diff options
| author | Bodo Möller <bodo@openssl.org> | 2011-10-13 13:24:13 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2011-10-13 13:24:13 +0000 |
| commit | 8070cb5f87b839e5926aae729f5ae6806c4cb851 (patch) | |
| tree | a39715e8b1755754c4b58215553900127a6f36d0 /doc | |
| parent | f7d514f449878eab6c5c7c1c71815b6ffb9044aa (diff) | |
Clarify warning
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ssl/SSL_clear.pod | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod index 8e077e31c9..d4df1bfac3 100644 --- a/doc/ssl/SSL_clear.pod +++ b/doc/ssl/SSL_clear.pod @@ -39,10 +39,16 @@ for a description of the method's properties. SSL_clear() resets the SSL object to allow for another connection. The reset operation however keeps several settings of the last sessions (some of these settings were made automatically during the last -handshake). It only makes sense when opening a new session (or reusing -an old one) with the same peer that shares these settings. -SSL_clear() is not a short form for the sequence -L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>; . +handshake). It only makes sense for a new connection with the exact +same peer that shares these settings, and may fail if that peer +changes its settings between connections. Use the sequence +L<SSL_get_session(3)|SSL_get_session(3)>; +L<SSL_new(3)|SSL_new(3)>; +L<SSL_set_session(3)|SSL_set_session(3)>; +L<SSL_free(3)|SSL_free(3)> +instead to avoid such failures +(or simply L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)> +if session reuse is not desired). =head1 RETURN VALUES |