openssl/doc/man3/SSL_clear.pod

=pod

=head1 NAME

SSL_clear - reset SSL object to allow another connection

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_clear(SSL *ssl);

=head1 DESCRIPTION

Reset B<ssl> to allow another connection. All settings (method, ciphers,
BIOs) are kept.

=head1 NOTES

SSL_clear is used to prepare an SSL object for a new connection. While all
settings are kept, a side effect is the handling of the current SSL session.
If a session is still B<open>, it is considered bad and will be removed
from the session cache, as required by RFC2246. A session is considered open,
if L<SSL_shutdown(3)> was not called for the connection
or at least L<SSL_set_shutdown(3)> was used to
set the SSL_SENT_SHUTDOWN state.

If a session was closed cleanly, the session object will be kept and all
settings corresponding. This explicitly means, that e.g. the special method
used during the session will be kept for the next handshake. So if the
session was a TLSv1 session, a SSL client object will use a TLSv1 client
method for the next handshake and a SSL server object will use a TLSv1
server method, even if TLS_*_methods were chosen on startup. This
will might lead to connection failures (see L<SSL_new(3)>)
for a description of the method's properties.

This function is not supported on QUIC SSL objects and returns failure if called
on such an object.

=head1 WARNINGS

SSL_clear() resets the SSL object to allow for another connection. The
reset operation however keeps several settings of the last sessions
(some of these settings were made automatically during the last
handshake). It only makes sense for a new connection with the exact
same peer that shares these settings, and may fail if that peer
changes its settings between connections. Use the sequence
L<SSL_get_session(3)>;
L<SSL_new(3)>;
L<SSL_set_session(3)>;
L<SSL_free(3)>
instead to avoid such failures
(or simply L<SSL_free(3)>; L<SSL_new(3)>
if session reuse is not desired).

=head1 RETURN VALUES

The following return values can occur:

=over 4

=item Z<>0

The SSL_clear() operation could not be performed. Check the error stack to
find out the reason.

=item Z<>1

The SSL_clear() operation was successful.

=back

L<SSL_new(3)>, L<SSL_free(3)>,
L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
L<SSL_CTX_set_options(3)>, L<ssl(7)>,
L<SSL_CTX_set_client_cert_cb(3)>

=head1 COPYRIGHT

Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00			`=pod`

			`=head1 NAME`

ispell and some other nit-picking 2000-09-16 23:39:28 +08:00			`SSL_clear - reset SSL object to allow another connection`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
			`=head1 SYNOPSIS`

			`#include <openssl/ssl.h>`

Type correction. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-20 07:11:42 +08:00			`int SSL_clear(SSL *ssl);`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
			`=head1 DESCRIPTION`

ispell and some other nit-picking 2000-09-16 23:39:28 +08:00			`Reset B<ssl> to allow another connection. All settings (method, ciphers,`
Finish first round of session cache documentation. 2001-02-13 22:00:09 +08:00			`BIOs) are kept.`

			`=head1 NOTES`

			`SSL_clear is used to prepare an SSL object for a new connection. While all`
			`settings are kept, a side effect is the handling of the current SSL session.`
			`If a session is still B<open>, it is considered bad and will be removed`
			`from the session cache, as required by RFC2246. A session is considered open,`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`if L<SSL_shutdown(3)> was not called for the connection`
			`or at least L<SSL_set_shutdown(3)> was used to`
Finish first round of session cache documentation. 2001-02-13 22:00:09 +08:00			`set the SSL_SENT_SHUTDOWN state.`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
SSL_clear != SSL_free/SSL_new 2002-02-27 16:08:57 +08:00			`If a session was closed cleanly, the session object will be kept and all`
			`settings corresponding. This explicitly means, that e.g. the special method`
			`used during the session will be kept for the next handshake. So if the`
			`session was a TLSv1 session, a SSL client object will use a TLSv1 client`
			`method for the next handshake and a SSL server object will use a TLSv1`
Version negotiation rewrite doc updates Update various documentation references to the new TLS_*_method names. Also add a CHANGES entry. Reviewed-by: Kurt Roeckx <kurt@openssl.org> 2015-03-31 21:29:53 +08:00			`server method, even if TLS_*_methods were chosen on startup. This`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`will might lead to connection failures (see L<SSL_new(3)>)`
SSL_clear != SSL_free/SSL_new 2002-02-27 16:08:57 +08:00			`for a description of the method's properties.`

Minor fixes Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20061) 2023-06-26 20:47:03 +08:00			`This function is not supported on QUIC SSL objects and returns failure if called`
			`on such an object.`
QUIC SSL: Block SSL_clear Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20061) 2023-01-16 23:36:42 +08:00
SSL_clear != SSL_free/SSL_new 2002-02-27 16:08:57 +08:00			`=head1 WARNINGS`

			`SSL_clear() resets the SSL object to allow for another connection. The`
			`reset operation however keeps several settings of the last sessions`
			`(some of these settings were made automatically during the last`
Clarify warning 2011-10-13 21:27:09 +08:00			`handshake). It only makes sense for a new connection with the exact`
			`same peer that shares these settings, and may fail if that peer`
			`changes its settings between connections. Use the sequence`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<SSL_get_session(3)>;`
			`L<SSL_new(3)>;`
			`L<SSL_set_session(3)>;`
			`L<SSL_free(3)>`
Clarify warning 2011-10-13 21:27:09 +08:00			`instead to avoid such failures`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`(or simply L<SSL_free(3)>; L<SSL_new(3)>`
Clarify warning 2011-10-13 21:27:09 +08:00			`if session reuse is not desired).`
SSL_clear != SSL_free/SSL_new 2002-02-27 16:08:57 +08:00
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00			`=head1 RETURN VALUES`

			`The following return values can occur:`

			`=over 4`

POD: Fix item numbering Newer pod2man considers =item [1-9] part of a numbered list, while =item 0 starts an unnumbered list. Add a zero effect formatting mark to override this. doc/apps/smime.pod around line 315: Expected text after =item, not a number ... PR#3146 2013-10-21 17:03:01 +08:00			`=item Z<>0`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
			`The SSL_clear() operation could not be performed. Check the error stack to`
			`find out the reason.`

POD: Fix item numbering Newer pod2man considers =item [1-9] part of a numbered list, while =item 0 starts an unnumbered list. Add a zero effect formatting mark to override this. doc/apps/smime.pod around line 315: Expected text after =item, not a number ... PR#3146 2013-10-21 17:03:01 +08:00			`=item Z<>1`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
ispell and some other nit-picking 2000-09-16 23:39:28 +08:00			`The SSL_clear() operation was successful.`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
			`=back`

Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<SSL_new(3)>, L<SSL_free(3)>,`
			`L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,`
Fix referenses in section 3 manuals Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900) 2016-11-11 16:33:09 +08:00			`L<SSL_CTX_set_options(3)>, L<ssl(7)>,`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<SSL_CTX_set_client_cert_cb(3)>`
Add a number of documentation files, mostly for SSL routines, but also for a few BIO routines. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> 2000-09-14 21:11:56 +08:00
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`=head1 COPYRIGHT`

Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes 2023-09-07 16:59:15 +08:00			`Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00
Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 21:04:44 +08:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`