSL_CTX_sess_set_get_cb 3 2003-07-24 0.9.9-dev OpenSSL

NAME

SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching

LIBRARY

libcrypto, -lcrypto

SYNOPSIS


 #include 







 void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
                              int (*new_session_cb)(SSL *, SSL_SESSION *));
 void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
           void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
           SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *));




 int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
 void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *data, int len, int *copy);


 int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
 void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
 SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
               int len, int *copy);

DESCRIPTION

_S_S_L___C_T_X___s_e_s_s___s_e_t___n_e_w___c_b_(_) sets the callback function, which is automatically called whenever a new session was negotiated.

_S_S_L___C_T_X___s_e_s_s___s_e_t___r_e_m_o_v_e___c_b_(_) sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value.

_S_S_L___C_T_X___s_e_s_s___s_e_t___g_e_t___c_b_(_) sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see _S_S_L___C_T_X___s_e_t___s_e_s_s_i_o_n___c_a_c_h_e___m_o_d_e(3)). (SSL/TLS server only.)

_S_S_L___C_T_X___s_e_s_s___g_e_t___n_e_w___c_b_(_), _S_S_L___C_T_X___s_e_s_s___g_e_t___r_e_m_o_v_e___c_b_(_), and _S_S_L___C_T_X___s_e_s_s___g_e_t___g_e_t___c_b_(_) allow to retrieve the function pointers of the provided callback functions. If a callback function has not been set, the NULL pointer is returned.

NOTES

In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the _d_2_i___S_S_L___S_E_S_S_I_O_N(3) interface.

The _n_e_w___s_e_s_s_i_o_n___c_b_(_) is called, whenever a new session has been negotiated and session caching is enabled (see _S_S_L___C_T_X___s_e_t___s_e_s_s_i_o_n___c_a_c_h_e___m_o_d_e(3)). The _n_e_w___s_e_s_s_i_o_n___c_b_(_) is passed the ssssll connection and the ssl session sseessss. If the callback returns 00, the session will be immediately removed again.

The _r_e_m_o_v_e___s_e_s_s_i_o_n___c_b_(_) is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when _S_S_L___C_T_X___f_r_e_e(3) is called. The _r_e_m_o_v_e___s_e_s_s_i_o_n___c_b_(_) is passed the ccttxx and the ssl session sseessss. It does not provide any feedback.

The _g_e_t___s_e_s_s_i_o_n___c_b_(_) is only called on SSL/TLS servers with the session id proposed by the client. The _g_e_t___s_e_s_s_i_o_n___c_b_(_) is always called, also when session caching was disabled. The _g_e_t___s_e_s_s_i_o_n___c_b_(_) is passed the ssssll connection, the session id of length lleennggtthh at the memory location ddaattaa. With the parameter ccooppyy the callback can require the SSL engine to increment the reference count of the SSL_SESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with _S_S_L___S_E_S_S_I_O_N___f_r_e_e(3).

SEE ALSO

_s_s_l(3), _d_2_i___S_S_L___S_E_S_S_I_O_N(3), _S_S_L___C_T_X___s_e_t___s_e_s_s_i_o_n___c_a_c_h_e___m_o_d_e(3), _S_S_L___C_T_X___f_l_u_s_h___s_e_s_s_i_o_n_s(3), _S_S_L___S_E_S_S_I_O_N___f_r_e_e(3), _S_S_L___C_T_X___f_r_e_e(3)