Commit b8964668 authored Apr 26, 2017 by Matt Caswell

Clarify that SSL_CTX_remove_session() marks a session as non-resumable



Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)

parent 5b3e5f00

doc/man3/SSL_CTX_add_session.pod

+2 −2

Original line number	Diff line number	Diff line
		@@ -21,8 +21,8 @@ reference count for session B<c> is incremented by 1. If a session with
		the same session id already exists, the old session is removed by calling
		L<SSL_SESSION_free(3)>.

		SSL_CTX_remove_session() removes the session B<c> from the context B<ctx>.
		L<SSL_SESSION_free(3)> is called once for B<c>.
		SSL_CTX_remove_session() removes the session B<c> from the context B<ctx> and
		marks it as non-resumable. L<SSL_SESSION_free(3)> is called once for B<c>.

		SSL_add_session() and SSL_remove_session() are synonyms for their
		SSL_CTX_*() counterparts.

doc/man3/SSL_CTX_sess_set_get_cb.pod

+2 −1

Original line number	Diff line number	Diff line
		@@ -67,7 +67,8 @@ be established with a single connection. In these case the new_session_cb()
		function will be invoked multiple times.

		In TLSv1.3 it is recommended that each SSL_SESSION object is only used for
		resumption once.
		resumption once. One way of enforcing that is for applications to call
		L<SSL_CTX_remove_session(3)> after a session has been used.

		The remove_session_cb() is called, whenever the SSL engine removes a session
		from the internal cache. This happens when the session is removed because