From 26597a785ec2dd4e9ec9fb7d9765d2ee8779ee16 Mon Sep 17 00:00:00 2001
From: Laurent Bercot <ska-skaware@skarnet.org>
Date: Thu, 16 Nov 2023 05:13:06 +0000
Subject:  Add -J and -j to the TLS tools to check for peer close_notify.

 Also, and more importantly, significantly rewrite stls_run()
for better full-duplex support. This implementation isn't fully
tested yet.

Signed-off-by: Laurent Bercot <ska@appnovation.com>
---
 doc/s6-tlsserver.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'doc/s6-tlsserver.html')

diff --git a/doc/s6-tlsserver.html b/doc/s6-tlsserver.html
index d1ca3e2..8713235 100644
--- a/doc/s6-tlsserver.html
+++ b/doc/s6-tlsserver.html
@@ -177,6 +177,7 @@ certificates, you probably still want TCP access rules.
  <li> <tt>-Z</tt>, <tt>-z</tt>&nbsp;: keep or remove the <a href="s6-tlsd-io.html">s6-tlsd-io</a>-specific
 variables from the application's environment </li>
  <li> <tt>-S</tt>, <tt>-s</tt>&nbsp;: use close_notify or EOF to signal the end of a TLS connection </li>
+ <li> <tt>-J</tt>, <tt>-j</tt>&nbsp;: exit nonzero with an error message when the peer fails to close_notify, or ignore it </li>
  <li> <tt>-Y</tt>, <tt>-y</tt>&nbsp;: request an optional or a mandatory client certificate </li>
  <li> <tt>-K <em>kimeout</em></tt>&nbsp;: set a timeout for the TLS handshake </li>
  <li> <tt>-k <em>snilevel</em></tt>&nbsp;: support SNI-based certificate chains </li>
-- 
cgit v1.2.3