Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv

handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Bodo Moeller <bodo@openssl.org> 2014-10-15 10:50:53 +0200
committer: Bodo Moeller <bodo@openssl.org> 2014-10-15 10:50:53 +0200
commit: 80fb4820cb1c849348b5246330b35ed4f51af562 (patch)
tree: 42420cf5a4db28f84e99d44051396bf2095beba3 /doc/ssl
parent: 2229fe5b94bedd14f53535eb563b6459c3aa00ae (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
index 8cb669daeb..0bcf5d2afc 100644
--- a/doc/ssl/SSL_CTX_set_mode.pod
+++ b/doc/ssl/SSL_CTX_set_mode.pod
@@ -71,6 +71,12 @@ SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
 save around 34k per idle SSL connection.
 This flag has no effect on SSL v2 connections, or on DTLS connections.
 
+=item SSL_MODE_FALLBACK_SCSV
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
+To be set by applications that reconnect with a downgraded protocol
+version; see draft-ietf-tls-downgrade-scsv-00 for details.
+
 =back
 
 =head1 RETURN VALUES
author	Bodo Moeller <bodo@openssl.org>	2014-10-15 10:50:53 +0200
committer	Bodo Moeller <bodo@openssl.org>	2014-10-15 10:50:53 +0200
commit	80fb4820cb1c849348b5246330b35ed4f51af562 (patch)
tree	42420cf5a4db28f84e99d44051396bf2095beba3 /doc/ssl
parent	2229fe5b94bedd14f53535eb563b6459c3aa00ae (diff)