diff options
author | simon <simon@FreeBSD.org> | 2006-07-29 19:41:41 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2006-07-29 19:41:41 +0000 |
commit | 018ef6efe1e20b420eaa3afdaa37b0abeba93a1a (patch) | |
tree | e9b6155f49a3b6073b95b808e1e0a1ec5489a21f /secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 | |
parent | 152e76d1d1dcc649357b52f30943345b06aa162c (diff) | |
download | FreeBSD-src-018ef6efe1e20b420eaa3afdaa37b0abeba93a1a.zip FreeBSD-src-018ef6efe1e20b420eaa3afdaa37b0abeba93a1a.tar.gz |
Upgrade to OpenSSL 0.9.8b.
Diffstat (limited to 'secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3')
-rw-r--r-- | secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 | 81 |
1 files changed, 36 insertions, 45 deletions
diff --git a/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 b/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 index a9ceab5..39e7475 100644 --- a/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 +++ b/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 @@ -1,8 +1,7 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:42 2003 +.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 .\" .\" Standard preamble: -.\" ====================================================================== +.\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp @@ -15,12 +14,6 @@ .if t .sp .5v .if n .sp .. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. .de Vb \" Begin verbatim text .ft CW .nf @@ -28,15 +21,14 @@ .. .de Ve \" End verbatim text .ft R - .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> +.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to +.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' +.\" expand to `' in nroff, nothing in troff, for use with C<>. .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ @@ -56,10 +48,10 @@ . ds R" '' 'br\} .\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. +.\" If the F register is turned on, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" @@ -68,14 +60,13 @@ . rr F .\} .\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 @@ -135,11 +126,10 @@ . ds Ae AE .\} .rm #[ #] #H #V #F C -.\" ====================================================================== +.\" ======================================================================== .\" .IX Title "SSL_CTX_set_session_cache_mode 3" -.TH SSL_CTX_set_session_cache_mode 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC +.TH SSL_CTX_set_session_cache_mode 3 "2006-07-29" "0.9.8b" "OpenSSL" .SH "NAME" SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode \- enable/disable session caching .SH "SYNOPSIS" @@ -147,6 +137,7 @@ SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode \- enable/disable .Vb 1 \& #include <openssl/ssl.h> .Ve +.PP .Vb 2 \& long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode); \& long SSL_CTX_get_session_cache_mode(SSL_CTX ctx); @@ -176,40 +167,40 @@ the external storage if available. .PP Since a client may try to reuse a session intended for use in a different context, the session id context must be set by the server (see -SSL_CTX_set_session_id_context(3)). +\&\fISSL_CTX_set_session_id_context\fR\|(3)). .PP The following session cache modes and modifiers are available: -.Ip "\s-1SSL_SESS_CACHE_OFF\s0" 4 +.IP "\s-1SSL_SESS_CACHE_OFF\s0" 4 .IX Item "SSL_SESS_CACHE_OFF" No session caching for client or server takes place. -.Ip "\s-1SSL_SESS_CACHE_CLIENT\s0" 4 +.IP "\s-1SSL_SESS_CACHE_CLIENT\s0" 4 .IX Item "SSL_SESS_CACHE_CLIENT" Client sessions are added to the session cache. As there is no reliable way for the OpenSSL library to know whether a session should be reused or which session to choose (due to the abstract \s-1BIO\s0 layer the \s-1SSL\s0 engine does not have details about the connection), the application must select the session -to be reused by using the SSL_set_session(3) +to be reused by using the \fISSL_set_session\fR\|(3) function. This option is not activated by default. -.Ip "\s-1SSL_SESS_CACHE_SERVER\s0" 4 +.IP "\s-1SSL_SESS_CACHE_SERVER\s0" 4 .IX Item "SSL_SESS_CACHE_SERVER" Server sessions are added to the session cache. When a client proposes a session to be reused, the server looks for the corresponding session in (first) the internal session cache (unless \s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0 is set), then (second) in the external cache if available. If the session is found, the server will try to reuse the session. This is the default. -.Ip "\s-1SSL_SESS_CACHE_BOTH\s0" 4 +.IP "\s-1SSL_SESS_CACHE_BOTH\s0" 4 .IX Item "SSL_SESS_CACHE_BOTH" Enable both \s-1SSL_SESS_CACHE_CLIENT\s0 and \s-1SSL_SESS_CACHE_SERVER\s0 at the same time. -.Ip "\s-1SSL_SESS_CACHE_NO_AUTO_CLEAR\s0" 4 +.IP "\s-1SSL_SESS_CACHE_NO_AUTO_CLEAR\s0" 4 .IX Item "SSL_SESS_CACHE_NO_AUTO_CLEAR" Normally the session cache is checked for expired sessions every 255 connections using the -SSL_CTX_flush_sessions(3) function. Since +\&\fISSL_CTX_flush_sessions\fR\|(3) function. Since this may lead to a delay which cannot be controlled, the automatic flushing may be disabled and -SSL_CTX_flush_sessions(3) can be called +\&\fISSL_CTX_flush_sessions\fR\|(3) can be called explicitly by the application. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0" 4 +.IP "\s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0" 4 .IX Item "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" By setting this flag, session-resume operations in an \s-1SSL/TLS\s0 server will not automatically look up sessions in the internal cache, even if sessions are @@ -217,19 +208,19 @@ automatically stored there. If external session caching callbacks are in use, this flag guarantees that all lookups are directed to the external cache. As automatic lookup only applies for \s-1SSL/TLS\s0 servers, the flag has no effect on clients. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0" 4 +.IP "\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0" 4 .IX Item "SSL_SESS_CACHE_NO_INTERNAL_STORE" Depending on the presence of \s-1SSL_SESS_CACHE_CLIENT\s0 and/or \s-1SSL_SESS_CACHE_SERVER\s0, sessions negotiated in an \s-1SSL/TLS\s0 handshake may be cached for possible reuse. Normally a new session is added to the internal cache as well as any external session caching (callback) that is configured for the \s-1SSL_CTX\s0. This flag will prevent sessions being stored in the internal cache (though the application can -add them manually using SSL_CTX_add_session(3)). Note: +add them manually using \fISSL_CTX_add_session\fR\|(3)). Note: in any \s-1SSL/TLS\s0 servers where external caching is configured, any successful session lookups in the external cache (ie. for session-resume requests) would normally be copied into the local cache before processing continues \- this flag prevents these additions to the internal cache as well. -.Ip "\s-1SSL_SESS_CACHE_NO_INTERNAL\s0" 4 +.IP "\s-1SSL_SESS_CACHE_NO_INTERNAL\s0" 4 .IX Item "SSL_SESS_CACHE_NO_INTERNAL" Enable both \s-1SSL_SESS_CACHE_NO_INTERNAL_LOOKUP\s0 and \&\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0 at the same time. @@ -242,15 +233,15 @@ The default mode is \s-1SSL_SESS_CACHE_SERVER\s0. \&\fISSL_CTX_get_session_cache_mode()\fR returns the currently set cache mode. .SH "SEE ALSO" .IX Header "SEE ALSO" -ssl(3), SSL_set_session(3), -SSL_session_reused(3), -SSL_CTX_add_session(3), -SSL_CTX_sess_number(3), -SSL_CTX_sess_set_cache_size(3), -SSL_CTX_sess_set_get_cb(3), -SSL_CTX_set_session_id_context(3), -SSL_CTX_set_timeout(3), -SSL_CTX_flush_sessions(3) +\&\fIssl\fR\|(3), \fISSL_set_session\fR\|(3), +\&\fISSL_session_reused\fR\|(3), +\&\fISSL_CTX_add_session\fR\|(3), +\&\fISSL_CTX_sess_number\fR\|(3), +\&\fISSL_CTX_sess_set_cache_size\fR\|(3), +\&\fISSL_CTX_sess_set_get_cb\fR\|(3), +\&\fISSL_CTX_set_session_id_context\fR\|(3), +\&\fISSL_CTX_set_timeout\fR\|(3), +\&\fISSL_CTX_flush_sessions\fR\|(3) .SH "HISTORY" .IX Header "HISTORY" \&\s-1SSL_SESS_CACHE_NO_INTERNAL_STORE\s0 and \s-1SSL_SESS_CACHE_NO_INTERNAL\s0 |