 |
Index for
Section 3 |
|
 |
Alphabetical
listing for S |
|
 |
Bottom of
page |
|
SSL_CTX_set_session_cache_mode(3)
NAME
SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - Enable or
disable session caching
SYNOPSIS
#include <openssl/ssl.h>
long SSL_CTX_set_session_cache_mode(
SSL_CTX ctx,
long mode );
long SSL_CTX_get_session_cache_mode(
SSL_CTX ctx );
DESCRIPTION
The SSL_CTX_set_session_cache_mode() function enables or disables session
caching by setting the operational mode for ctx to <mode>.
The SSL_CTX_get_session_cache_mode() function returns the currently used
cache mode.
NOTES
The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse.
The sessions can be held in memory for each ctx. If more than one SSL_CTX
object is being maintained, the sessions are unique for each SSL_CTX
object.
In order to reuse a session, a client must send the session's id to the
server. It can only send one id. The server then decides whether to reuse
the session or start the handshake for a new session.
A server will check the session in its internal session storage. If the
session is not found in internal storage or internal storage, it is
deactivated. The server will try the external storage if available.
Since a client may try to reuse a session intended for use in a different
context, the session id context must be set by the server (see
SSL_CTX_set_session_id_context(3)).
The following session cache modes and modifiers are available:
SSL_SESS_CACHE_OFF
No session caching for client or server takes place.
SSL_SESS_CACHE_CLIENT
Client sessions are added to the session cache. As there is no
reliable way for the OpenSSL library to know whether a session
should be reused or which session to choose (due to the abstract
BIO layer the SSL engine does not have details about the
connection), the application must select the session to be reused
by using the SSL_set_session() function. This option is not
activated by default.
SSL_SESS_CACHE_SERVER
Server sessions are added to the session cache. When a client
proposes a session be reused, the session is looked up in the
internal session cache. If the session is found, the server will
try to reuse the session. This is the default.
SSL_SESS_CACHE_BOTH
Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the
same time.
SSL_SESS_CACHE_NO_AUTO_CLEAR
Normally the session cache is checked for expired sessions every
255 connections using the SSL_CTX_flush_sessions() function. Since
this might lead to a delay which cannot be controlled, the
automatic flushing can be disabled and the SSL_CTX_flush_sessions()
can be called explicitly by the application.
SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
By setting this option, sessions are cached in the internal storage
but they are not looked up automatically. If an external session
cache is enabled, sessions are looked up in the external cache. As
automatic lookup only applies for SSL/TLS servers. The option has
no effect on clients.
The default mode is SSL_SESS_CACHE_SERVER.
RETURN VALUES
The SSL_CTX_set_session_cache_mode() function returns the previously set
cache mode.
The SSL_CTX_get_session_cache_mode() function returns the currently set
cache mode.
SEE ALSO
Functions: ssl(3), SSL_set_session(3), SSL_session_reused(3)
SSL_CTX_sess_number(3), SSL_CTX_sess_set_cache_size(3),
SSL_CTX_sess_set_get_cb(3), SSL_CTX_set_session_id_context(3),
SSL_CTX_set_timeout(3), SSL_CTX_flush_sessions(3)
|
Index for
Section 3 |
|
|
Alphabetical
listing for S |
|
 |
Top of
page |
|