No dynamic-init fix; merge goof.

[openssl.git] / doc / ssl / SSL_free.pod

diff --git a/doc/ssl/SSL_free.pod b/doc/ssl/SSL_free.pod
index 3bbde4273c9bca1c76fb0340ee79d9db8ae1e3d7..27154430385e11efc04c31826fa1ae92aac6c0f2 100644 (file)
--- a/doc/ssl/SSL_free.pod
+++ b/doc/ssl/SSL_free.pod
@@ -8,26 +8,38 @@ SSL_free - free an allocated SSL structure
 
  #include <openssl/ssl.h>
 
- void *SSL_free(SSL *ssl);
+ void SSL_free(SSL *ssl);
 
 =head1 DESCRIPTION
 
 SSL_free() decrements the reference count of B<ssl>, and removes the SSL
 structure pointed to by B<ssl> and frees up the allocated memory if the
-the reference count has reached 0.
+reference count has reached 0.
+If B<ssl> is NULL nothing is done.
 
-It also calls the free()ing procedures for indirectly affected items, if
+=head1 NOTES
+
+SSL_free() also calls the free()ing procedures for indirectly affected items, if
 applicable: the buffering BIO, the read and write BIOs,
 cipher lists specially created for this B<ssl>, the B<SSL_SESSION>.
 Do not explicitly free these indirectly freed up items before or after
 calling SSL_free(), as trying to free things twice may lead to program
 failure.
 
+The ssl session has reference counts from two users: the SSL object, for
+which the reference count is removed by SSL_free() and the internal
+session cache. If the session is considered bad, because
+L<SSL_shutdown(3)> was not called for the connection
+and L<SSL_set_shutdown(3)> was not used to set the
+SSL_SENT_SHUTDOWN state, the session will also be removed
+from the session cache as required by RFC2246.
+
 =head1 RETURN VALUES
 
 SSL_free() does not provide diagnostic information.
 
-L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<ssl(3)|ssl(3)>
+L<SSL_new(3)>, L<SSL_clear(3)>,
+L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+L<ssl(3)>
 
 =cut