NAME
SSLCTXsesssetnewcb, SSLCTXsesssetremovecb, SSLCTXsesssetgetcb, SSLCTXsessgetnewcb,SSLCTXsessgetremovecb, SSLCTXsessgetgetcb - provide callback
functions for server side external session cachingSYNOPSIS
#include
void SSLCTXsesssetnewcb(SSLCTX *ctx, int (*newsessioncb)(SSL *, SSLSESSION *)); void SSLCTXsesssetremovecb(SSLCTX *ctx, void (*removesessioncb)(SSLCTX *ctx, SSLSESSION *)); void SSLCTXsesssetgetcb(SSLCTX *ctx, SSLSESSION (*getsessioncb)(SSL *, unsigned char *, int, int *)); int (*SSLCTXsessgetnewcb(SSLCTX *ctx))(struct sslst *ssl, SSLSESSION *sess); void (*SSLCTXsessgetremovecb(SSLCTX *ctx))(struct sslctxst *ctx, SSLSESSION *sess); SSLSESSION *(*SSLCTXsessgetgetcb(SSLCTX *ctx))(struct sslst *ssl, unsigned char *data, int len, int *copy); int (*newsessioncb)(struct sslst *ssl, SSLSESSION *sess); void (*removesessioncb)(struct sslctxst *ctx, SSLSESSION *sess); SSLSESSION *(*getsessioncb)(struct sslst *ssl, unsigned char *data, int len, int *copy);DESCRIPTION
SSLCTXsesssetnewcb() sets the callback function, which is automatically called whenever a new session was negotiated. SSLCTXsesssetremovecb() sets the callback function, which is automatically called whenever a session is removed by the SSL engine, because it is considered faulty or the session has become obsolete because of exceeding the timeout value. SSLCTXsesssetgetcb() sets the callback function which is called, whenever a SSL/TLS client proposed to resume a session but the session could not be found in the internal session cache (see SSLCTXsetsessioncachemode(3)). (SSL/TLS server only.) SSLCTXsessgetnewcb(), SSLCTXsessgetremovecb(), and SSLCTXsessgetgetcb() allow to retrieve the function pointers of the provided callback functions. If a callback function has not been set, the NULL pointer is returned. NNOOTTEESS In order to allow external session caching, synchronization with the internal session cache is realized via callback functions. Inside these callback functions, session can be saved to disk or put into a database using the d2iSSLSESSION(3) interface. The newsessioncb() is called, whenever a new session has been negotiated and session caching is enabled (see SSLCTXsetsessioncachemode(3)). The newsessioncb() is passed the ssssll connection and the ssl session sseessss. If the callback returns 00, the session will be immediately removed again. The removesessioncb() is called, whenever the SSL engine removes a session from the internal cache. This happens when the session is removed because it is expired or when a connection was not shutdown cleanly. It also happens for all sessions in the internal session cache when SSLCTXfree(3) is called. The removesessioncb() is passed the ccttxx and the ssl session sseessss. It does not provide any feedback. The getsessioncb() is only called on SSL/TLS servers with the session id proposed by the client. The getsessioncb() is always called, also when session caching was disabled. The getsessioncb() is passed the ssssll connection, the session id of length lleennggtthh at the memory location ddaattaa. With the parameter ccooppyy the callback can require the SSL engine to increment the reference count of the SSLSESSION object, Normally the reference count is not incremented and therefore the session must not be explicitly freed with SSLSESSIONfree(3).SEE ALSO
ssl(3), d2iSSLSESSION(3), SSLCTXsetsessioncachemode(3), SSLCTXflushsessions(3), SSLSESSIONfree(3), SSLCTXfree(3)0.9.7l 2003-03-27 SSLCTXsesssetgetcb(3)