[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Fri Sep 17 12:34:08 UTC 2021

The branch openssl-3.0 has been updated
       via  2221e7eebab7af085a7235547585da1cbd798350 (commit)
      from  d656a086ef61581cae10a0f33322e6910232aa01 (commit)

- Log -----------------------------------------------------------------
commit 2221e7eebab7af085a7235547585da1cbd798350
Author: Matt Caswell <matt at openssl.org>
Date:   Sat Sep 11 10:02:21 2021 +0100

    Clarify what SSL_get_session() does on the server side in TLSv1.3
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16582)
    (cherry picked from commit 9e51f877930dbd4216438a5da3c9612bf4d0a918)


Summary of changes:
 doc/man3/SSL_get_session.pod | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/doc/man3/SSL_get_session.pod b/doc/man3/SSL_get_session.pod
index 967ccea564..6631bdf324 100644
--- a/doc/man3/SSL_get_session.pod
+++ b/doc/man3/SSL_get_session.pod
@@ -37,8 +37,11 @@ L<SSL_SESSION_is_resumable(3)> for information on how to determine whether an
 SSL_SESSION object can be used for resumption or not.
 Additionally, in TLSv1.3, a server can send multiple messages that establish a
-session for a single connection. In that case the above functions will only
-return information on the last session that was received.
+session for a single connection. In that case, on the client side, the above
+functions will only return information on the last session that was received. On
+the server side they will only return information on the last session that was
+sent, or if no session tickets were sent then the session for the current
 The preferred way for applications to obtain a resumable SSL_SESSION object is
 to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.

More information about the openssl-commits mailing list