=head1 NOTES
The ssl session contains all information required to re-establish the
-connection without a full handshake for SSL versions <= TLSv1.2. In TLSv1.3 the
-same is true, but sessions are established after the main handshake has occurred.
-The server will send the session information to the client at a time of its
-choosing which may be some while after the initial connection is established (or
-not at all). Calling these functions on the client side in TLSv1.3 before the
-session has been established will still return an SSL_SESSION object but it
-cannot be used for resuming the session. See L<SSL_SESSION_is_resumable(3)> for
-information on how to determine whether an SSL_SESSION object can be used for
-resumption or not.
-
-Additionally, in TLSv1.3, a server can send multiple session messages for a
-single connection. In that case the above functions will only return information
-on the last session that was received.
+connection without a full handshake for SSL versions up to and including
+TLSv1.2. In TLSv1.3 the same is true, but sessions are established after the
+main handshake has occurred. The server will send the session information to the
+client at a time of its choosing, which may be some while after the initial
+connection is established (or never). Calling these functions on the client side
+in TLSv1.3 before the session has been established will still return an
+SSL_SESSION object but that object cannot be used for resuming the session. See
+L<SSL_SESSION_is_resumable(3)> for information on how to determine whether an
+SSL_SESSION object can be used for resumption or not.
+
+Additionally, in TLSv1.3, a server can send multiple messages that establish a
+session for a single connection. In that case the above functions will only
+return information on the last session that was received.
The preferred way for applications to obtain a resumable SSL_SESSION object is
to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.
projects / openssl.git / commitdiff