Update the SSL_set_session() documentation Update the SSL_set_session() documentation to reflect the fact that old bad sessions are removed from the cache if necessary. Reviewed-by: Rich Salz <rsalz@openssl.org>
diff --git a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod index 0a8a208..1de533f 100644 --- a/doc/ssl/SSL_set_session.pod +++ b/doc/ssl/SSL_set_session.pod
@@ -21,7 +21,11 @@ If there is already a session set inside B<ssl> (because it was set with SSL_set_session() before or because the same B<ssl> was already used for -a connection), SSL_SESSION_free() will be called for that session. +a connection), SSL_SESSION_free() will be called for that session. If that old +session is still B<open>, it is considered bad and will be removed from the +session cache (if used). A session is considered open, if L<SSL_shutdown(3)> was +not called for the connection (or at least L<SSL_set_shutdown(3)> was used to +set the SSL_SENT_SHUTDOWN state). =head1 NOTES