diff options
Diffstat (limited to 'crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod')
-rw-r--r-- | crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod deleted file mode 100644 index 58fc685506eb..000000000000 --- a/crypto/openssl/doc/ssl/SSL_CTX_set_session_id_context.pod +++ /dev/null @@ -1,83 +0,0 @@ -=pod - -=head1 NAME - -SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can be reused (server side only) - -=head1 SYNOPSIS - - #include <openssl/ssl.h> - - int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, - unsigned int sid_ctx_len); - int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, - unsigned int sid_ctx_len); - -=head1 DESCRIPTION - -SSL_CTX_set_session_id_context() sets the context B<sid_ctx> of length -B<sid_ctx_len> within which a session can be reused for the B<ctx> object. - -SSL_set_session_id_context() sets the context B<sid_ctx> of length -B<sid_ctx_len> within which a session can be reused for the B<ssl> object. - -=head1 NOTES - -Sessions are generated within a certain context. When exporting/importing -sessions with B<i2d_SSL_SESSION>/B<d2i_SSL_SESSION> it would be possible, -to re-import a session generated from another context (e.g. another -application), which might lead to malfunctions. Therefore each application -must set its own session id context B<sid_ctx> which is used to distinguish -the contexts and is stored in exported sessions. The B<sid_ctx> can be -any kind of binary data with a given length, it is therefore possible -to use e.g. the name of the application and/or the hostname and/or service -name ... - -The session id context becomes part of the session. The session id context -is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and -SSL_set_session_id_context() functions are therefore only useful on the -server side. - -OpenSSL clients will check the session id context returned by the server -when reusing a session. - -The maximum length of the B<sid_ctx> is limited to -B<SSL_MAX_SSL_SESSION_ID_LENGTH>. - -=head1 WARNINGS - -If the session id context is not set on an SSL/TLS server and client -certificates are used, stored sessions -will not be reused but a fatal error will be flagged and the handshake -will fail. - -If a server returns a different session id context to an OpenSSL client -when reusing a session, an error will be flagged and the handshake will -fail. OpenSSL servers will always return the correct session id context, -as an OpenSSL server checks the session id context itself before reusing -a session as described above. - -=head1 RETURN VALUES - -SSL_CTX_set_session_id_context() and SSL_set_session_id_context() -return the following values: - -=over 4 - -=item 0 - -The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded -the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error -is logged to the error stack. - -=item 1 - -The operation succeeded. - -=back - -=head1 SEE ALSO - -L<ssl(3)|ssl(3)> - -=cut |