From a1a63a42392d4b637eab8200c88a63082d7b48ba Mon Sep 17 00:00:00 2001 From: =?utf8?q?Lutz=20J=C3=A4nicke?= Date: Wed, 11 Jul 2001 15:10:28 +0000 Subject: [PATCH] Clarify! (based on recent mailing-list discussions) --- doc/ssl/SSL_CTX_set_default_passwd_cb.pod | 6 ++++++ doc/ssl/SSL_CTX_set_mode.pod | 3 +++ 2 files changed, 9 insertions(+) diff --git a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod index a5343a1cf3..2b87f01ca1 100644 --- a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod +++ b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod @@ -40,6 +40,12 @@ then keep it in memory and use it several times. In the last case, the password could be stored into the B storage and the pem_passwd_cb() only returns the password already stored. +When asking for the password interactively, pem_passwd_cb() can use +B to check, whether an item shall be encrypted (rwflag=1). +In this case the password dialog may ask for the same password twice +for comparison in order to catch typos, that would make decryption +impossible. + Other items in PEM formatting (certificates) can also be encrypted, it is however not usual, as certificate information is considered public. diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod index 9a035bb4d1..9822544e5e 100644 --- a/doc/ssl/SSL_CTX_set_mode.pod +++ b/doc/ssl/SSL_CTX_set_mode.pod @@ -37,6 +37,9 @@ The following mode changes are available: Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success when just a single record has been written). When not set (the default), SSL_write() will only report success once the complete chunk was written. +Once SSL_write() returns with r, r bytes have been successfully written +and the next call to SSL_write() must only send the n-r bytes left, +imitating the behaviour of write(). =item SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER -- 2.25.1