Home | History | Annotate | Line # | Download | only in man 
 $NetBSD: SSL_clear.3,v 1.5 2026/04/08 17:06:48 christos Exp $

 -*- mode: troff; coding: utf-8 -*-
 Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45)

 Standard preamble:
 ========================================================================
..

..


..
 \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` ""
. ds C' ""
'br\}
. ds C`
. ds C'
'br\}

 Escape single quotes in literal strings from groff's Unicode transform.

 If the F register is >0, we'll generate index entries on stderr for
 titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 entries marked with X<> in POD. Of course, you'll have to process the
 output yourself in some meaningful fashion.

 Avoid warning from groff about undefined register 'F'.
..
.nr rF 0
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF

 Required to disable full justification in groff 1.23.0.
 ========================================================================

 Title "SSL_clear 3" 
 SSL_clear 3 2026-04-07 3.5.6 OpenSSL
 For nroff, turn off justification. Always turn off hyphenation; it makes
 way too many mistakes in technical documents.
.nh

 NAME
SSL_clear - reset SSL object to allow another connection

 SYNOPSIS
 Header "SYNOPSIS" .Vb 1
 #include <openssl/ssl.h>
\&
 int SSL_clear(SSL *ssl);
.Ve

 DESCRIPTION
 Header "DESCRIPTION" Reset ssl to allow another connection. All settings (method, ciphers,
BIOs) are kept.

 NOTES
 Header "NOTES" SSL_clear is used to prepare an SSL object for a new connection. While all
settings are kept, a side effect is the handling of the current SSL session.
If a session is still open, it is considered bad and will be removed
from the session cache, as required by RFC2246. A session is considered open,
if SSL_shutdown\|(3) was not called for the connection
or at least SSL_set_shutdown\|(3) was used to
set the SSL_SENT_SHUTDOWN state.


If a session was closed cleanly, the session object will be kept and all
settings corresponding. This explicitly means, that e.g. the special method
used during the session will be kept for the next handshake. So if the
session was a TLSv1 session, an SSL client object will use a TLSv1 client
method for the next handshake and an SSL server object will use a TLSv1
server method, even if TLS_*_methods were chosen on startup. This
will might lead to connection failures (see SSL_new\|(3))
for a description of the method\*(Aqs properties.


This function is not supported on QUIC SSL objects and returns failure if called
on such an object.

 WARNINGS
 Header "WARNINGS" \fBSSL_clear() resets the SSL object to allow for another connection. The
reset operation however keeps several settings of the last sessions
(some of these settings were made automatically during the last
handshake). It only makes sense for a new connection with the exact
same peer that shares these settings, and may fail if that peer
changes its settings between connections. Use the sequence
\fBSSL_get_session\|(3);
\fBSSL_new\|(3);
\fBSSL_set_session\|(3);
\fBSSL_free\|(3)
instead to avoid such failures
(or simply SSL_free\|(3); SSL_new\|(3)
if session reuse is not desired).

 "RETURN VALUES"
 Header "RETURN VALUES" The following return values can occur:

 0 4
The SSL_clear() operation could not be performed. Check the error stack to
find out the reason.

 1 4
 Item "1" The SSL_clear() operation was successful.


\fBSSL_new\|(3), SSL_free\|(3),
\fBSSL_shutdown\|(3), SSL_set_shutdown\|(3),
\fBSSL_CTX_set_options\|(3), ssl\|(7),
\fBSSL_CTX_set_client_cert_cb\|(3)

 COPYRIGHT
 Header "COPYRIGHT" Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.


Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.