diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-17 10:52:33 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-17 10:52:33 +0000 |
| commit | 2c3307fb903f427be3d021c5780b75cac9af2ce8 (patch) | |
| tree | 65cf431f40b7481d81ae2dfce9576342686448f7 /upstream/archlinux/man3/SSL_CONF_cmd.3ssl | |
| parent | Releasing progress-linux version 4.22.0-1~progress7.99u1. (diff) | |
| download | manpages-l10n-2c3307fb903f427be3d021c5780b75cac9af2ce8.tar.xz manpages-l10n-2c3307fb903f427be3d021c5780b75cac9af2ce8.zip | |
Merging upstream version 4.23.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'upstream/archlinux/man3/SSL_CONF_cmd.3ssl')
| -rw-r--r-- | upstream/archlinux/man3/SSL_CONF_cmd.3ssl | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/upstream/archlinux/man3/SSL_CONF_cmd.3ssl b/upstream/archlinux/man3/SSL_CONF_cmd.3ssl index 902c6c48..74fa3ad0 100644 --- a/upstream/archlinux/man3/SSL_CONF_cmd.3ssl +++ b/upstream/archlinux/man3/SSL_CONF_cmd.3ssl @@ -55,7 +55,7 @@ .\" ======================================================================== .\" .IX Title "SSL_CONF_CMD 3ssl" -.TH SSL_CONF_CMD 3ssl 2024-01-30 3.2.1 OpenSSL +.TH SSL_CONF_CMD 3ssl 2024-04-28 3.3.0 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -141,6 +141,11 @@ Only used by servers. Requires \fB\-serverpref\fR. .IX Item "-allow_no_dhe_kex" In TLSv1.3 allow a non\-(ec)dhe based key exchange mode on resumption. This means that there will be no forward secrecy for the resumed session. +.IP \fB\-prefer_no_dhe_kex\fR 4 +.IX Item "-prefer_no_dhe_kex" +In TLSv1.3, on resumption let the server prefer a non\-(ec)dhe based key +exchange mode over an (ec)dhe based one. Requires \fB\-allow_no_dhe_kex\fR. +Equivalent to \fBSSL_OP_PREFER_NO_DHE_KEX\fR. Only used by servers. .IP \fB\-strict\fR 4 .IX Item "-strict" Enables strict mode protocol handling. Equivalent to setting @@ -521,6 +526,11 @@ default. Inverse of \fBSSL_OP_NO_ENCRYPT_THEN_MAC\fR: that is, resumption. This means that there will be no forward secrecy for the resumed session. Equivalent to \fBSSL_OP_ALLOW_NO_DHE_KEX\fR. .Sp +\&\fBPreferNoDHEKEX\fR: In TLSv1.3, on resumption let the server prefer a +non\-(ec)dhe based key exchange mode over an (ec)dhe based one. Requires +\&\fBAllowNoDHEKEX\fR. Equivalent to \fBSSL_OP_PREFER_NO_DHE_KEX\fR. Only used by +servers. +.Sp \&\fBMiddleboxCompat\fR: If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that do not understand TLSv1.3 will not drop the connection. This @@ -778,6 +788,8 @@ OpenSSL 3.0. .PP The \fBTxCertificateCompression\fR and \fBRxCertificateCompression\fR options were added in OpenSSL 3.2. +.PP +\&\fBPreferNoDHEKEX\fR was added in OpenSSL 3.3. .SH COPYRIGHT .IX Header "COPYRIGHT" Copyright 2012\-2023 The OpenSSL Project Authors. All Rights Reserved. |