SSL_SESSION object can be used for resumption or not.
Additionally, in TLSv1.3, a server can send multiple messages that establish a
-session for a single connection. In that case the above functions will only
-return information on the last session that was received.
+session for a single connection. In that case, on the client side, the above
+functions will only return information on the last session that was received. On
+the server side they will only return information on the last session that was
+sent, or if no session tickets were sent then the session for the current
+connection.
The preferred way for applications to obtain a resumable SSL_SESSION object is
to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.