From: Dr. Stephen Henson <steve@openssl.org>
Date: Sun, 7 Feb 2016 23:20:53 +0000 (+0000)
Subject: Clarify resumed sessions and NULL return.
X-Git-Tag: OpenSSL_1_1_0-pre3~220
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=99978d51d6ba1ae8e36c1f82e98e9b2052131948;p=oweals%2Fopenssl.git

Clarify resumed sessions and NULL return.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
---

diff --git a/doc/ssl/SSL_get_peer_cert_chain.pod b/doc/ssl/SSL_get_peer_cert_chain.pod
index 649de145ba..1320bcbcff 100644
--- a/doc/ssl/SSL_get_peer_cert_chain.pod
+++ b/doc/ssl/SSL_get_peer_cert_chain.pod
@@ -33,8 +33,9 @@ X509_V_OK) the chain may be incomplete or invalid.
 
 =head1 NOTES
 
-The peer certificate chain is not necessarily available after reusing
-a session, in which case a NULL pointer is returned.
+If the session is resumed peers do not send certificates so a NULL pointer
+is returned by these functions. Applications can call SSL_session_reused()
+to determine whether a session is resumed.
 
 The reference count of each certificate in the returned STACK_OF(X509) object
 is not incremented and the returned stack may be invalidated by renegotiation.