SSL_read_early_data.pod - OpenGrok cross reference for /third_party/openssl/doc/man3/SSL_read_early

Lines Matching refs:early
21 - functions for sending and receiving early data
58 These functions are used to send and receive early data where TLSv1.3 has been
70 below). For these reasons extreme care should be exercised when using early
73 When a server receives early data it may opt to immediately respond by sending
84 determine if a session established with a server can be used to send early data.
86 will return the maximum number of early data bytes that can be sent.
88 The function SSL_SESSION_set_max_early_data() sets the maximum number of early
94 A client uses the function SSL_write_early_data() to send early data. This
114 When the client no longer wishes to send any more early data then it should
120 A server may choose to ignore early data that has been sent to it. Once the
122 rejected the early data by calling SSL_get_early_data_status(). This will return
124 was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function
127 A server uses the SSL_read_early_data() function to receive early data on a
128 connection for which early data has been enabled using
149 This indicates that early data was successfully read. This should be treated in
155 This indicates that no more early data can be read. It may be returned on the
156 first call to SSL_read_early_data() if the client has not sent any early data,
157 or if the early data was rejected.
193 the maximum amount of any early data that it will accept on any future
194 connection attempt. By default the server does not accept early data; a
195 server may indicate support for early data by calling
199 amount of early data in bytes that is permitted to be sent on a single
202 early data settings for the SSL_CTX and SSL objects respectively. Generally a
206 early data setting for a server is nonzero then replay protection is
209 If the server rejects the early data sent by a client then it will skip over
210 the data that is sent. The maximum amount of received early data that is skipped
218 The recv_max_early_data value also has an impact on early data that is accepted.
230 Some server applications may wish to have more control over whether early data
235 decision is made to accept or reject early data. The callback is provided with a
237 set. Returning 1 from the callback will allow early data and returning 0 will
238 reject it. Note that the OpenSSL library may reject early data for other reasons
246 The whole purpose of early data is to enable a client to start sending data to
252 early data solution as implemented in OpenSSL. In Nagle's algorithm the OS will
262 containing the ClientHello. This means the early data is not actually
264 objective of early data.
272 reports a max early data value greater than 0, but where the server does not
274 changed to accept a lower max early data value such as by calling
276 support TLSv1.3 but was later downgraded to TLSv1.2. Sending early data to such
278 connection while sending early data may want to retry the connection without
279 sending early data as this does not happen automatically. A client will have to
281 connection again but without sending early data. Note that it is inadvisable to
286 When early data is in use the TLS protocol provides no security guarantees that
287 the same early data was not replayed across multiple connections. As a
289 server is configured with a nonzero max early data value. With replay
292 subsequent attempts will fall back to a full handshake (and any early data that
294 if a client does not send any early data.
321 should be applied when combining external PSKs with early data.
327 early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.
341 SSL_SESSION_get_max_early_data() return the maximum number of early data bytes
347 SSL_get_early_data_status() returns SSL_EARLY_DATA_ACCEPTED if early data was
348 accepted by the server, SSL_EARLY_DATA_REJECTED if early data was rejected by
349 the server, or SSL_EARLY_DATA_NOT_SENT if no early data was sent.