SSL_read_early_data.pod - OpenGrok cross reference for /freebsd/crypto/openssl/doc/man3/SSL_read_early

Lines Matching +full:3 +full:l
58 These functions are used to send and receive early data where TLSv1.3 has been
69 additional considerations around replay attacks (see L</REPLAY PROTECTION>
81 or not by calling L<SSL_is_init_finished(3)>.
90 creating a PSK session file (see L<SSL_CTX_set_psk_use_session_callback(3)>). If
95 function is similar to the L<SSL_write_ex(3)> function, but with the following
96 differences. See L<SSL_write_ex(3)> for information on how to write bytes to
99 L<SSL_write_ex(3)>.
103 L<SSL_write_ex(3)>, L<SSL_read_ex(3)>, L<SSL_connect(3)>, L<SSL_do_handshake(3)>
108 calls to L<SSL_read_ex(3)> and L<SSL_read(3)> with calls to
111 If SSL_write_early_data() fails you should call L<SSL_get_error(3)> to determine
112 the correct course of action, as for L<SSL_write_ex(3)>.
115 complete the handshake by calling a function such as L<SSL_connect(3)> or
116 L<SSL_do_handshake(3)>. Alternatively you can call a standard write function
117 such as L<SSL_write_ex(3)>, which will transparently complete the connection and
132 L<SSL_write_ex(3)>, L<SSL_read_ex(3)>, L<SSL_accept(3)>, L<SSL_do_handshake(3)>,
135 SSL_read_early_data() is similar to L<SSL_read_ex(3)> with the following
136 differences. Refer to L<SSL_read_ex(3)> for full details.
138 SSL_read_early_data() may return 3 possible values:
145 same way as a 0 return value from L<SSL_read_ex(3)>.
150 the same way as a 1 return value from L<SSL_read_ex(3)>. You should continue to
167 to SSL_write_early_data() are not allowed. Call L<SSL_is_init_finished(3)> to
172 Servers must not call L<SSL_read_ex(3)>, L<SSL_read(3)>, L<SSL_write_ex(3)> or
173 L<SSL_write(3)>  until SSL_read_early_data() has returned with
176 as L<SSL_accept(3)> or L<SSL_do_handshake(3)>. Alternatively you can call a
177 standard read function such as L<SSL_read_ex(3)>, which will transparently
186 L<SSL_accept(3)>. This can happen if the client is using a protocol version less
187 than TLSv1.3. Applications can test for this by calling
188 L<SSL_is_init_finished(3)>. Alternatively, applications may choose to call
189 L<SSL_accept(3)> anyway. Such a call will successfully return immediately with no
207 automatically enabled (see L</REPLAY PROTECTION> below).
231 is accepted or not, for example to mitigate replay risks (see L</REPLAY PROTECTION>
242 L</REPLAY PROTECTION> below.
281 support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such
302 cache (see L<SSL_CTX_set_session_cache_mode(3)>). When replay protection is
304 selected (see L<SSL_CTX_set_options(3)>). Sessions will be added to the cache
312 L<SSL_CTX_sess_set_new_cb(3)> and similar functions). It is the application's
318 not held when the remove session callback (see L<SSL_CTX_sess_set_remove_cb(3)>)
325 (e.g. see SSL_CTX_set_psk_find_session_callback(3)). Therefore, extreme caution
330 using the B<SSL_OP_NO_ANTI_REPLAY> option. See L<SSL_CTX_set_options(3)> for
337 failure call L<SSL_get_error(3)> to determine the correct course of action.
342 event of a failure call L<SSL_get_error(3)> to determine the correct course of
358 L<SSL_get_error(3)>,
359 L<SSL_write_ex(3)>,
360 L<SSL_read_ex(3)>,
361 L<SSL_connect(3)>,
362 L<SSL_accept(3)>,
363 L<SSL_do_handshake(3)>,
364 L<SSL_CTX_set_psk_use_session_callback(3)>,
365 L<ssl(7)>
378 L<https://www.openssl.org/source/license.html>.