From: Matt Caswell <matt@openssl.org>
Date: Mon, 23 Apr 2018 10:23:43 +0000 (+0100)
Subject: Document when a session gets removed from cache
X-Git-Tag: OpenSSL_1_1_0i~156
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0abb903b7618ad404c83ac9b44b2c1bf162b90de;p=openssl

Document when a session gets removed from cache

Document the fact that if a session is not closed down cleanly then the
session gets removed from the cache and marked as non-resumable.

Fixes #4720

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6054)
---

diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index 99936ad765..21becffe03 100644
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -28,6 +28,11 @@ count of the B<SSL_SESSION> is incremented by one.
 The ssl session contains all information required to re-establish the
 connection without a new handshake.
 
+A session will be automatically removed from the session cache and marked as
+non-resumable if the connection is not closed down cleanly, e.g. if a fatal
+error occurs on the connection or L<SSL_shutdown(3)> is not called prior to
+L<SSL_free(3)>.
+
 SSL_get0_session() returns a pointer to the actual session. As the
 reference counter is not incremented, the pointer is only valid while
 the connection is in use. If L<SSL_clear(3)> or