1=pod 2 3=head1 NAME 4 5SSL_clear - reset SSL object to allow another connection 6 7=head1 SYNOPSIS 8 9 #include <openssl/ssl.h> 10 11 int SSL_clear(SSL *ssl); 12 13=head1 DESCRIPTION 14 15Reset B<ssl> to allow another connection. All settings (method, ciphers, 16BIOs) are kept. 17 18=head1 NOTES 19 20SSL_clear is used to prepare an SSL object for a new connection. While all 21settings are kept, a side effect is the handling of the current SSL session. 22If a session is still B<open>, it is considered bad and will be removed 23from the session cache, as required by RFC2246. A session is considered open, 24if L<SSL_shutdown(3)> was not called for the connection 25or at least L<SSL_set_shutdown(3)> was used to 26set the SSL_SENT_SHUTDOWN state. 27 28If a session was closed cleanly, the session object will be kept and all 29settings corresponding. This explicitly means, that e.g. the special method 30used during the session will be kept for the next handshake. So if the 31session was a TLSv1 session, an SSL client object will use a TLSv1 client 32method for the next handshake and an SSL server object will use a TLSv1 33server method, even if TLS_*_methods were chosen on startup. This 34will might lead to connection failures (see L<SSL_new(3)>) 35for a description of the method's properties. 36 37This function is not supported on QUIC SSL objects and returns failure if called 38on such an object. 39 40=head1 WARNINGS 41 42SSL_clear() resets the SSL object to allow for another connection. The 43reset operation however keeps several settings of the last sessions 44(some of these settings were made automatically during the last 45handshake). It only makes sense for a new connection with the exact 46same peer that shares these settings, and may fail if that peer 47changes its settings between connections. Use the sequence 48L<SSL_get_session(3)>; 49L<SSL_new(3)>; 50L<SSL_set_session(3)>; 51L<SSL_free(3)> 52instead to avoid such failures 53(or simply L<SSL_free(3)>; L<SSL_new(3)> 54if session reuse is not desired). 55 56=head1 RETURN VALUES 57 58The following return values can occur: 59 60=over 4 61 62=item Z<>0 63 64The SSL_clear() operation could not be performed. Check the error stack to 65find out the reason. 66 67=item Z<>1 68 69The SSL_clear() operation was successful. 70 71=back 72 73L<SSL_new(3)>, L<SSL_free(3)>, 74L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>, 75L<SSL_CTX_set_options(3)>, L<ssl(7)>, 76L<SSL_CTX_set_client_cert_cb(3)> 77 78=head1 COPYRIGHT 79 80Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. 81 82Licensed under the Apache License 2.0 (the "License"). You may not use 83this file except in compliance with the License. You can obtain a copy 84in the file LICENSE in the source distribution or at 85L<https://www.openssl.org/source/license.html>. 86 87=cut 88
