Ubuntu Manpage: SSL_clear - reset SSL object to allow another connection

Provided by: libssl-doc_3.0.13-0ubuntu3.5_all

NAME

       SSL_clear - reset SSL object to allow another connection

SYNOPSIS

        #include <openssl/ssl.h>

        int SSL_clear(SSL *ssl);

DESCRIPTION

       Reset ssl to allow another connection. All settings (method, ciphers, BIOs) are kept.

NOTES

       SSL_clear is used to prepare an SSL object for a new connection. While all settings are kept, a side
       effect is the handling of the current SSL session.  If a session is still open, it is considered bad and
       will be removed from the session cache, as required by RFC2246. A session is considered open, if
       SSL_shutdown(3) was not called for the connection or at least SSL_set_shutdown(3) was used to set the
       SSL_SENT_SHUTDOWN state.

       If a session was closed cleanly, the session object will be kept and all settings corresponding. This
       explicitly means, that e.g. the special method used during the session will be kept for the next
       handshake. So if the session was a TLSv1 session, a SSL client object will use a TLSv1 client method for
       the next handshake and a SSL server object will use a TLSv1 server method, even if TLS_*_methods were
       chosen on startup. This will might lead to connection failures (see SSL_new(3)) for a description of the
       method's properties.

WARNINGS

       SSL_clear() resets the SSL object to allow for another connection. The reset operation however keeps
       several settings of the last sessions (some of these settings were made automatically during the last
       handshake). It only makes sense for a new connection with the exact same peer that shares these settings,
       and may fail if that peer changes its settings between connections. Use the sequence SSL_get_session(3);
       SSL_new(3); SSL_set_session(3); SSL_free(3) instead to avoid such failures (or simply SSL_free(3);
       SSL_new(3) if session reuse is not desired).

RETURN VALUES

       The following return values can occur:

       0   The SSL_clear() operation could not be performed. Check the error stack to find out the reason.

       1   The SSL_clear() operation was successful.

       SSL_new(3), SSL_free(3), SSL_shutdown(3), SSL_set_shutdown(3), SSL_CTX_set_options(3), ssl(7),
       SSL_CTX_set_client_cert_cb(3)

COPYRIGHT

       Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use this file except in compliance
       with the License.  You can obtain a copy in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.