Create the SSL structure

Figure 1 shows the flow for one of the most common SSL API calls when used in a shared SSL session environment: an application creating an SSL structure for shared SSL sessions.
Figure 1. SSL structure creation
Alternate text
In Figure 1:
  1. The application program issues SSL_new to create the SSL structure. The CTX value (ctx_token1 in the figure) is passed to this call.
  2. The SSL_new handler checks the CTX value that was passed as input and, because it is not a heap storage pointer (meaning that it is a token for shared SSL sessions), starts the SSL code to process this API.
  3. The SSL code issues the GSYSC macro to obtain a 4-KB block of system heap. The following information is set up in the block:
    • The API call to process, which is SSL_new
    • The CTX value (ctx_token1 in the figure)
    • The system virtual address (SVA) of this entry control block (ECB)
    • The database ID (DBI) of this ECB.
  4. The system heap block is added to the queue of tasks for shared SSL sessions.
  5. One of the SSL thread ECBs obtains control and pulls the first item from the queue (the system heap block). This item indicates that the SSL_new function must be issued. The z/TPF system determines that the CTX value displayed in the SSL session table (SSST) (ctx_token1 in the figure) was passed and finds its entry to obtain the real CTX value (ctx_token1 in the figure). The z/TPF system issues the API using the real CTX value (ctx1) as input to the API. The return code of the API call is a pointer to the SSL structure that was created (ssl1 in the figure).
  6. A token called ssl_token1 in the figure is created and the entry is added to the SSST that maps ssl_token1 to ssl1 in the figure. The token (ssl_token1) is placed in the system heap block to pass to the application. The ECB address is used in the system heap block to post the application ECB. The token (ssl_token1 in this example) is always an odd number, which indicates a shared SSL session. Pointers to SSL structures are always even numbers.
  7. The application ECB is posted and obtains the API return code (ssl_token1) from the system heap block. The system heap block is no longer needed, so the RSYSC macro is issued to release it. Control is returned to the application program with the return code value set to ssl_token1.
Related information: