Clarify what SSL_get_session() does on the server side in TLSv1.3

Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16582) (cherry picked from commit 9e51f877930dbd4216438a5da3c9612bf4d0a918)
author: Matt Caswell <matt@openssl.org> 2021-09-11 10:02:21 +0100
committer: Tomas Mraz <tomas@openssl.org> 2021-09-17 14:34:16 +0200
commit: 97a1fb5106fdb2b3dc3bbe84d0892db40e50c45f (patch)
tree: ac7a38710a0d04a45876b13e0860672858974d1f /doc
parent: 2f3b120401533db82e99ed28de5fc8aab1b76b33 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/doc/man3/SSL_get_session.pod b/doc/man3/SSL_get_session.pod
index 7c04570635..4d8527aecf 100644
--- a/doc/man3/SSL_get_session.pod
+++ b/doc/man3/SSL_get_session.pod
@@ -37,8 +37,11 @@ L<SSL_SESSION_is_resumable(3)> for information on how to determine whether an
 SSL_SESSION object can be used for resumption or not.
 
 Additionally, in TLSv1.3, a server can send multiple messages that establish a
-session for a single connection. In that case the above functions will only
-return information on the last session that was received.
+session for a single connection. In that case, on the client side, the above
+functions will only return information on the last session that was received. On
+the server side they will only return information on the last session that was
+sent, or if no session tickets were sent then the session for the current
+connection.
 
 The preferred way for applications to obtain a resumable SSL_SESSION object is
 to use a new session callback as described in L<SSL_CTX_sess_set_new_cb(3)>.
author	Matt Caswell <matt@openssl.org>	2021-09-11 10:02:21 +0100
committer	Tomas Mraz <tomas@openssl.org>	2021-09-17 14:34:16 +0200
commit	97a1fb5106fdb2b3dc3bbe84d0892db40e50c45f (patch)
tree	ac7a38710a0d04a45876b13e0860672858974d1f /doc
parent	2f3b120401533db82e99ed28de5fc8aab1b76b33 (diff)