SSL_SESSION_free.3ssl - Man Page
create, free and manage SSL_SESSION structures
Synopsis
#include <openssl/ssl.h> SSL_SESSION *SSL_SESSION_new(void); SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *src); int SSL_SESSION_up_ref(SSL_SESSION *ses); void SSL_SESSION_free(SSL_SESSION *session);
Description
SSL_SESSION_new() creates a new SSL_SESSION structure and returns a pointer to it.
SSL_SESSION_dup() copies the contents of the SSL_SESSION structure in src and returns a pointer to it.
SSL_SESSION_up_ref() increments the reference count on the given SSL_SESSION structure.
SSL_SESSION_free() decrements the reference count of session and removes the SSL_SESSION structure pointed to by session and frees up the allocated memory, if the reference count has reached 0. If session is NULL nothing is done.
Notes
SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see SSL_CTX_set_session_cache_mode(3), the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a SSL_CTX_flush_sessions(3) operation.
SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see SSL_get_session(3)) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using d2i_SSL_SESSION(3). It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.
Return Values
SSL_SESSION_new returns a pointer to the newly allocated SSL_SESSION structure or NULL on error.
SSL_SESSION_up_ref returns 1 on success or 0 on error.
See Also
ssl(7), SSL_get_session(3), SSL_CTX_set_session_cache_mode(3), SSL_CTX_flush_sessions(3), d2i_SSL_SESSION(3)
History
The SSL_SESSION_dup() function was added in OpenSSL 1.1.1.
Copyright
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
Referenced By
d2i_SSL_SESSION.3ssl(3), SSL_CTX_add_session.3ssl(3), SSL_CTX_sess_set_get_cb.3ssl(3), SSL_get_session.3ssl(3), SSL_SESSION_get0_cipher.3ssl(3), SSL_SESSION_get0_hostname.3ssl(3), SSL_SESSION_has_ticket.3ssl(3), SSL_set_session.3ssl(3).
The man pages SSL_SESSION_dup.3ssl(3), SSL_SESSION_new.3ssl(3) and SSL_SESSION_up_ref.3ssl(3) are aliases of SSL_SESSION_free.3ssl(3).