From 99978d51d6ba1ae8e36c1f82e98e9b2052131948 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 7 Feb 2016 23:20:53 +0000
Subject: [PATCH] Clarify resumed sessions and NULL return.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
---
 doc/ssl/SSL_get_peer_cert_chain.pod | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/ssl/SSL_get_peer_cert_chain.pod b/doc/ssl/SSL_get_peer_cert_chain.pod
index 649de145ba..1320bcbcff 100644
--- a/doc/ssl/SSL_get_peer_cert_chain.pod
+++ b/doc/ssl/SSL_get_peer_cert_chain.pod
@@ -33,8 +33,9 @@ X509_V_OK) the chain may be incomplete or invalid.
 
 =head1 NOTES
 
-The peer certificate chain is not necessarily available after reusing
-a session, in which case a NULL pointer is returned.
+If the session is resumed peers do not send certificates so a NULL pointer
+is returned by these functions. Applications can call SSL_session_reused()
+to determine whether a session is resumed.
 
 The reference count of each certificate in the returned STACK_OF(X509) object
 is not incremented and the returned stack may be invalidated by renegotiation.
-- 
2.25.1