[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
Matt Caswell
matt at openssl.org
Mon Dec 10 11:18:01 UTC 2018
The branch OpenSSL_1_1_1-stable has been updated
via 23abea6307a6df4dcefc1219b49ef0f2846ed844 (commit)
from ef97becf522fc4e2e9d98e6ae7bcb26651883d9a (commit)
- Log -----------------------------------------------------------------
commit 23abea6307a6df4dcefc1219b49ef0f2846ed844
Author: Matt Caswell <matt at openssl.org>
Date: Tue Dec 4 12:31:17 2018 +0000
Document the num_tickets s_server option
Fixes #7727
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7756)
(cherry picked from commit 7ffb7fbe8c1c1bc467993389478d2ea6f00e1860)
-----------------------------------------------------------------------
Summary of changes:
doc/man1/s_server.pod | 10 +++++++++-
doc/man3/SSL_CTX_set_num_tickets.pod | 8 ++++----
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod
index f4c4eda..143b0ae 100644
--- a/doc/man1/s_server.pod
+++ b/doc/man1/s_server.pod
@@ -98,6 +98,7 @@ B<openssl> B<s_server>
[B<-no_comp>]
[B<-comp>]
[B<-no_ticket>]
+[B<-num_tickets>]
[B<-serverpref>]
[B<-legacy_renegotiation>]
[B<-no_renegotiation>]
@@ -558,7 +559,14 @@ OpenSSL 1.1.0.
=item B<-no_ticket>
-Disable RFC4507bis session ticket support.
+Disable RFC4507bis session ticket support. This option has no effect if TLSv1.3
+is negotiated. See B<-num_tickets>.
+
+=item B<-num_tickets>
+
+Control the number of tickets that will be sent to the client after a full
+handshake in TLSv1.3. The default number of tickets is 2. This option does not
+affect the number of tickets sent after a resumption handshake.
=item B<-serverpref>
diff --git a/doc/man3/SSL_CTX_set_num_tickets.pod b/doc/man3/SSL_CTX_set_num_tickets.pod
index b6b0e3e..ad13ed1 100644
--- a/doc/man3/SSL_CTX_set_num_tickets.pod
+++ b/doc/man3/SSL_CTX_set_num_tickets.pod
@@ -20,10 +20,10 @@ SSL_CTX_get_num_tickets
=head1 DESCRIPTION
SSL_CTX_set_num_tickets() and SSL_set_num_tickets() can be called for a server
-application and set the number of session tickets that will be sent to the
-client after a full handshake. Set the desired value (which could be 0) in the
-B<num_tickets> argument. Typically these functions should be called before the
-start of the handshake.
+application and set the number of TLSv1.3 session tickets that will be sent to
+the client after a full handshake. Set the desired value (which could be 0) in
+the B<num_tickets> argument. Typically these functions should be called before
+the start of the handshake.
The default number of tickets is 2; the default number of tickets sent following
a resumption handshake is 1 but this cannot be changed using these functions.
More information about the openssl-commits
mailing list