logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

tls_config_set_session_fd, tls_config_set_session_id, tls_config_set_session_lifetime,

Authors

       Claudio Jeker <claudio@openbsd.org>
       Joel Sing <jsing@openbsd.org>

Debian                                          February 10, 2018                   TLS_CONFIG_SET_SESSION_ID(3)

Description

tls_config_set_session_fd() sets a file descriptor to be used to manage data  for  TLS  sessions  (client
       only).   The  given  file  descriptor  must  be  a  regular  file  and be owned by the current user, with
       permissions being restricted to only allow the owner to read and write the file (0600).  If the file  has
       a  non-zero  length,  the client will attempt to read session data from this file and resume the previous
       TLS session with the server.  Upon a successful handshake the file will be updated with  current  session
       data,  if  available.  The caller is responsible for closing this file descriptor, after all TLS contexts
       that have been configured to use it have been freed via tls_free().

       tls_config_set_session_id() sets the session identifier that will be used by the TLS server when sessions
       are enabled (server only).  By default a random value is used.

       tls_config_set_session_lifetime() sets the lifetime to be used for TLS sessions (server  only).   Session
       support is disabled if a lifetime of zero is specified, which is the default.

       tls_config_add_ticket_key()  adds a key used for the encryption and authentication of TLS tickets (server
       only).  By default keys are generated and rotated automatically based on their lifetime.   This  function
       should  only  be  used to synchronise ticket encryption key across multiple processes.  Re-adding a known
       key will result in an error, unless it is the most recently added key.

History

tls_config_set_session_id(), tls_config_set_session_lifetime() and  tls_config_add_ticket_key()  appeared
       in OpenBSD 6.1.

       tls_config_set_session_fd() appeared in OpenBSD 6.3.

Name

       tls_config_set_session_fd,           tls_config_set_session_id,          tls_config_set_session_lifetime,
       tls_config_add_ticket_key — configure resuming of TLS handshakes

Return Values

       These functions return 0 on success or -1 on error.

See Also

tls_accept_socket(3), tls_config_set_protocols(3), tls_init(3), tls_load_file(3), tls_server(3)

Synopsis

#include<tls.h>inttls_config_set_session_fd(structtls_config*config, intsession_fd);

       inttls_config_set_session_id(structtls_config*config, constunsignedchar*session_id, size_tlen);

       inttls_config_set_session_lifetime(structtls_config*config, intlifetime);

       inttls_config_add_ticket_key(structtls_config*config, uint32_tkeyrev, unsignedchar*key, size_tkeylen);

See Also