summaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3')
-rw-r--r--secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.340
1 files changed, 22 insertions, 18 deletions
diff --git a/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3 b/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3
index 2d015ae123853..6abe0346164e2 100644
--- a/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3
+++ b/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -54,16 +54,20 @@
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
-.if !\nF .nr F 0
-.if \nF>0 \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{\
+. if \nF \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
..
-. if !\nF==2 \{\
-. nr % 0
-. nr F 2
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
. \}
.\}
+.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -129,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "SSL_CTX_SET_GENERATE_SESSION_ID 3"
-.TH SSL_CTX_SET_GENERATE_SESSION_ID 3 "2018-11-20" "1.1.1a" "OpenSSL"
+.TH SSL_CTX_SET_GENERATE_SESSION_ID 3 "2019-02-26" "1.1.1b" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -151,13 +155,13 @@ SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_s
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
-\&\fISSL_CTX_set_generate_session_id()\fR sets the callback function for generating
+\&\fBSSL_CTX_set_generate_session_id()\fR sets the callback function for generating
new session ids for \s-1SSL/TLS\s0 sessions for \fBctx\fR to be \fBcb\fR.
.PP
-\&\fISSL_set_generate_session_id()\fR sets the callback function for generating
+\&\fBSSL_set_generate_session_id()\fR sets the callback function for generating
new session ids for \s-1SSL/TLS\s0 sessions for \fBssl\fR to be \fBcb\fR.
.PP
-\&\fISSL_has_matching_session_id()\fR checks, whether a session with id \fBid\fR
+\&\fBSSL_has_matching_session_id()\fR checks, whether a session with id \fBid\fR
(of length \fBid_len\fR) is already contained in the internal session cache
of the parent context of \fBssl\fR.
.SH "NOTES"
@@ -190,7 +194,7 @@ Since the sessions must be distinguished, session ids must be unique.
Without the callback a random number is used, so that the probability
of generating the same session id is extremely small (2^256 for SSLv3/TLSv1).
In order to assure the uniqueness of the generated session id, the callback must call
-\&\fISSL_has_matching_session_id()\fR and generate another id if a conflict occurs.
+\&\fBSSL_has_matching_session_id()\fR and generate another id if a conflict occurs.
If an id conflict is not resolved, the handshake will fail.
If the application codes e.g. a unique host id, a unique process number, and
a unique sequence number into the session id, uniqueness could easily be
@@ -200,13 +204,13 @@ guarantee uniqueness, it is recommended to use the maximum \fBid_len\fR and
fill in the bytes not used to code special information with random data
to avoid collisions.
.PP
-\&\fISSL_has_matching_session_id()\fR will only query the internal session cache,
+\&\fBSSL_has_matching_session_id()\fR will only query the internal session cache,
not the external one. Since the session id is generated before the
handshake is completed, it is not immediately added to the cache. If
another thread is using the same internal session cache, a race condition
can occur in that another thread generates the same session id.
Collisions can also occur when using an external session cache, since
-the external cache is not tested with \fISSL_has_matching_session_id()\fR
+the external cache is not tested with \fBSSL_has_matching_session_id()\fR
and the same race condition applies.
.PP
The callback must return 0 if it cannot generate a session id for whatever
@@ -245,14 +249,14 @@ server id given, and will fill the rest with pseudo random bytes:
.Ve
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
-\&\fISSL_CTX_set_generate_session_id()\fR and \fISSL_set_generate_session_id()\fR
+\&\fBSSL_CTX_set_generate_session_id()\fR and \fBSSL_set_generate_session_id()\fR
always return 1.
.PP
-\&\fISSL_has_matching_session_id()\fR returns 1 if another session with the
+\&\fBSSL_has_matching_session_id()\fR returns 1 if another session with the
same id is already in the cache.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIssl\fR\|(7), \fISSL_get_version\fR\|(3)
+\&\fBssl\fR\|(7), \fBSSL_get_version\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2001\-2016 The OpenSSL Project Authors. All Rights Reserved.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 17:08:58 +0000