diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 6c9822f3..01433d52 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3872,8 +3872,7 @@ struct ssl_ctx_st {
    * SSL_accept which cache SSL_SESSIONS. */
   int session_cache_mode;
 
-  /* If timeout is not 0, it is the default timeout value set when SSL_new() is
-   * called.  This has been put in to make life easier to set things up */
+  /* session_timeout is the default lifetime for new sessions, in seconds. */
   long session_timeout;
 
   /* If this callback is not null, it will be called each time a session id is
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a60caf0a..ded5aef3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -473,12 +473,7 @@ SSL *SSL_new(SSL_CTX *ctx) {
       ssl->ctx->signed_cert_timestamps_enabled;
   ssl->ocsp_stapling_enabled = ssl->ctx->ocsp_stapling_enabled;
 
-  ssl->session_timeout = SSL_DEFAULT_SESSION_TIMEOUT;
-
-  /* If the context has a default timeout, use it over the default. */
-  if (ctx->session_timeout != 0) {
-    ssl->session_timeout = ctx->session_timeout;
-  }
+  ssl->session_timeout = ctx->session_timeout;
 
   /* If the context has an OCSP response, use it. */
   if (ctx->ocsp_response != NULL) {
diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c
index bd5ef766..805bd485 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.c
@@ -934,6 +934,11 @@ long SSL_CTX_set_timeout(SSL_CTX *ctx, long timeout) {
     return 0;
   }
 
+  /* Historically, zero was treated as |SSL_DEFAULT_SESSION_TIMEOUT|. */
+  if (timeout == 0) {
+    timeout = SSL_DEFAULT_SESSION_TIMEOUT;
+  }
+
   long old_timeout = ctx->session_timeout;
   ctx->session_timeout = timeout;
   return old_timeout;