Ignore entropy from RAND_add()/RAND_seed() in FIPS mode

[openssl.git] / doc / man3 / SSL_CTX_set_tlsext_ticket_key_cb.pod

diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
index 7782ea7d258849e45564f90c83338807f245cbaf..88e70c5fa23591f308edcc014970cae4b94e1dac 100644 (file)
--- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
+++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -38,7 +38,7 @@ ticket information or it starts a full TLS handshake to create a new session
 ticket.
 
 Before the callback function is started I<ctx> and I<hctx> have been
-initialised with EVP_CIPHER_CTX_init and HMAC_CTX_init respectively.
+initialised with L<EVP_CIPHER_CTX_reset(3)> and L<HMAC_CTX_reset(3)> respectively.
 
 For new sessions tickets, when the client doesn't present a session ticket, or
 an attempted retrieval of the ticket failed, or a renew option was indicated,
@@ -121,6 +121,10 @@ For example if a cipher suite uses 256 bit ciphers but only a 128 bit ticket key
 the overall security is only 128 bits because breaking the ticket key will
 enable an attacker to obtain the session keys.
 
+=head1 RETURN VALUES
+
+returns 0 to indicate the callback function was set.
+
 =head1 EXAMPLES
 
 Reference Implementation:
@@ -175,10 +179,6 @@ Reference Implementation:
      }
  }
 
-=head1 RETURN VALUES
-
-returns 0 to indicate the callback function was set.
-
 =head1 SEE ALSO
 
 L<ssl(7)>, L<SSL_set_session(3)>,
@@ -190,9 +190,9 @@ L<SSL_CTX_set_session_id_context(3)>,
 
 =head1 COPYRIGHT
 
-Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
 
-Licensed under the OpenSSL license (the "License").  You may not use
+Licensed under the Apache License 2.0 (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
 in the file LICENSE in the source distribution or at
 L<https://www.openssl.org/source/license.html>.