Merge remote-tracking branch 'agl/1.0.2alpn' into agl-alpn

[oweals/openssl.git] / doc / ssl / SSL_get_session.pod

diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index a0266e2ac6351008266814bb8b2c1f5b263781f3..0c41caa922ab3ebcf68d67711e036563ef522ec1 100644 (file)
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -8,8 +8,8 @@ SSL_get_session - retrieve TLS/SSL session data
 
  #include <openssl/ssl.h>
 
- SSL_SESSION *SSL_get_session(SSL *ssl);
- SSL_SESSION *SSL_get0_session(SSL *ssl);
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
  SSL_SESSION *SSL_get1_session(SSL *ssl);
 
 =head1 DESCRIPTION
@@ -37,8 +37,16 @@ if the session is valid, it can be removed at any time due to timeout
 during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
 
 If the data is to be kept, SSL_get1_session() will increment the reference
-count and the session will stay in memory until explicitly freed with
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, regardless of its state.
+count, so that the session will not be implicitly removed by other operations
+but stays in memory. In order to remove the session
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
+to decrement the reference count again.
+
+SSL_SESSION objects keep internal link information about the session cache
+list, when being inserted into one SSL_CTX object's session cache.
+One SSL_SESSION object, regardless of its reference count, must therefore
+only be used with one SSL_CTX object (and the SSL objects created
+from this SSL_CTX object).
 
 =head1 RETURN VALUES