diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2001-07-11 15:10:28 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2001-07-11 15:10:28 +0000 |
commit | a1a63a42392d4b637eab8200c88a63082d7b48ba (patch) | |
tree | 9f288d6face4a14d442cf1cce286fe2a41d29290 /doc | |
parent | 103a434386d1b40315c0c36a9956703aac4e38d2 (diff) |
Clarify! (based on recent mailing-list discussions)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ssl/SSL_CTX_set_default_passwd_cb.pod | 6 | ||||
-rw-r--r-- | doc/ssl/SSL_CTX_set_mode.pod | 3 |
2 files changed, 9 insertions, 0 deletions
diff --git a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod index a5343a1cf3..2b87f01ca1 100644 --- a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod +++ b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod @@ -40,6 +40,12 @@ then keep it in memory and use it several times. In the last case, the password could be stored into the B<userdata> storage and the pem_passwd_cb() only returns the password already stored. +When asking for the password interactively, pem_passwd_cb() can use +B<rwflag> to check, whether an item shall be encrypted (rwflag=1). +In this case the password dialog may ask for the same password twice +for comparison in order to catch typos, that would make decryption +impossible. + Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public. diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod index 9a035bb4d1..9822544e5e 100644 --- a/doc/ssl/SSL_CTX_set_mode.pod +++ b/doc/ssl/SSL_CTX_set_mode.pod @@ -37,6 +37,9 @@ The following mode changes are available: Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success when just a single record has been written). When not set (the default), SSL_write() will only report success once the complete chunk was written. +Once SSL_write() returns with r, r bytes have been successfully written +and the next call to SSL_write() must only send the n-r bytes left, +imitating the behaviour of write(). =item SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |