mirror of https://github.com/openssl/openssl
Clarify what SSL_get_session() does on the server side in TLSv1.3
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16582)
This commit is contained in:
parent
4603b782e6
commit
9e51f87793
|
@ -37,8 +37,11 @@ L<SSL_SESSION_is_resumable(3)> for information on how to determine whether an
|
|||
SSL_SESSION object can be used for resumption or not.
|
||||
|
||||
Additionally, in TLSv1.3, a server can send multiple messages that establish a
|
||||
session for a single connection. In that case the above functions will only
|
||||
return information on the last session that was received.
|
||||
session for a single connection. In that case, on the client side, the above
|
||||
functions will only return information on the last session that was received. On
|
||||
the server side they will only return information on the last session that was
|
||||
sent, or if no session tickets were sent then the session for the current
|
||||
connection.
|
||||
|
||||
The preferred way for applications to obtain a resumable SSL_SESSION object is
|
||||
to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.
|
||||
|
|
Loading…
Reference in New Issue