aboutsummaryrefslogtreecommitdiff
path: root/openssl/doc/ssl/SSL_CTX_set_mode.pod
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/doc/ssl/SSL_CTX_set_mode.pod')
-rw-r--r--openssl/doc/ssl/SSL_CTX_set_mode.pod10
1 files changed, 10 insertions, 0 deletions
diff --git a/openssl/doc/ssl/SSL_CTX_set_mode.pod b/openssl/doc/ssl/SSL_CTX_set_mode.pod
index 8cb669dae..2a5aaa555 100644
--- a/openssl/doc/ssl/SSL_CTX_set_mode.pod
+++ b/openssl/doc/ssl/SSL_CTX_set_mode.pod
@@ -71,6 +71,16 @@ SSL_CTX->freelist_max_len, which defaults to 32. Using this flag can
save around 34k per idle SSL connection.
This flag has no effect on SSL v2 connections, or on DTLS connections.
+=item SSL_MODE_SEND_FALLBACK_SCSV
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
+To be set only by applications that reconnect with a downgraded protocol
+version; see draft-ietf-tls-downgrade-scsv-00 for details.
+
+DO NOT ENABLE THIS if your application attempts a normal handshake.
+Only use this in explicit fallback retries, following the guidance
+in draft-ietf-tls-downgrade-scsv-00.
+
=back
=head1 RETURN VALUES
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 20:13:33 +0000