64 to send data from the server to the client when the client has not yet completed
68 connection. In particular the data does not have forward secrecy. There are also
76 authentication messages have not yet been received, i.e. the client is
81 or not by calling L<SSL_is_init_finished(3)>.
105 the server, but the total number of bytes written must not exceed the value
156 first call to SSL_read_early_data() if the client has not sent any early data,
167 to SSL_write_early_data() are not allowed. Call L<SSL_is_init_finished(3)> to
168 determine whether the handshake has completed or not. If the handshake is still
172 Servers must not call L<SSL_read_ex(3)>, L<SSL_read(3)>, L<SSL_write_ex(3)> or
194 connection attempt. By default the server does not accept early data; a
231 is accepted or not, for example to mitigate replay risks (see L</REPLAY PROTECTION>
239 in which case this callback will not get called. Notably, the built-in replay
256 scenarios this is beneficial for performance, but it does not work well with the
258 buffer outgoing TCP data if a TCP packet has already been sent which we have not
266 buffered by the OS and not sent until an ACK is received for the first packet
267 containing the ClientHello. This means the early data is not actually
277 reports a max early data value greater than 0, but where the server does not
284 sending early data as this does not happen automatically. A client will have to
292 the same early data was not replayed across multiple connections. As a
299 if a client does not send any early data.
308 does not exist then the resumption is not allowed and a full handshake will
318 not held when the remove session callback (see L<SSL_CTX_sess_set_remove_cb(3)>)
324 The OpenSSL replay protection does not apply to external Pre Shared Keys (PSKs)
332 early data or not. See SSL_CTX_set_allow_early_data_cb() above for details.
375 Licensed under the Apache License 2.0 (the "License").  You may not use

Last Index update Sat Oct 05 00:02:49 UTC 2024

Dedicated to & Maintained by Room-11