summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2022-08-23 14:57:07 +0000
committerLaurent Bercot <ska@appnovation.com>2022-08-23 14:57:07 +0000
commitda13dfcb1f0cfae82f448873c15cb01fd78639aa (patch)
treeca1225196966ebfde00b6a91f2fe35a1eb4ffaf2
parent003b096d346b6c20d43d1127413d2db4b66e5b6e (diff)
downloads6-networking-da13dfcb1f0cfae82f448873c15cb01fd78639aa.tar.xz
Do not require optional certificates XD
Signed-off-by: Laurent Bercot <ska@appnovation.com>
-rw-r--r--doc/s6-tlsd-io.html10
-rw-r--r--doc/s6-tlsd.html6
-rw-r--r--doc/s6-ucspitlsd.html6
3 files changed, 13 insertions, 9 deletions
diff --git a/doc/s6-tlsd-io.html b/doc/s6-tlsd-io.html
index f21d487..a026664 100644
--- a/doc/s6-tlsd-io.html
+++ b/doc/s6-tlsd-io.html
@@ -210,10 +210,14 @@ no effect. </li>
and break the connection when receiving a local EOF. </li>
<li> <tt>-s</tt>&nbsp;: transmit EOF by half-closing the TCP
connection without using <tt>close_notify</tt>. This is the default. </li>
- <li> <tt>-Y</tt>&nbsp;: Require an optional client certificate. </li>
- <li> <tt>-y</tt>&nbsp;: Require a mandatory client certificate.
+ <li> <tt>-Y</tt>&nbsp;: Request an client certificate.
+The certificate is optional: if the client gives none, the connection
+proceeds. </li>
+ <li> <tt>-y</tt>&nbsp;: Request a client certificate.
+The certificate is mandatory: if the client gives none, the handshake
+fails.
The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option,
-is not to require a client certificate at all. </li>
+is not to request a client certificate at all. </li>
<li> <tt>-K&nbsp;<em>kimeout</em></tt>&nbsp;: if the peer fails
to send data for <em>kimeout</em> milliseconds during the handshake,
close the connection. The default is 0, which means infinite timeout
diff --git a/doc/s6-tlsd.html b/doc/s6-tlsd.html
index c1c6a59..cbaa5c8 100644
--- a/doc/s6-tlsd.html
+++ b/doc/s6-tlsd.html
@@ -140,10 +140,10 @@ before execing <em>prog...</em>. This is the default. </li>
and break the connection when <em>prog</em> sends EOF. </li>
<li> <tt>-s</tt>&nbsp;: transmit EOF by half-closing the TCP
connection without using <tt>close_notify</tt>. This is the default. </li>
- <li> <tt>-Y</tt>&nbsp;: Require an optional client certificate. </li>
- <li> <tt>-y</tt>&nbsp;: Require a mandatory client certificate.
+ <li> <tt>-Y</tt>&nbsp;: Request an optional client certificate. </li>
+ <li> <tt>-y</tt>&nbsp;: Request a mandatory client certificate.
The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option,
-is not to require a client certificate at all. </li>
+is not to request a client certificate at all. </li>
<li> <tt>-K&nbsp;<em>kimeout</em></tt>&nbsp;: if the peer fails
to send data for <em>kimeout</em> milliseconds during the handshake,
close the connection. The default is 0, which means infinite timeout
diff --git a/doc/s6-ucspitlsd.html b/doc/s6-ucspitlsd.html
index cb53389..8488942 100644
--- a/doc/s6-ucspitlsd.html
+++ b/doc/s6-ucspitlsd.html
@@ -146,10 +146,10 @@ before execing <em>prog...</em>. This is the default. </li>
and break the connection when <em>prog</em> sends EOF. </li>
<li> <tt>-s</tt>&nbsp;: transmit EOF by half-closing the TCP
connection without using <tt>close_notify</tt>. This is the default. </li>
- <li> <tt>-Y</tt>&nbsp;: Require an optional client certificate. </li>
- <li> <tt>-y</tt>&nbsp;: Require a mandatory client certificate.
+ <li> <tt>-Y</tt>&nbsp;: Request an optional client certificate. </li>
+ <li> <tt>-y</tt>&nbsp;: Request a mandatory client certificate.
The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option,
-is not to require a client certificate at all. </li>
+is not to request a client certificate at all. </li>
<li> <tt>-K&nbsp;<em>kimeout</em></tt>&nbsp;: close the connection if
the handshake takes more than <em>kimeout</em> milliseconds to complete.
The default is 0, which means infinite timeout: let the handshake complete