RT1665,2300: Crypto doc cleanups

[openssl.git] / doc / ssl / SSL_get_session.pod

diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index a0266e2ac6351008266814bb8b2c1f5b263781f3..1a30f7bb5f15f44bca79a0efdf58914bfa2c598d 100644 (file)
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -2,14 +2,14 @@
 
 =head1 NAME
 
-SSL_get_session - retrieve TLS/SSL session data
+SSL_get_session, SSL_get0_session, SSL_get1_session - retrieve TLS/SSL session data
 
 =head1 SYNOPSIS
 
  #include <openssl/ssl.h>
 
- SSL_SESSION *SSL_get_session(SSL *ssl);
- SSL_SESSION *SSL_get0_session(SSL *ssl);
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
  SSL_SESSION *SSL_get1_session(SSL *ssl);
 
 =head1 DESCRIPTION
@@ -37,8 +37,16 @@ if the session is valid, it can be removed at any time due to timeout
 during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
 
 If the data is to be kept, SSL_get1_session() will increment the reference
-count and the session will stay in memory until explicitly freed with
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>, regardless of its state.
+count, so that the session will not be implicitly removed by other operations
+but stays in memory. In order to remove the session
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
+to decrement the reference count again.
+
+SSL_SESSION objects keep internal link information about the session cache
+list, when being inserted into one SSL_CTX object's session cache.
+One SSL_SESSION object, regardless of its reference count, must therefore
+only be used with one SSL_CTX object (and the SSL objects created
+from this SSL_CTX object).
 
 =head1 RETURN VALUES