import 0.9.7b (without idea and rc5)

author: markus <markus@openbsd.org> 2003-05-11 21:34:11 +0000
committer: markus <markus@openbsd.org> 2003-05-11 21:34:11 +0000
commit: 3a5f3d0e407fc493f4a740bd79f4e3c586fc3841 (patch)
tree: ca1fe47248cc912e2a530c11856550d9f5d60cb9 /lib/libssl/src/doc/ssl
parent: -DROKEN_RENAME not needed for these. (diff)
download: wireguard-openbsd-3a5f3d0e407fc493f4a740bd79f4e3c586fc3841.tar.xz
wireguard-openbsd-3a5f3d0e407fc493f4a740bd79f4e3c586fc3841.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod b/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
index af326c2f734..82676b26b23 100644
--- a/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
+++ b/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
@@ -37,6 +37,14 @@ removed and replaced by the new session. If the session is actually
 identical (the SSL_SESSION object is identical), SSL_CTX_add_session()
 is a no-op, and the return value is 0.
 
+If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE
+flag then the internal cache will not be populated automatically by new
+sessions negotiated by the SSL/TLS implementation, even though the internal
+cache will be searched automatically for session-resume requests (the
+latter can be surpressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
+application can use SSL_CTX_add_session() directly to have full control
+over the sessions that can be resumed if desired.
+
 
 =head1 RETURN VALUES
author	markus <markus@openbsd.org>	2003-05-11 21:34:11 +0000
committer	markus <markus@openbsd.org>	2003-05-11 21:34:11 +0000
commit	3a5f3d0e407fc493f4a740bd79f4e3c586fc3841 (patch)
tree	ca1fe47248cc912e2a530c11856550d9f5d60cb9 /lib/libssl/src/doc/ssl
parent	-DROKEN_RENAME not needed for these. (diff)
download	wireguard-openbsd-3a5f3d0e407fc493f4a740bd79f4e3c586fc3841.tar.xz wireguard-openbsd-3a5f3d0e407fc493f4a740bd79f4e3c586fc3841.zip