diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/s6-tlsc-io.html | 10 | ||||
| -rw-r--r-- | doc/s6-tlsc.html | 10 | ||||
| -rw-r--r-- | doc/s6-tlsd-io.html | 10 | ||||
| -rw-r--r-- | doc/s6-tlsd.html | 10 |
4 files changed, 24 insertions, 16 deletions
diff --git a/doc/s6-tlsc-io.html b/doc/s6-tlsc-io.html index 2f02841..d4c1b7e 100644 --- a/doc/s6-tlsc-io.html +++ b/doc/s6-tlsc-io.html @@ -195,10 +195,12 @@ connection without using <tt>close_notify</tt>. This is the default. </li> <li> <tt>-k <em>servername</em></tt> : use Server Name Indication, and send <em>servername</em>. The default is not to use SNI, which may be a security risk. </li> - <li> <tt>-K <em>kimeout</em></tt> : close the connection -if <em>kimeout</em> milliseconds elapse without any data being -received from either side. The default is 0, which means -infinite timeout (never kill the connection). </li> + <li> <tt>-K <em>kimeout</em></tt> : if the peer fails +to send data for <em>kimeout</em> milliseconds during the handshake, +close the connection. The default is 0, which means infinite timeout +(never kill the connection). This option is ignored by the +<tt>libtls</tt> backend, which does not have a way to interrupt +the handshake after a timeout. </li> <li> <tt>-d <em>notif</em></tt> : handshake notification. <em>notif</em> must be a file descriptor open for writing. When the TLS handshake has completed, some data (terminated by two null diff --git a/doc/s6-tlsc.html b/doc/s6-tlsc.html index c2e7521..5ff3431 100644 --- a/doc/s6-tlsc.html +++ b/doc/s6-tlsc.html @@ -121,10 +121,12 @@ connection without using <tt>close_notify</tt>. This is the default. </li> <li> <tt>-k <em>servername</em></tt> : use Server Name Indication, and send <em>servername</em>. The default is not to use SNI, which may be a security risk. </li> - <li> <tt>-K <em>kimeout</em></tt> : close the connection -if <em>kimeout</em> milliseconds elapse without any data being -received from either side. The default is 0, which means -infinite timeout (never kill the connection). </li> + <li> <tt>-K <em>kimeout</em></tt> : if the peer fails +to send data for <em>kimeout</em> milliseconds during the handshake, +close the connection. The default is 0, which means infinite timeout +(never kill the connection). This option is ignored by the +<tt>libtls</tt> backend, which does not have a way to interrupt +the handshake after a timeout. </li> <li> <tt>-6 <em>fdr</em></tt> : expect an open file descriptor numbered <em>fdr</em> to read network (ciphertext) data from. Make sure <em>prog</em> also reads its data diff --git a/doc/s6-tlsd-io.html b/doc/s6-tlsd-io.html index 6aad7dc..00f7cd4 100644 --- a/doc/s6-tlsd-io.html +++ b/doc/s6-tlsd-io.html @@ -190,10 +190,12 @@ and break the connection when receiving a local EOF. </li> connection without using <tt>close_notify</tt>. This is the default. </li> <li> <tt>-Y</tt> : Do not send a client certificate. This is the default. </li> <li> <tt>-y</tt> : Send a client certificate. </li> - <li> <tt>-K <em>kimeout</em></tt> : close the connection -if <em>kimeout</em> milliseconds elapse without any data being -received from either side. The default is 0, which means -infinite timeout (never kill the connection). </li> + <li> <tt>-K <em>kimeout</em></tt> : if the peer fails +to send data for <em>kimeout</em> milliseconds during the handshake, +close the connection. The default is 0, which means infinite timeout +(never kill the connection). This option is ignored by the +<tt>libtls</tt> backend, which does not have a way to interrupt +the handshake after a timeout. </li> <li> <tt>-d <em>notif</em></tt> : handshake notification. <em>notif</em> must be a file descriptor open for writing. When the TLS handshake has completed, some data (terminated by two null diff --git a/doc/s6-tlsd.html b/doc/s6-tlsd.html index beeedda..579c63c 100644 --- a/doc/s6-tlsd.html +++ b/doc/s6-tlsd.html @@ -129,10 +129,12 @@ connection without using <tt>close_notify</tt>. This is the default. </li> <li> <tt>-y</tt> : Require a mandatory client certificate. The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option, is not to require a client certificate at all. </li> - <li> <tt>-K <em>kimeout</em></tt> : close the connection -if <em>kimeout</em> milliseconds elapse without any data being -received from either side. The default is 0, which means -infinite timeout (never kill the connection). </li> + <li> <tt>-K <em>kimeout</em></tt> : if the peer fails +to send data for <em>kimeout</em> milliseconds during the handshake, +close the connection. The default is 0, which means infinite timeout +(never kill the connection). This option is ignored by the +<tt>libtls</tt> backend, which does not have a way to interrupt +the handshake after a timeout. </li> </ul> <h2> Notes </h2> |