Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Bodo Moeller
@@ -654,8 +654,13 @@ struct ssl_session_st
|
||||
#define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
|
||||
#define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
|
||||
/* Send TLS_FALLBACK_SCSV in the ClientHello.
|
||||
* To be set by applications that reconnect with a downgraded protocol
|
||||
* version; see draft-ietf-tls-downgrade-scsv-00 for details. */
|
||||
* To be set only by applications that reconnect with a downgraded protocol
|
||||
* version; see draft-ietf-tls-downgrade-scsv-00 for details.
|
||||
*
|
||||
* DO NOT ENABLE THIS if your application attempts a normal handshake.
|
||||
* Only use this in explicit fallback retries, following the guidance
|
||||
* in draft-ietf-tls-downgrade-scsv-00.
|
||||
*/
|
||||
#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
|
||||
|
||||
/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
|
||||
|
||||
Reference in New Issue
Block a user