Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv

handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Bodo Moeller <bodo@openssl.org> 2014-10-15 10:43:50 +0200
committer: Bodo Moeller <bodo@openssl.org> 2014-10-15 10:43:50 +0200
commit: fb0e87fb67a358b40a1d56d2df3a611a09899780 (patch)
tree: cb2a2a4b0136e83469283bae50b5b5b8bdff984a /doc/ssl
parent: cf6da05304d554aaa885151451aa4ecaa977e601 (diff)
download: openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.zip
openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.tar.gz
openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
index 8cb669d..0bcf5d2 100644
--- a/doc/ssl/SSL_CTX_set_mode.pod
+++ b/doc/ssl/SSL_CTX_set_mode.pod
@@ -71,6 +71,12 @@ SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
 save around 34k per idle SSL connection.
 This flag has no effect on SSL v2 connections, or on DTLS connections.
 
+=item SSL_MODE_FALLBACK_SCSV
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
+To be set by applications that reconnect with a downgraded protocol
+version; see draft-ietf-tls-downgrade-scsv-00 for details.
+
 =back
 
 =head1 RETURN VALUES
author	Bodo Moeller <bodo@openssl.org>	2014-10-15 10:43:50 +0200
committer	Bodo Moeller <bodo@openssl.org>	2014-10-15 10:43:50 +0200
commit	fb0e87fb67a358b40a1d56d2df3a611a09899780 (patch)
tree	cb2a2a4b0136e83469283bae50b5b5b8bdff984a /doc/ssl
parent	cf6da05304d554aaa885151451aa4ecaa977e601 (diff)
download	openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.zip openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.tar.gz openssl-fb0e87fb67a358b40a1d56d2df3a611a09899780.tar.bz2