path: root/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3
diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3')
1 files changed, 7 insertions, 5 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3 b/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3
index 5df4b44d53b4..c0e45010e683 100644
--- a/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3
+++ b/secure/lib/libcrypto/man/man3/SSL_CTX_use_psk_identity_hint.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
.\" Standard preamble:
.\" ========================================================================
@@ -133,7 +133,7 @@
.\" ========================================================================
-.TH SSL_CTX_USE_PSK_IDENTITY_HINT 3 "2020-04-21" "1.1.1g" "OpenSSL"
+.TH SSL_CTX_USE_PSK_IDENTITY_HINT 3 "2020-09-22" "1.1.1h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -212,7 +212,9 @@ via \fBSSL_CTX_set_psk_find_session_callback()\fR or \fBSSL_set_psk_find_session
and it will use that in preference. If no such callback is present then it will
check to see if a callback has been set via \fBSSL_CTX_set_psk_server_callback()\fR or
\&\fBSSL_set_psk_server_callback()\fR and use that. In this case the handshake digest
-will default to \s-1SHA\-256\s0 for any returned \s-1PSK.\s0
+will default to \s-1SHA\-256\s0 for any returned \s-1PSK.\s0 TLSv1.3 early data exchanges are
+possible in \s-1PSK\s0 connections only with the \fBSSL_psk_find_session_cb_func\fR
+callback, and are not possible with the \fBSSL_psk_server_cb_func\fR callback.
.IX Header "NOTES"
A connection established via a TLSv1.3 \s-1PSK\s0 will appear as if session resumption
@@ -245,7 +247,7 @@ failure. In the event of failure the connection setup fails.
.IX Header "NOTES"
There are no known security issues with sharing the same \s-1PSK\s0 between TLSv1.2 (or
-below) and TLSv1.3. However the \s-1RFC\s0 has this note of caution:
+below) and TLSv1.3. However, the \s-1RFC\s0 has this note of caution:
\&\*(L"While there is no known way in which the same \s-1PSK\s0 might produce related output
in both versions, only limited analysis has been done. Implementations can
@@ -261,7 +263,7 @@ ensure safety from cross-protocol related output by not reusing PSKs between
were added in OpenSSL 1.1.1.
-Copyright 2006\-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006\-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy