NAME
SSL_CTX_set_session_id_context, SSL_set_session_id_context — set context within which session can be reused (server side only)SYNOPSIS
#include <openssl/ssl.h>SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
DESCRIPTION
SSL_CTX_set_session_id_context() sets the context sid_ctx of length sid_ctx_len within which a session can be reused for the ctx object.NOTES
Sessions are generated within a certain context. When exporting/importing sessions with i2d_SSL_SESSION(3) and d2i_SSL_SESSION(3), it would be possible to re-import a session generated from another context (e.g., another application), which might lead to malfunctions. Therefore each application must set its own session id context sid_ctx which is used to distinguish the contexts and is stored in exported sessions. The sid_ctx can be any kind of binary data with a given length; it is therefore possible to use, for instance, the name of the application, the hostname, the service name...WARNINGS
If the session id context is not set on an SSL/TLS server and client certificates are used, stored sessions will not be reused but a fatal error will be flagged and the handshake will fail.RETURN VALUES
SSL_CTX_set_session_id_context() and SSL_set_session_id_context() return the following values:- 0
- The length sid_ctx_len of the session id context sid_ctx exceeded the maximum allowed length of SSL_MAX_SSL_SESSION_ID_LENGTH. The error is logged to the error stack.
- 1
- The operation succeeded.