diff options
author | Bodo Möller <bodo@openssl.org> | 2011-10-13 13:27:09 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2011-10-13 13:27:09 +0000 |
commit | 9d74befd2300ecb1793dd8ba5592b77e613d29f9 (patch) | |
tree | 4cde9f93253ec48650f47aca189efa74df020903 /doc | |
parent | 8b37d33a9435c3bbf4b5da5f2e312fb6be5455dc (diff) | |
download | openssl-9d74befd2300ecb1793dd8ba5592b77e613d29f9.tar.gz |
Clarify warning
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_clear.pod | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod index 8e077e31c9..d4df1bfac3 100644 --- a/doc/ssl/SSL_clear.pod +++ b/doc/ssl/SSL_clear.pod @@ -39,10 +39,16 @@ for a description of the method's properties. SSL_clear() resets the SSL object to allow for another connection. The reset operation however keeps several settings of the last sessions (some of these settings were made automatically during the last -handshake). It only makes sense when opening a new session (or reusing -an old one) with the same peer that shares these settings. -SSL_clear() is not a short form for the sequence -L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>; . +handshake). It only makes sense for a new connection with the exact +same peer that shares these settings, and may fail if that peer +changes its settings between connections. Use the sequence +L<SSL_get_session(3)|SSL_get_session(3)>; +L<SSL_new(3)|SSL_new(3)>; +L<SSL_set_session(3)|SSL_set_session(3)>; +L<SSL_free(3)|SSL_free(3)> +instead to avoid such failures +(or simply L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)> +if session reuse is not desired). =head1 RETURN VALUES |