[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Tue Apr 24 08:24:00 UTC 2018
The branch master has been updated
via 4753ad858c299a34815988907989c98d5285e57e (commit)
from 22eb2d1c80ff511985c0b32a6f4699c3a062311b (commit)
- Log -----------------------------------------------------------------
commit 4753ad858c299a34815988907989c98d5285e57e
Author: Matt Caswell <matt at openssl.org>
Date: Mon Apr 23 11:23:43 2018 +0100
Document when a session gets removed from cache
Document the fact that if a session is not closed down cleanly then the
session gets removed from the cache and marked as non-resumable.
Fixes #4720
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6053)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/SSL_get_session.pod | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/doc/man3/SSL_get_session.pod b/doc/man3/SSL_get_session.pod
index b2e92af..7ed6353 100644
--- a/doc/man3/SSL_get_session.pod
+++ b/doc/man3/SSL_get_session.pod
@@ -48,6 +48,11 @@ SSL_SESSION object that cannot be used for resumption in TLSv1.3. It also
enables applications to obtain information about all sessions sent by the
server.
+A session will be automatically removed from the session cache and marked as
+non-resumable if the connection is not closed down cleanly, e.g. if a fatal
+error occurs on the connection or L<SSL_shutdown(3)> is not called prior to
+L<SSL_free(3)>.
+
In TLSv1.3 it is recommended that each SSL_SESSION object is only used for
resumption once.
More information about the openssl-commits
mailing list