*
* \note See the documentation of \c mbedtls_ssl_set_timer_t and
* \c mbedtls_ssl_get_timer_t for the conventions this pair of
- * callbacks must fallow.
+ * callbacks must follow.
*
* \note On some platforms, timing.c provides
* \c mbedtls_timing_set_delay() and
/**
* \brief Set record counter threshold for periodic renegotiation.
- * (Default: 2^64 - 256.)
+ * (Default: 2^48 - 1)
*
* Renegotiation is automatically triggered when a record
* counter (outgoing or ingoing) crosses the defined
* Lower values can be used to enforce policies such as "keys
* must be refreshed every N packets with cipher X".
*
+ * The renegotiation period can be disabled by setting
+ * conf->disable_renegotiation to
+ * MBEDTLS_SSL_RENEGOTIATION_DISABLED.
+ *
+ * \note When the configured transport is
+ * MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation
+ * period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM,
+ * the maximum renegotiation period is 2^64 - 1.
+ *
* \param conf SSL configuration
* \param period The threshold value: a big-endian 64-bit number.
- * Set to 2^64 - 1 to disable periodic renegotiation
*/
void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] );
* \param len how many bytes must be written
*
* \return the number of bytes actually written (may be less than len),
- * or MBEDTLS_ERR_SSL_WANT_WRITE of MBEDTLS_ERR_SSL_WANT_READ,
+ * or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ,
* or another negative error code.
*
* \note If this function returns something other than a positive
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
* \param preset a MBEDTLS_SSL_PRESET_XXX value
- * (currently unused).
*
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
*