From: Matt Caswell <matt@openssl.org>
Date: Sat, 11 Sep 2021 08:58:52 +0000 (+0100)
Subject: Correct the documentation for SSL_set_num_tickets()
X-Git-Tag: openssl-3.2.0-alpha1~3564
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4603b782e6dbed493d2f38db111abc05df66fb99;p=thirdparty%2Fopenssl.git

Correct the documentation for SSL_set_num_tickets()

The behaviour for what happens in a resumption connection was not quite
described correctly.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16582)
---

diff --git a/doc/man3/SSL_CTX_set_num_tickets.pod b/doc/man3/SSL_CTX_set_num_tickets.pod
index c06583304f0..95ed719df7c 100644
--- a/doc/man3/SSL_CTX_set_num_tickets.pod
+++ b/doc/man3/SSL_CTX_set_num_tickets.pod
@@ -27,10 +27,10 @@ the client after a full handshake. Set the desired value (which could be 0) in
 the B<num_tickets> argument. Typically these functions should be called before
 the start of the handshake.
 
-The default number of tickets is 2; the default number of tickets sent following
-a resumption handshake is 1 but this cannot be changed using these functions.
-The number of tickets following a resumption handshake can be reduced to 0 using
-custom session ticket callbacks (see L<SSL_CTX_set_session_ticket_cb(3)>).
+The default number of tickets is 2. Following a resumption the number of tickets
+issued will never be more than 1 regardless of the value set via
+SSL_set_num_tickets() or SSL_CTX_set_num_tickets(). If B<num_tickets> is set to
+0 then no tickets will be issued for either a normal connection or a resumption.
 
 Tickets are also issued on receipt of a post-handshake certificate from the
 client following a request by the server using