From: EasySec <easy.sec@free.fr>
Date: Wed, 13 Apr 2022 11:02:44 +0000 (+0200)
Subject: doc: Clarify that calling SSL_set_session(ssl, NULL) is a correct use case.
X-Git-Tag: openssl-3.2.0-alpha1~2758
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e763b1861fb2a138371464b7d3996dbde85ff5e8;p=thirdparty%2Fopenssl.git

doc: Clarify that calling SSL_set_session(ssl, NULL) is a correct use case.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18101)
---

diff --git a/doc/man3/SSL_set_session.pod b/doc/man3/SSL_set_session.pod
index c3eca2565ad..f1c0193bf39 100644
--- a/doc/man3/SSL_set_session.pod
+++ b/doc/man3/SSL_set_session.pod
@@ -21,7 +21,8 @@ with the L<SSL_session_reused(3)> call.
 
 If there is already a session set inside B<ssl> (because it was set with
 SSL_set_session() before or because the same B<ssl> was already used for
-a connection), SSL_SESSION_free() will be called for that session. If that old
+a connection), SSL_SESSION_free() will be called for that session.
+This is also the case when B<session> is a NULL pointer. If that old
 session is still B<open>, it is considered bad and will be removed from the
 session cache (if used). A session is considered open, if L<SSL_shutdown(3)> was
 not called for the connection (or at least L<SSL_set_shutdown(3)> was used to