generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Docs and usage messages for RFC4507bis support.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2007-08-23 11:34:48 +00:00
parent 42fe218b9f
commit d24a9c8f5a
4 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/s_client.c
View File

@ -326,6 +326,8 @@ static void sc_usage(void)
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
#ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_TLSEXT
BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n");
BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
#endif #endif
} }

2
apps/s_server.c
View File

@ -474,6 +474,8 @@ static void sv_usage(void)
BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," (default is %s)\n",TEST_CERT2);
BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n");
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2);
BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
#endif #endif
} }

25
doc/apps/s_client.pod
View File

@ -38,6 +38,10 @@ B<openssl> B<s_client>
[B<-cipher cipherlist>] [B<-cipher cipherlist>]
[B<-starttls protocol>] [B<-starttls protocol>]
[B<-engine id>] [B<-engine id>]
[B<-tlsextdebug>]
[B<-no_ticket>]
[B<-sess_out filename>]
[B<-sess_in filename>]
[B<-rand file(s)>] [B<-rand file(s)>]
=head1 DESCRIPTION =head1 DESCRIPTION
@ -196,6 +200,23 @@ send the protocol-specific message(s) to switch to TLS for communication.
B<protocol> is a keyword for the intended protocol. Currently, the only B<protocol> is a keyword for the intended protocol. Currently, the only
supported keywords are "smtp", "pop3", "imap", and "ftp". supported keywords are "smtp", "pop3", "imap", and "ftp".
=item B<-tlsextdebug>
print out a hex dump of any TLS extensions received from the server.
=item B<-no_ticket>
disable RFC4507bis session ticket support.
=item B<-sess_out filename>
output SSL session to B<filename>
=item B<-sess_in sess.pem>
load SSL session from B<filename>. The client will attempt to resume a
connection from this session.
=item B<-engine id> =item B<-engine id>
specifying an engine (by it's unique B<id> string) will cause B<s_client> specifying an engine (by it's unique B<id> string) will cause B<s_client>
@ -256,6 +277,10 @@ on the command line is no guarantee that the certificate works.
If there are problems verifying a server certificate then the If there are problems verifying a server certificate then the
B<-showcerts> option can be used to show the whole chain. B<-showcerts> option can be used to show the whole chain.
Since the SSLv23 client hello cannot include compression methods or extensions
these will only be supported if its use is disabled, for example by using the
B<-no_sslv2> option.
=head1 BUGS =head1 BUGS
Because this program has a lot of options and also because some of Because this program has a lot of options and also because some of

10
doc/apps/s_server.pod
View File

@ -48,6 +48,8 @@ B<openssl> B<s_server>
[B<-WWW>] [B<-WWW>]
[B<-HTTP>] [B<-HTTP>]
[B<-engine id>] [B<-engine id>]
[B<-tlsextdebug>]
[B<-no_ticket>]
[B<-id_prefix arg>] [B<-id_prefix arg>]
[B<-rand file(s)>] [B<-rand file(s)>]
@ -215,6 +217,14 @@ also included in the server list is used. Because the client specifies
the preference order, the order of the server cipherlist irrelevant. See the preference order, the order of the server cipherlist irrelevant. See
the B<ciphers> command for more information. the B<ciphers> command for more information.
=item B<-tlsextdebug>
print out a hex dump of any TLS extensions received from the server.
=item B<-no_ticket>
disable RFC4507bis session ticket support.
=item B<-www> =item B<-www>
sends a status message back to the client when it connects. This includes sends a status message back to the client when it connects. This includes