SSL_clear - reset SSL object to allow another connection
int SSL_clear(SSL *ssl);
Reset ssl to allow another connection. All settings (method, ciphers,
BIOs) are kept.
SSL_clear is used to prepare an SSL object for a new connection. While all
settings are kept, a side effect is the handling of the current SSL session.
If a session is still open, it is considered bad and will be removed
from the session cache, as required by RFC2246. A session is considered open,
if SSL_shutdown(3) was not called for the connection or at least
SSL_set_shutdown(3) was used to set the SSL_SENT_SHUTDOWN state.
If a session was closed cleanly, the session object will be kept
and all settings corresponding. This explicitly means, that e.g. the special
method used during the session will be kept for the next handshake. So if
the session was a TLSv1 session, a SSL client object will use a TLSv1 client
method for the next handshake and a SSL server object will use a TLSv1
server method, even if TLS_*_methods were chosen on startup. This will might
lead to connection failures (see SSL_new(3)) for a description of the
SSL_clear() resets the SSL object to allow for another connection. The
reset operation however keeps several settings of the last sessions (some of
these settings were made automatically during the last handshake). It only
makes sense for a new connection with the exact same peer that shares these
settings, and may fail if that peer changes its settings between connections.
Use the sequence SSL_get_session(3); SSL_new(3);
SSL_set_session(3); SSL_free(3) instead to avoid such failures
(or simply SSL_free(3); SSL_new(3) if session reuse is not
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You
may not use this file except in compliance with the License. You can obtain
a copy in the file LICENSE in the source distribution or at