|Linux & Unix Commands - Search Man Pages
SSL_clear(3) OpenSSL SSL_clear(3)
SSL_clear - reset SSL object to allow another connection
int SSL_clear(SSL *ssl);
Reset ssl to allow another connection. All settings (method, ciphers, BIOs) are kept.
SSL_clear is used to prepare an SSL object for a new connection. While all settings are
kept, a side effect is the handling of the current SSL session. If a session is still
open, it is considered bad and will be removed from the session cache, as required by
RFC2246. A session is considered open, if SSL_shutdown(3) was not called for the connec-
tion or at least SSL_set_shutdown(3) was used to set the SSL_SENT_SHUTDOWN state.
If a session was closed cleanly, the session object will be kept and all settings corre-
sponding. This explicitly means, that e.g. the special method used during the session will
be kept for the next handshake. So if the session was a TLSv1 session, a SSL client object
will use a TLSv1 client method for the next handshake and a SSL server object will use a
TLSv1 server method, even if SSLv23_*_methods were chosen on startup. This will might lead
to connection failures (see SSL_new(3)) for a description of the method's properties.
SSL_clear() resets the SSL object to allow for another connection. The reset operation
however keeps several settings of the last sessions (some of these settings were made
automatically during the last handshake). It only makes sense when opening a new session
(or reusing an old one) with the same peer that shares these settings. SSL_clear() is not
a short form for the sequence SSL_free(3); SSL_new(3); .
The following return values can occur:
0 The SSL_clear() operation could not be performed. Check the error stack to find out
1 The SSL_clear() operation was successful.
SSL_new(3), SSL_free(3), SSL_shutdown(3), SSL_set_shutdown(3), SSL_CTX_set_options(3),
0.9.7d 2002-12-01 SSL_clear(3)
All times are GMT -4. The time now is 03:06 AM.