NAME

SSL_SESSION_free - free an allocated SSL_SESSION structure


SYNOPSIS

 #include <openssl/ssl.h>
 void SSL_SESSION_free(SSL_SESSION *session);


DESCRIPTION

SSL_SESSION_free() decrements the reference count of session and removes the SSL_SESSION structure pointed to by session and frees up the allocated memory, if the reference count has reached 0.


NOTES

SSL_SESSION objects are allocated, when a TLS/SSL handshake operation is successfully completed. Depending on the settings, see SSL_CTX_set_session_cache_mode, the SSL_SESSION objects are internally referenced by the SSL_CTX and linked into its session cache. SSL objects may be using the SSL_SESSION object; as a session may be reused, several SSL objects may be using one SSL_SESSION object at the same time. It is therefore crucial to keep the reference count (usage information) correct and not delete a SSL_SESSION object that is still used, as this may lead to program failures due to dangling pointers. These failures may also appear delayed, e.g. when an SSL_SESSION object was completely freed as the reference count incorrectly became 0, but it is still referenced in the internal session cache and the cache list is processed during a SSL_CTX_flush_sessions operation.

SSL_SESSION_free() must only be called for SSL_SESSION objects, for which the reference count was explicitly incremented (e.g. by calling SSL_get1_session(), see SSL_get_session) or when the SSL_SESSION object was generated outside a TLS handshake operation, e.g. by using d2i_SSL_SESSION. It must not be called on other SSL_SESSION objects, as this would cause incorrect reference counts and therefore program failures.


RETURN VALUES

SSL_SESSION_free() does not provide diagnostic information.


SEE ALSO

ssl, SSL_get_session, SSL_CTX_set_session_cache_mode, SSL_CTX_flush_sessions, d2i_SSL_SESSION