SSL_SESSION Structure

If both a Table of Contents and Search form are not displayed in separate frames along with this one, you may wish to redisplay this book in a frameset, beginning with the first page.

HP Open Source Security for OpenVMS Volume 2:...

Data Structures and Header Files

SSL_METHOD Structure

SSL_CIPHER Structure

SSL_SESSION Structure

The SSL_SESSION structure is defined in ssl.h.

/* Lets make this into an ASN.1 type structure as follows
* SSL_SESSION_ID ::= SEQUENCE {
*	version 		INTEGER,	-- structure version number
*	SSLversion 		INTEGER,	-- SSL version number
*	Cipher 			OCTET_STRING,	-- the 3 byte cipher ID
*	Session_ID 		OCTET_STRING,	-- the Session ID
*	Master_key 		OCTET_STRING,	-- the master key
*	Key_Arg [ 0 ] IMPLICIT	OCTET_STRING,	-- the optional Key argument
*	Time [ 1 ] EXPLICIT	INTEGER,	-- optional Start Time
*	Timeout [ 2 ] EXPLICIT	INTEGER,	-- optional Timeout ins seconds
*	Peer [ 3 ] EXPLICIT	X509,		-- optional Peer Certificate
*	Session_ID_context [ 4 ] EXPLICIT OCTET_STRING,   -- the Session ID context
*	Verify_result [ 5 ] EXPLICIT INTEGER    -- X509_V_... code for `Peer'
*	Compression [6] IMPLICIT ASN1_OBJECT	-- compression OID XXXXX
*	}
* Look in ssl/ssl_asn1.c for more details
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
*/
 
typedef struct ssl_session_st
 
{
	int ssl_version;	/* what ssl version session info is
				 * being kept in here? */
 
	/* only really used in SSLv2 */
 
	unsigned int key_arg_length;
	unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
	int master_key_length;
	unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
 
/* session_id - valid? */
 
	unsigned int session_id_length;
	unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
 
	/* this is used to determine whether the session is being reused in
	 * the appropriate context. It is up to the application to set this,
	 * via SSL_new */
 
	unsigned int sid_ctx_length;
	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
	int not_resumable;
 
	/* The cert is the certificate used to establish this connection */
 
	struct sess_cert_st /* SESS_CERT */ *sess_cert;
 
	/* This is the cert for the other end.
	 * On clients, it will be the same as sess_cert->peer_key->x509
	 * (the latter is not enough as sess_cert is not retained
	 * in the external representation of sessions, see ssl_asn1.c). */
 
	X509 *peer;
 
	/* when app_verify_callback accepts a session where the peer's certificate
	 * is not ok, we must remember the error for session reuse: */
 
	long verify_result; /* only for servers */
 
	int references;
	long timeout;
	long time;
	int compress_meth;		/* Need to lookup the method */
 
	SSL_CIPHER *cipher;
 
	unsigned long cipher_id;	/* when ASN.1 loaded, this
 
					 * needs to be used to load
					 * the 'cipher' structure */
 
	STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
	CRYPTO_EX_DATA ex_data; /* application specific data */
 
	/* These are used to make removal of session-ids more
	 * efficient and to implement a maximum cache size. */
 
	struct ssl_session_st *prev,*next;
 
} SSL_SESSION;

SSL_METHOD Structure

SSL_CIPHER Structure