Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libssl / man / SSL_CTX_set_session_id_context.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
e056f0e0
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
e056f0e0 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
e056f0e0 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
e056f0e0 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
e056f0e0
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
e056f0e0 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
e056f0e0
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
e056f0e0
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
984263bc 41'br\}
e056f0e0 42.\"
e257b235
PA
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
e056f0e0 47.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
e056f0e0
JR
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
e257b235 51.ie \nF \{\
e056f0e0
JR
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 54..
e056f0e0
JR
55. nr % 0
56. rr F
984263bc 57.\}
e257b235
PA
58.el \{\
59. de IX
60..
61.\}
aac4ff6f 62.\"
e056f0e0
JR
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
984263bc 66.if n \{\
e056f0e0
JR
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
984263bc
MD
72.\}
73.if t \{\
e056f0e0
JR
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
984263bc 79.\}
e056f0e0 80. \" simple accents for nroff and troff
984263bc 81.if n \{\
e056f0e0
JR
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
984263bc
MD
88.\}
89.if t \{\
e056f0e0
JR
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 96.\}
e056f0e0 97. \" troff and (daisy-wheel) nroff accents
984263bc
MD
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
e056f0e0 107. \" corrections for vroff
984263bc
MD
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
e056f0e0 110. \" for low resolution devices (crt and lpr)
984263bc
MD
111.if \n(.H>23 .if \n(.V>19 \
112\{\
e056f0e0
JR
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
984263bc
MD
122.\}
123.rm #[ #] #H #V #F C
e056f0e0
JR
124.\" ========================================================================
125.\"
126.IX Title "SSL_CTX_set_session_id_context 3"
e3261593 127.TH SSL_CTX_set_session_id_context 3 "2012-01-04" "1.0.0f" "OpenSSL"
e257b235
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
984263bc
MD
132.SH "NAME"
133SSL_CTX_set_session_id_context, SSL_set_session_id_context \- set context within which session can be reused (server side only)
134.SH "SYNOPSIS"
e056f0e0 135.IX Header "SYNOPSIS"
984263bc
MD
136.Vb 1
137\& #include <openssl/ssl.h>
e257b235 138\&
984263bc
MD
139\& int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
140\& unsigned int sid_ctx_len);
141\& int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
142\& unsigned int sid_ctx_len);
143.Ve
144.SH "DESCRIPTION"
e056f0e0
JR
145.IX Header "DESCRIPTION"
146\&\fISSL_CTX_set_session_id_context()\fR sets the context \fBsid_ctx\fR of length
147\&\fBsid_ctx_len\fR within which a session can be reused for the \fBctx\fR object.
984263bc 148.PP
e056f0e0
JR
149\&\fISSL_set_session_id_context()\fR sets the context \fBsid_ctx\fR of length
150\&\fBsid_ctx_len\fR within which a session can be reused for the \fBssl\fR object.
984263bc 151.SH "NOTES"
e056f0e0 152.IX Header "NOTES"
984263bc
MD
153Sessions are generated within a certain context. When exporting/importing
154sessions with \fBi2d_SSL_SESSION\fR/\fBd2i_SSL_SESSION\fR it would be possible,
155to re-import a session generated from another context (e.g. another
156application), which might lead to malfunctions. Therefore each application
157must set its own session id context \fBsid_ctx\fR which is used to distinguish
158the contexts and is stored in exported sessions. The \fBsid_ctx\fR can be
159any kind of binary data with a given length, it is therefore possible
160to use e.g. the name of the application and/or the hostname and/or service
161name ...
162.PP
163The session id context becomes part of the session. The session id context
e056f0e0
JR
164is set by the \s-1SSL/TLS\s0 server. The \fISSL_CTX_set_session_id_context()\fR and
165\&\fISSL_set_session_id_context()\fR functions are therefore only useful on the
984263bc
MD
166server side.
167.PP
168OpenSSL clients will check the session id context returned by the server
169when reusing a session.
170.PP
171The maximum length of the \fBsid_ctx\fR is limited to
e056f0e0 172\&\fB\s-1SSL_MAX_SSL_SESSION_ID_LENGTH\s0\fR.
984263bc 173.SH "WARNINGS"
e056f0e0
JR
174.IX Header "WARNINGS"
175If the session id context is not set on an \s-1SSL/TLS\s0 server and client
176certificates are used, stored sessions
984263bc
MD
177will not be reused but a fatal error will be flagged and the handshake
178will fail.
179.PP
180If a server returns a different session id context to an OpenSSL client
181when reusing a session, an error will be flagged and the handshake will
182fail. OpenSSL servers will always return the correct session id context,
183as an OpenSSL server checks the session id context itself before reusing
184a session as described above.
185.SH "RETURN VALUES"
e056f0e0
JR
186.IX Header "RETURN VALUES"
187\&\fISSL_CTX_set_session_id_context()\fR and \fISSL_set_session_id_context()\fR
984263bc 188return the following values:
e056f0e0 189.IP "0" 4
984263bc
MD
190The length \fBsid_ctx_len\fR of the session id context \fBsid_ctx\fR exceeded
191the maximum allowed length of \fB\s-1SSL_MAX_SSL_SESSION_ID_LENGTH\s0\fR. The error
192is logged to the error stack.
e056f0e0
JR
193.IP "1" 4
194.IX Item "1"
984263bc
MD
195The operation succeeded.
196.SH "SEE ALSO"
a7d27d5a 197.IX Header "SEE ALSO"
e056f0e0 198\&\fIssl\fR\|(3)