mirror of
https://github.com/openssl/openssl.git
synced 2025-01-12 13:36:28 +08:00
da1c088f59
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
87 lines
3.0 KiB
Plaintext
87 lines
3.0 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
SSL_free - free an allocated SSL structure
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
void SSL_free(SSL *ssl);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
SSL_free() decrements the reference count of B<ssl>, and removes the SSL
|
|
structure pointed to by B<ssl> and frees up the allocated memory if the
|
|
reference count has reached 0.
|
|
If B<ssl> is NULL nothing is done.
|
|
|
|
=head1 NOTES
|
|
|
|
SSL_free() also calls the free()ing procedures for indirectly affected items, if
|
|
applicable: the buffering BIO, the read and write BIOs,
|
|
cipher lists specially created for this B<ssl>, the B<SSL_SESSION>.
|
|
Do not explicitly free these indirectly freed up items before or after
|
|
calling SSL_free(), as trying to free things twice may lead to program
|
|
failure.
|
|
|
|
The ssl session has reference counts from two users: the SSL object, for
|
|
which the reference count is removed by SSL_free() and the internal
|
|
session cache. If the session is considered bad, because
|
|
L<SSL_shutdown(3)> was not called for the connection
|
|
and L<SSL_set_shutdown(3)> was not used to set the
|
|
SSL_SENT_SHUTDOWN state, the session will also be removed
|
|
from the session cache as required by RFC2246.
|
|
|
|
When used to free a QUIC stream SSL object, the respective sending and receiving
|
|
parts of the stream are reset unless those parts have already been concluded
|
|
normally:
|
|
|
|
=over 4
|
|
|
|
=item
|
|
|
|
If the stream has a sending part (in other words, if it is bidirectional or a
|
|
locally-initiated unidirectional stream) and that part has not been concluded
|
|
via a call to L<SSL_stream_conclude(3)> or L<SSL_stream_reset(3)> on the QUIC
|
|
stream SSL object, a call to SSL_free() automatically resets the sending part of
|
|
the stream as though L<SSL_stream_reset(3)> were called with a QUIC application
|
|
error code of 0.
|
|
|
|
=item
|
|
|
|
If the stream has a receiving part (in other words, if it is bidirectional or a
|
|
remotely-initiated unidirectional stream), and the peer has not yet concluded
|
|
that part of the stream normally (such as via a call to
|
|
L<SSL_stream_conclude(3)> on its own end), a call to SSL_free() automatically
|
|
requests the reset of the receiving part of the stream using a QUIC STOP_SENDING
|
|
frame with a QUIC application error code of 0. Note that as per the QUIC
|
|
protocol, this will automatically cause the peer to reset that part of the
|
|
stream in turn (which is its sending part).
|
|
|
|
=back
|
|
|
|
A QUIC stream SSL object maintains a reference to a QUIC connection SSL object
|
|
internally, therefore a QUIC stream SSL object and its parent QUIC connection
|
|
SSL object can be freed in either order.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
SSL_free() does not provide diagnostic information.
|
|
|
|
L<SSL_new(3)>, L<SSL_clear(3)>,
|
|
L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
|
|
L<ssl(7)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|