diff options
Diffstat (limited to 'secure/lib/libcrypto/man/SSL_CTX_set_mode.3')
-rw-r--r-- | secure/lib/libcrypto/man/SSL_CTX_set_mode.3 | 78 |
1 files changed, 45 insertions, 33 deletions
diff --git a/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 b/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 index 72263e57e0a66..b1be601175686 100644 --- a/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 +++ b/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) +.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== @@ -54,16 +54,20 @@ .\" Avoid warning from groff about undefined register 'F'. .de IX .. -.if !\nF .nr F 0 -.if \nF>0 \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. -. if !\nF==2 \{\ -. nr % 0 -. nr F 2 +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} . \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -129,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "SSL_CTX_SET_MODE 3" -.TH SSL_CTX_SET_MODE 3 "2018-11-20" "1.1.1a" "OpenSSL" +.TH SSL_CTX_SET_MODE 3 "2019-02-26" "1.1.1b" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -151,17 +155,17 @@ SSL_CTX_set_mode, SSL_CTX_clear_mode, SSL_set_mode, SSL_clear_mode, SSL_CTX_get_ .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" -\&\fISSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR. +\&\fBSSL_CTX_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBctx\fR. Options already set before are not cleared. -\&\fISSL_CTX_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBctx\fR. +\&\fBSSL_CTX_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBctx\fR. .PP -\&\fISSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR. +\&\fBSSL_set_mode()\fR adds the mode set via bitmask in \fBmode\fR to \fBssl\fR. Options already set before are not cleared. -\&\fISSL_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBssl\fR. +\&\fBSSL_clear_mode()\fR removes the mode set via bitmask in \fBmode\fR from \fBssl\fR. .PP -\&\fISSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR. +\&\fBSSL_CTX_get_mode()\fR returns the mode set for \fBctx\fR. .PP -\&\fISSL_get_mode()\fR returns the mode set for \fBssl\fR. +\&\fBSSL_get_mode()\fR returns the mode set for \fBssl\fR. .SH "NOTES" .IX Header "NOTES" The following mode changes are available: @@ -169,23 +173,23 @@ The following mode changes are available: .IX Item "SSL_MODE_ENABLE_PARTIAL_WRITE" Allow SSL_write_ex(..., n, &r) to return with 0 < r < n (i.e. report success when just a single record has been written). This works in a similar way for -\&\fISSL_write()\fR. When not set (the default), \fISSL_write_ex()\fR or \fISSL_write()\fR will only -report success once the complete chunk was written. Once \fISSL_write_ex()\fR or -\&\fISSL_write()\fR returns successful, \fBr\fR bytes have been written and the next call -to \fISSL_write_ex()\fR or \fISSL_write()\fR must only send the n\-r bytes left, imitating -the behaviour of \fIwrite()\fR. +\&\fBSSL_write()\fR. When not set (the default), \fBSSL_write_ex()\fR or \fBSSL_write()\fR will only +report success once the complete chunk was written. Once \fBSSL_write_ex()\fR or +\&\fBSSL_write()\fR returns successful, \fBr\fR bytes have been written and the next call +to \fBSSL_write_ex()\fR or \fBSSL_write()\fR must only send the n\-r bytes left, imitating +the behaviour of \fBwrite()\fR. .IP "\s-1SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER\s0" 4 .IX Item "SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER" -Make it possible to retry \fISSL_write_ex()\fR or \fISSL_write()\fR with changed buffer +Make it possible to retry \fBSSL_write_ex()\fR or \fBSSL_write()\fR with changed buffer location (the buffer contents must stay the same). This is not the default to -avoid the misconception that non-blocking \fISSL_write()\fR behaves like -non-blocking \fIwrite()\fR. +avoid the misconception that non-blocking \fBSSL_write()\fR behaves like +non-blocking \fBwrite()\fR. .IP "\s-1SSL_MODE_AUTO_RETRY\s0" 4 .IX Item "SSL_MODE_AUTO_RETRY" During normal operations, non-application data records might need to be sent or received that the application is not aware of. If a non-application data record was processed, -\&\fISSL_read_ex\fR\|(3) and \fISSL_read\fR\|(3) can return with a failure and indicate the +\&\fBSSL_read_ex\fR\|(3) and \fBSSL_read\fR\|(3) can return with a failure and indicate the need to retry with \fB\s-1SSL_ERROR_WANT_READ\s0\fR. If such a non-application data record was processed, the flag \&\fB\s-1SSL_MODE_AUTO_RETRY\s0\fR causes it to try to process the next record instead of @@ -204,8 +208,8 @@ to only return after successfully processing an application data record or a failure. .Sp Turning off \fB\s-1SSL_MODE_AUTO_RETRY\s0\fR can be useful with blocking \fB\s-1BIO\s0\fRs in case -they are used in combination with something like \fIselect()\fR or \fIpoll()\fR. -Otherwise the call to \fISSL_read()\fR or \fISSL_read_ex()\fR might hang when a +they are used in combination with something like \fBselect()\fR or \fBpoll()\fR. +Otherwise the call to \fBSSL_read()\fR or \fBSSL_read_ex()\fR might hang when a non-application record was sent and no application data was sent. .IP "\s-1SSL_MODE_RELEASE_BUFFERS\s0" 4 .IX Item "SSL_MODE_RELEASE_BUFFERS" @@ -227,26 +231,34 @@ in draft\-ietf\-tls\-downgrade\-scsv\-00. .IX Item "SSL_MODE_ASYNC" Enable asynchronous processing. \s-1TLS I/O\s0 operations may indicate a retry with \&\s-1SSL_ERROR_WANT_ASYNC\s0 with this mode set if an asynchronous capable engine is -used to perform cryptographic operations. See \fISSL_get_error\fR\|(3). +used to perform cryptographic operations. See \fBSSL_get_error\fR\|(3). +.IP "\s-1SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG\s0" 4 +.IX Item "SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG" +Older versions of OpenSSL had a bug in the computation of the label length +used for computing the endpoint-pair shared secret. The bug was that the +terminating zero was included in the length of the label. Setting this option +enables this behaviour to allow interoperability with such broken +implementations. Please note that setting this option breaks interoperability +with correct implementations. This option only applies to \s-1DTLS\s0 over \s-1SCTP.\s0 .PP All modes are off by default except for \s-1SSL_MODE_AUTO_RETRY\s0 which is on by default since 1.1.1. .SH "RETURN VALUES" .IX Header "RETURN VALUES" -\&\fISSL_CTX_set_mode()\fR and \fISSL_set_mode()\fR return the new mode bitmask +\&\fBSSL_CTX_set_mode()\fR and \fBSSL_set_mode()\fR return the new mode bitmask after adding \fBmode\fR. .PP -\&\fISSL_CTX_get_mode()\fR and \fISSL_get_mode()\fR return the current bitmask. +\&\fBSSL_CTX_get_mode()\fR and \fBSSL_get_mode()\fR return the current bitmask. .SH "SEE ALSO" .IX Header "SEE ALSO" -\&\fIssl\fR\|(7), \fISSL_read_ex\fR\|(3), \fISSL_read\fR\|(3), \fISSL_write_ex\fR\|(3) or -\&\fISSL_write\fR\|(3), \fISSL_get_error\fR\|(3) +\&\fBssl\fR\|(7), \fBSSL_read_ex\fR\|(3), \fBSSL_read\fR\|(3), \fBSSL_write_ex\fR\|(3) or +\&\fBSSL_write\fR\|(3), \fBSSL_get_error\fR\|(3) .SH "HISTORY" .IX Header "HISTORY" -\&\s-1SSL_MODE_ASYNC\s0 was first added to OpenSSL 1.1.0. +\&\s-1SSL_MODE_ASYNC\s0 was added in OpenSSL 1.1.0. .SH "COPYRIGHT" .IX Header "COPYRIGHT" -Copyright 2001\-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2001\-2019 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy |