@@ -2184,15 +2184,14 @@
  */
 
 static int ConnectionInfoObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
     Tcl_Channel chan;		/* The channel to set a mode on. */
     State *statePtr;		/* client state for ssl socket */
-    Tcl_Obj *objPtr;
+    Tcl_Obj *objPtr, *listPtr;
     const SSL *ssl;
     const SSL_CIPHER *cipher;
     const SSL_SESSION *session;
-    const unsigned char *proto;
     long mode;
 
     if (objc != 2) {
 	Tcl_WrongNumArgs(interp, 1, objv, "channel");
 	return(TCL_ERROR);
@@ -2283,11 +2282,11 @@
     session = SSL_get_session(ssl);
     if (session != NULL) {
 	const unsigned char *ticket;
 	size_t len2;
 	unsigned int ulen;
-	const unsigned char *session_id;
+	const unsigned char *session_id, *proto;
 	char buffer[SSL_MAX_MASTER_KEY_LENGTH];
 
 	/* Report the selected protocol as a result of the ALPN negotiation */
 	SSL_SESSION_get0_alpn_selected(session, &proto, &len2);
 	Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("alpn", -1));
@@ -2360,26 +2359,31 @@
 	Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("NONE", -1));
 #endif
     }
 
     /* Server info */
-    mode = SSL_CTX_get_session_cache_mode(statePtr->ctx);
-    if (mode & SSL_SESS_CACHE_OFF) {
-	proto = "off";
-    } else if (mode & SSL_SESS_CACHE_CLIENT) {
-	proto = "client";
-    } else if (mode & SSL_SESS_CACHE_SERVER) {
-	proto = "server";
-    } else if (mode & SSL_SESS_CACHE_BOTH) {
-	proto = "both";
-    } else {
-	proto = "unknown";
-    }
-    Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("session_cache_mode", -1));
-    Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(proto, -1));
+    {
+	mode = SSL_CTX_get_session_cache_mode(statePtr->ctx);
+	char *msg;
+	
+	if (mode & SSL_SESS_CACHE_OFF) {
+	    msg = "off";
+	} else if (mode & SSL_SESS_CACHE_CLIENT) {
+	    msg = "client";
+	} else if (mode & SSL_SESS_CACHE_SERVER) {
+	    msg = "server";
+	} else if (mode & SSL_SESS_CACHE_BOTH) {
+	    msg = "both";
+	} else {
+	    msg = "unknown";
+	}
+	Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj("session_cache_mode", -1));
+	Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(msg, -1));
+    }
 
     /* CA List */
+    /* IF not a server, same as SSL_get0_peer_CA_list. If server same as SSL_CTX_get_client_CA_list */
     listPtr = Tcl_NewListObj(0, NULL);
     STACK_OF(X509_NAME) *ca_list;
     if ((ca_list = SSL_get_client_CA_list(ssl)) != NULL) {
 	char buffer[BUFSIZ];
 	for (int i = 0; i < sk_X509_NAME_num(ca_list); i++) {