From 765d49b680dec9a1374af8ff1bb3e6a9260df532 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Wed, 29 Oct 2025 07:57:28 +0100 Subject: [PATCH] DOC: config: slightly clarify the ssl_fc_has_early() behavior Clarify that it's about handshake *completion*, and also mention that the action to be used to wait for the handshake is "wait-for-handshake", which was not mentioned. This can be backported though it's very minor. --- doc/configuration.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 35ab9c00b..4bcf4ea6b 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -25131,9 +25131,9 @@ ssl_fc_has_crt : boolean current SSL session uses a client certificate. ssl_fc_has_early : boolean - Returns true if early data were sent, and the handshake didn't happen yet. As - it has security implications, it is useful to be able to refuse those, or - wait until the handshake happened. + Returns true if early data were sent, and the handshake didn't complete yet. + As it has security implications, it is useful to be able to refuse those, or + wait until the handshake completes (via the "wait-for-handshake" action). ssl_fc_has_sni : boolean This checks for the presence of a Server Name Indication TLS extension (SNI) -- 2.47.3