FreeBSD Manual Pages
TLS_CONFIG_SET_SESSION_I(3) Library Functions ManuaTLS_CONFIG_SET_SESSION_I(3) NAME tls_config_set_session_fd, tls_config_set_session_id, tls_config_set_session_lifetime, tls_config_add_ticket_key -- configure resuming of TLS handshakes SYNOPSIS #include <tls.h> int tls_config_set_session_fd(struct tls_config *config, int session_fd); int tls_config_set_session_id(struct tls_config *config, const unsigned char *session_id, size_t len); int tls_config_set_session_lifetime(struct tls_config *config, int lifetime); int tls_config_add_ticket_key(struct tls_config *config, uint32_t keyrev, unsigned char *key, size_t keylen); DESCRIPTION tls_config_set_session_fd() sets a file descriptor to be used to manage data for TLS sessions (client only). The given file descriptor must be a regular file and be owned by the current user, with permissions being restricted to only allow the owner to read and write the file (0600). If the file has a non-zero length, the client will attempt to read ses- sion data from this file and resume the previous TLS session with the server. Upon a successful handshake the file will be updated with cur- rent session data, if available. The caller is responsible for closing this file descriptor, after all TLS contexts that have been configured to use it have been freed via tls_free(). tls_config_set_session_id() sets the session identifier that will be used by the TLS server when sessions are enabled (server only). By de- fault a random value is used. tls_config_set_session_lifetime() sets the lifetime to be used for TLS sessions (server only). Session support is disabled if a lifetime of zero is specified, which is the default. tls_config_add_ticket_key() adds a key used for the encryption and au- thentication of TLS tickets (server only). By default keys are gener- ated and rotated automatically based on their lifetime. This function should only be used to synchronise ticket encryption key across multi- ple processes. Re-adding a known key will result in an error, unless it is the most recently added key. RETURN VALUES These functions return 0 on success or -1 on error. SEE ALSO tls_accept_socket(3), tls_config_set_protocols(3), tls_init(3), tls_load_file(3), tls_server(3) HISTORY tls_config_set_session_id(), tls_config_set_session_lifetime() and tls_config_add_ticket_key() appeared in OpenBSD 6.1. tls_config_set_session_fd() appeared in OpenBSD 6.3. AUTHORS Claudio Jeker <claudio@openbsd.org> Joel Sing <jsing@openbsd.org> FreeBSD Ports 14.quarterly February 10, 2018 TLS_CONFIG_SET_SESSION_ID(3)
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | HISTORY | AUTHORS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tls_config_set_session_id&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>