From: Rich Salz Date: Wed, 3 Sep 2014 16:02:13 +0000 (-0400) Subject: RT468: SSL_CTX_sess_set_cache_size wrong X-Git-Tag: master-pre-reformat~345 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e9edfc419674f20b482a9beff9c246519f9c503e;p=openssl RT468: SSL_CTX_sess_set_cache_size wrong The documentation is wrong about what happens when the session cache fills up. Reviewed-by: Tim Hudson --- diff --git a/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/doc/ssl/SSL_CTX_sess_set_cache_size.pod index c8b99f4eef..4aeda096d6 100644 --- a/doc/ssl/SSL_CTX_sess_set_cache_size.pod +++ b/doc/ssl/SSL_CTX_sess_set_cache_size.pod @@ -15,6 +15,7 @@ SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session ca SSL_CTX_sess_set_cache_size() sets the size of the internal session cache of context B to B. +This value is a hint and not an absolute; see the notes below. SSL_CTX_sess_get_cache_size() returns the currently valid session cache size. @@ -25,8 +26,9 @@ currently 1024*20, so that up to 20000 sessions can be held. This size can be modified using the SSL_CTX_sess_set_cache_size() call. A special case is the size 0, which is used for unlimited size. -When the maximum number of sessions is reached, no more new sessions are -added to the cache. New space may be added by calling +If adding the session makes the cache exceed its size, then unused +sessions are dropped from the end of the cache. +Cache space may also be reclaimed by calling L to remove expired sessions.