Add -listen documentation (35d15a39) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

doc/apps/s_server.pod

+19 −0

Original line number	Original line	Diff line number	Diff line
	@@ -67,6 +67,10 @@ B<openssl> B<s_server>
	[B<-no_tmp_rsa>]		[B<-no_tmp_rsa>]
	[B<-ssl3>]		[B<-ssl3>]
	[B<-tls1>]		[B<-tls1>]
			[B<-dtls>]
			[B<-dtls1>]
			[B<-dtls1_2>]
			[B<-listen>]
	[B<-no_ssl3>]		[B<-no_ssl3>]
	[B<-no_tls1>]		[B<-no_tls1>]
	[B<-no_dhe>]		[B<-no_dhe>]
	@@ -283,6 +287,21 @@ these options disable the use of certain SSL or TLS protocols. By default
	the initial handshake uses a method which should be compatible with all		the initial handshake uses a method which should be compatible with all
	servers and permit them to use SSL v3 or TLS as appropriate.		servers and permit them to use SSL v3 or TLS as appropriate.

			=item B<-dtls>, B<-dtls1>, B<-dtls1_2>

			these options make s_server use DTLS protocols instead of TLS. With B<-dtls>
			s_server will negotiate any supported DTLS protcol version, whilst B<-dtls1> and
			B<-dtls1_2> will only support DTLS1.0 and DTLS1.2 respectively.

			=item B<-listen>

			this option can only be used in conjunction with one of the DTLS options above.
			With this option s_server will listen on a UDP port for incoming connections.
			Any ClientHellos that arrive will be checked to see if they have a cookie in
			them or not. Any without a cookie will be responded to with a
			HelloVerifyRequest. If a ClientHello with a cookie is received then s_server
			will connect to that peer and complete the handshake.

	=item B<-bugs>		=item B<-bugs>

	there are several known bug in SSL and TLS implementations. Adding this		there are several known bug in SSL and TLS implementations. Adding this