Commit 143ee7b6 authored by Hubert Kario's avatar Hubert Kario Committed by Matt Caswell
Browse files

SSL_CONF_cmd: fix doc for NoRenegotiation 



The option is a flag for Options, not a standalone setting.

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8292)

(cherry picked from commit 4ac5e43d)
parent e2e69dce

doc/man3/SSL_CONF_cmd.pod

+3 −5
Original line number Diff line number Diff line
@@ -308,11 +308,6 @@ Attempts to pad TLSv1.3 records so that they are a multiple of B<value> in 
length on send. A B<value> of 0 or 1 turns off padding. Otherwise, the

B<value> must be >1 or <=16384.



=item B<NoRenegotiation>



Disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting

B<SSL_OP_NO_RENEGOTIATION>.



=item B<SignatureAlgorithms>



This sets the supported signature algorithms for TLSv1.2 and TLSv1.3.
@@ -456,6 +451,9 @@ Only used by servers. 
B<NoResumptionOnRenegotiation>: set

B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> flag. Only used by servers.



B<NoRenegotiation>: disables all attempts at renegotiation in TLSv1.2 and

earlier, same as setting B<SSL_OP_NO_RENEGOTIATION>.



B<UnsafeLegacyRenegotiation>: permits the use of unsafe legacy renegotiation.

Equivalent to B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>.