diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-10-24 02:36:13 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-01-02 22:56:54 +0000 |
commit | 63eab8a620944a990ab3985620966ccd9f48d681 (patch) | |
tree | 3b937e1e9016a526f6ed21747f99f039477fe86e /doc | |
parent | 4f605ccb779e32a770093d687e0554e0bbb137d3 (diff) |
Remove MS SGC
MS Server gated cryptography is obsolete and dates from the time of export
restrictions on strong encryption and is only used by ancient versions of
MSIE.
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/BIO_f_ssl.pod | 2 | ||||
-rw-r--r-- | doc/ssl/SSL_accept.pod | 5 | ||||
-rw-r--r-- | doc/ssl/SSL_do_handshake.pod | 5 |
3 files changed, 3 insertions, 9 deletions
diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod index bc5861ab34..a9f23f1dd7 100644 --- a/doc/crypto/BIO_f_ssl.pod +++ b/doc/crypto/BIO_f_ssl.pod @@ -108,7 +108,7 @@ SSL BIOs are exceptional in that if the underlying transport is non blocking they can still request a retry in exceptional circumstances. Specifically this will happen if a session renegotiation takes place during a BIO_read() operation, one -case where this happens is when SGC or step up occurs. +case where this happens is when step up occurs. In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be set to disable this behaviour. That is when this flag is set diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod index 2239444174..89ad6bd0ba 100644 --- a/doc/ssl/SSL_accept.pod +++ b/doc/ssl/SSL_accept.pod @@ -21,10 +21,7 @@ B<ssl> by setting an underlying B<BIO>. The behaviour of SSL_accept() depends on the underlying BIO. If the underlying BIO is B<blocking>, SSL_accept() will only return once the -handshake has been finished or an error occurred, except for SGC (Server -Gated Cryptography). For SGC, SSL_accept() may return with -1, but -SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and SSL_accept() -should be called again. +handshake has been finished or an error occurred. If the underlying BIO is B<non-blocking>, SSL_accept() will also return when the underlying BIO could not satisfy the needs of SSL_accept() diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod index b35ddf5f14..8b590c9f16 100644 --- a/doc/ssl/SSL_do_handshake.pod +++ b/doc/ssl/SSL_do_handshake.pod @@ -23,10 +23,7 @@ L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>. The behaviour of SSL_do_handshake() depends on the underlying BIO. If the underlying BIO is B<blocking>, SSL_do_handshake() will only return -once the handshake has been finished or an error occurred, except for SGC -(Server Gated Cryptography). For SGC, SSL_do_handshake() may return with -1, -but SSL_get_error() will yield B<SSL_ERROR_WANT_READ/WRITE> and -SSL_do_handshake() should be called again. +once the handshake has been finished or an error occurred. If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return when the underlying BIO could not satisfy the needs of SSL_do_handshake() |