Commit 4753ad85 authored by Matt Caswell's avatar Matt Caswell
Browse files

Document when a session gets removed from cache 



Document the fact that if a session is not closed down cleanly then the
session gets removed from the cache and marked as non-resumable.

Fixes #4720

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6053)
parent 22eb2d1c

doc/man3/SSL_get_session.pod

+5 −0
Original line number Diff line number Diff line
@@ -48,6 +48,11 @@ SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also 
enables applications to obtain information about all sessions sent by the

server.



A session will be automatically removed from the session cache and marked as

non-resumable if the connection is not closed down cleanly, e.g. if a fatal

error occurs on the connection or L<SSL_shutdown(3)> is not called prior to

L<SSL_free(3)>.



In TLSv1.3 it is recommended that each SSL_SESSION object is only used for

resumption once.