Hi, I've found an explanation in the SSL on-line documentation that should be corrected.
In http://www.openssl.org/docs/ssl/SSL_get_session.html#, "If the data is to be kept, SSL_get1_session() will increment the reference count and the session will stay in memory until explicitly freed with SSL_SESSION_free(3), regardless of its state." But as stated in http://www.openssl.org/docs/ssl/SSL_SESSION_free.html#, a single call of SSL_SESSION_free() does NOT free the session obtained with SSL_get1_session. In order to free it, SSL_SESSION_free() must be called until the the reference count has reached 0. So the description in the SSL_get_session.html might lead to misunderstanding-- better to be corrected. Thanks, Taka Shinagawa --- OpenSSL developer for OpenVMS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]