OWEALs
/
openssl
mirror de git://git.openssl.org/openssl.git


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586
							=pod

=head1 NAME

SSL_free - free an allocated SSL structure

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 void SSL_free(SSL *ssl);

=head1 DESCRIPTION

SSL_free() decrements the reference count of B<ssl>, and removes the SSL
structure pointed to by B<ssl> and frees up the allocated memory if the
reference count has reached 0.
If B<ssl> is NULL nothing is done.

=head1 NOTES

SSL_free() also calls the free()ing procedures for indirectly affected items, if
applicable: the buffering BIO, the read and write BIOs,
cipher lists specially created for this B<ssl>, the B<SSL_SESSION>.
Do not explicitly free these indirectly freed up items before or after
calling SSL_free(), as trying to free things twice may lead to program
failure.

The ssl session has reference counts from two users: the SSL object, for
which the reference count is removed by SSL_free() and the internal
session cache. If the session is considered bad, because
L<SSL_shutdown(3)> was not called for the connection
and L<SSL_set_shutdown(3)> was not used to set the
SSL_SENT_SHUTDOWN state, the session will also be removed
from the session cache as required by RFC2246.

When used to free a QUIC stream SSL object, the respective sending and receiving
parts of the stream are reset unless those parts have already been concluded
normally:

=over 4

=item

If the stream has a sending part (in other words, if it is bidirectional or a
locally-initiated unidirectional stream) and that part has not been concluded
via a call to L<SSL_stream_conclude(3)> or L<SSL_stream_reset(3)> on the QUIC
stream SSL object, a call to SSL_free() automatically resets the sending part of
the stream as though L<SSL_stream_reset(3)> were called with a QUIC application
error code of 0.

=item

If the stream has a receiving part (in other words, if it is bidirectional or a
remotely-initiated unidirectional stream), and the peer has not yet concluded
that part of the stream normally (such as via a call to
L<SSL_stream_conclude(3)> on its own end), a call to SSL_free() automatically
requests the reset of the receiving part of the stream using a QUIC STOP_SENDING
frame with a QUIC application error code of 0. Note that as per the QUIC
protocol, this will automatically cause the peer to reset that part of the
stream in turn (which is its sending part).

=back

A QUIC stream SSL object maintains a reference to a QUIC connection SSL object
internally, therefore a QUIC stream SSL object and its parent QUIC connection
SSL object can be freed in either order.

=head1 RETURN VALUES

SSL_free() does not provide diagnostic information.

L<SSL_new(3)>, L<SSL_clear(3)>,
L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
L<ssl(7)>

=head1 COPYRIGHT

Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut