root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Tweak SSL_get_session.pod wording 

Based on feedback received.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3008)
This commit is contained in:
Matt Caswell 2017-03-23 11:56:46 +00:00
parent 150840b944
commit 35ea9edfb2
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
doc/man3/SSL_get_session.pod
View File

@ -26,19 +26,19 @@ count of the B<SSL_SESSION> is incremented by one.
=head1 NOTES =head1 NOTES
The ssl session contains all information required to re-establish the The ssl session contains all information required to re-establish the
connection without a full handshake for SSL versions <= TLSv1.2. In TLSv1.3 the connection without a full handshake for SSL versions up to and including
same is true, but sessions are established after the main handshake has occurred. TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the
The server will send the session information to the client at a time of its main handshake has occurred. The server will send the session information to the
choosing which may be some while after the initial connection is established (or client at a time of its choosing, which may be some while after the initial
not at all). Calling these functions on the client side in TLSv1.3 before the connection is established (or never). Calling these functions on the client side
session has been established will still return an SSL_SESSION object but it in TLSv1.3 before the session has been established will still return an
cannot be used for resuming the session. See L<SSL_SESSION_is_resumable(3)> for SSL_SESSION object but that object cannot be used for resuming the session. See
information on how to determine whether an SSL_SESSION object can be used for L<SSL_SESSION_is_resumable(3)> for information on how to determine whether an
resumption or not. SSL_SESSION object can be used for resumption or not.
Additionally, in TLSv1.3, a server can send multiple session messages for a Additionally, in TLSv1.3, a server can send multiple messages that establish a
single connection. In that case the above functions will only return information session for a single connection. In that case the above functions will only
on the last session that was received. return information on the last session that was received.
The preferred way for applications to obtain a resumable SSL_SESSION object is The preferred way for applications to obtain a resumable SSL_SESSION object is
to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>. to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.