mirror of
https://github.com/CloverHackyColor/CloverBootloader.git
synced 2024-11-25 11:55:28 +01:00
79 lines
2.5 KiB
Plaintext
79 lines
2.5 KiB
Plaintext
|
=pod
|
||
|
|
||
|
=head1 NAME
|
||
|
|
||
|
SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching
|
||
|
|
||
|
=head1 SYNOPSIS
|
||
|
|
||
|
#include <openssl/ssl.h>
|
||
|
|
||
|
long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
|
||
|
long SSL_CTX_get_timeout(SSL_CTX *ctx);
|
||
|
|
||
|
=head1 DESCRIPTION
|
||
|
|
||
|
SSL_CTX_set_timeout() sets the timeout for newly created sessions for
|
||
|
B<ctx> to B<t>. The timeout value B<t> must be given in seconds.
|
||
|
|
||
|
SSL_CTX_get_timeout() returns the currently set timeout value for B<ctx>.
|
||
|
|
||
|
=head1 NOTES
|
||
|
|
||
|
Whenever a new session is created, it is assigned a maximum lifetime. This
|
||
|
lifetime is specified by storing the creation time of the session and the
|
||
|
timeout value valid at this time. If the actual time is later than creation
|
||
|
time plus timeout, the session is not reused.
|
||
|
|
||
|
Due to this realization, all sessions behave according to the timeout value
|
||
|
valid at the time of the session negotiation. Changes of the timeout value
|
||
|
do not affect already established sessions.
|
||
|
|
||
|
The expiration time of a single session can be modified using the
|
||
|
L<SSL_SESSION_get_time(3)> family of functions.
|
||
|
|
||
|
Expired sessions are removed from the internal session cache, whenever
|
||
|
L<SSL_CTX_flush_sessions(3)> is called, either
|
||
|
directly by the application or automatically (see
|
||
|
L<SSL_CTX_set_session_cache_mode(3)>)
|
||
|
|
||
|
The default value for session timeout is decided on a per protocol
|
||
|
basis, see L<SSL_get_default_timeout(3)>.
|
||
|
All currently supported protocols have the same default timeout value
|
||
|
of 300 seconds.
|
||
|
|
||
|
This timeout value is used as the ticket lifetime hint for stateless session
|
||
|
tickets. It is also used as the timeout value within the ticket itself.
|
||
|
|
||
|
For TLSv1.3, RFC8446 limits transmission of this value to 1 week (604800
|
||
|
seconds).
|
||
|
|
||
|
For TLSv1.2, tickets generated during an initial handshake use the value
|
||
|
as specified. Tickets generated during a resumed handshake have a value
|
||
|
of 0 for the ticket lifetime hint.
|
||
|
|
||
|
=head1 RETURN VALUES
|
||
|
|
||
|
SSL_CTX_set_timeout() returns the previously set timeout value.
|
||
|
|
||
|
SSL_CTX_get_timeout() returns the currently set timeout value.
|
||
|
|
||
|
=head1 SEE ALSO
|
||
|
|
||
|
L<ssl(7)>,
|
||
|
L<SSL_CTX_set_session_cache_mode(3)>,
|
||
|
L<SSL_SESSION_get_time(3)>,
|
||
|
L<SSL_CTX_flush_sessions(3)>,
|
||
|
L<SSL_get_default_timeout(3)>
|
||
|
|
||
|
=head1 COPYRIGHT
|
||
|
|
||
|
Copyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved.
|
||
|
|
||
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
||
|
this file except in compliance with the License. You can obtain a copy
|
||
|
in the file LICENSE in the source distribution or at
|
||
|
L<https://www.openssl.org/source/license.html>.
|
||
|
|
||
|
=cut
|