Loading apps/s_client.c +2 −0 Original line number Diff line number Diff line Loading @@ -236,6 +236,8 @@ static void sc_usage(void) BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); #ifndef OPENSSL_NO_TLSEXT BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif } Loading apps/s_server.c +2 −0 Original line number Diff line number Diff line Loading @@ -395,6 +395,8 @@ static void sv_usage(void) BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif } Loading doc/apps/s_client.pod +31 −0 Original line number Diff line number Diff line Loading @@ -38,6 +38,10 @@ B<openssl> B<s_client> [B<-cipher cipherlist>] [B<-starttls protocol>] [B<-engine id>] [B<-tlsextdebug>] [B<-no_ticket>] [B<-sess_out filename>] [B<-sess_in filename>] [B<-rand file(s)>] =head1 DESCRIPTION Loading Loading @@ -186,6 +190,26 @@ send the protocol-specific message(s) to switch to TLS for communication. B<protocol> is a keyword for the intended protocol. Currently, the only supported keywords are "smtp", "pop3", "imap", and "ftp". =item B<-tlsextdebug> print out a hex dump of any TLS extensions received from the server. Note: this option is only available if extension support is explicitly enabled at compile time =item B<-no_ticket> disable RFC4507bis session ticket support. Note: this option is only available if extension support is explicitly enabled at compile time =item B<-sess_out filename> output SSL session to B<filename> =item B<-sess_in sess.pem> load SSL session from B<filename>. The client will attempt to resume a connection from this session. =item B<-engine id> specifying an engine (by it's unique B<id> string) will cause B<s_client> Loading Loading @@ -246,6 +270,13 @@ on the command line is no guarantee that the certificate works. If there are problems verifying a server certificate then the B<-showcerts> option can be used to show the whole chain. Since the SSLv23 client hello cannot include compression methods or extensions these will only be supported if its use is disabled, for example by using the B<-no_sslv2> option. TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly enabled at compile time using for example the B<enable-tlsext> switch. =head1 BUGS Because this program has a lot of options and also because some of Loading doc/apps/s_server.pod +13 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,8 @@ B<openssl> B<s_server> [B<-WWW>] [B<-HTTP>] [B<-engine id>] [B<-tlsextdebug>] [B<-no_ticket>] [B<-id_prefix arg>] [B<-rand file(s)>] Loading Loading @@ -205,6 +207,14 @@ also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist irrelevant. See the B<ciphers> command for more information. =item B<-tlsextdebug> print out a hex dump of any TLS extensions received from the server. =item B<-no_ticket> disable RFC4507bis session ticket support. =item B<-www> sends a status message back to the client when it connects. This includes Loading Loading @@ -307,6 +317,9 @@ mean any CA is acceptable. This is useful for debugging purposes. The session parameters can printed out using the B<sess_id> program. TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly enabled at compile time using for example the B<enable-tlsext> switch. =head1 BUGS Because this program has a lot of options and also because some of Loading Loading
apps/s_client.c +2 −0 Original line number Diff line number Diff line Loading @@ -236,6 +236,8 @@ static void sc_usage(void) BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); #ifndef OPENSSL_NO_TLSEXT BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif } Loading
apps/s_server.c +2 −0 Original line number Diff line number Diff line Loading @@ -395,6 +395,8 @@ static void sv_usage(void) BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif } Loading
doc/apps/s_client.pod +31 −0 Original line number Diff line number Diff line Loading @@ -38,6 +38,10 @@ B<openssl> B<s_client> [B<-cipher cipherlist>] [B<-starttls protocol>] [B<-engine id>] [B<-tlsextdebug>] [B<-no_ticket>] [B<-sess_out filename>] [B<-sess_in filename>] [B<-rand file(s)>] =head1 DESCRIPTION Loading Loading @@ -186,6 +190,26 @@ send the protocol-specific message(s) to switch to TLS for communication. B<protocol> is a keyword for the intended protocol. Currently, the only supported keywords are "smtp", "pop3", "imap", and "ftp". =item B<-tlsextdebug> print out a hex dump of any TLS extensions received from the server. Note: this option is only available if extension support is explicitly enabled at compile time =item B<-no_ticket> disable RFC4507bis session ticket support. Note: this option is only available if extension support is explicitly enabled at compile time =item B<-sess_out filename> output SSL session to B<filename> =item B<-sess_in sess.pem> load SSL session from B<filename>. The client will attempt to resume a connection from this session. =item B<-engine id> specifying an engine (by it's unique B<id> string) will cause B<s_client> Loading Loading @@ -246,6 +270,13 @@ on the command line is no guarantee that the certificate works. If there are problems verifying a server certificate then the B<-showcerts> option can be used to show the whole chain. Since the SSLv23 client hello cannot include compression methods or extensions these will only be supported if its use is disabled, for example by using the B<-no_sslv2> option. TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly enabled at compile time using for example the B<enable-tlsext> switch. =head1 BUGS Because this program has a lot of options and also because some of Loading
doc/apps/s_server.pod +13 −0 Original line number Diff line number Diff line Loading @@ -48,6 +48,8 @@ B<openssl> B<s_server> [B<-WWW>] [B<-HTTP>] [B<-engine id>] [B<-tlsextdebug>] [B<-no_ticket>] [B<-id_prefix arg>] [B<-rand file(s)>] Loading Loading @@ -205,6 +207,14 @@ also included in the server list is used. Because the client specifies the preference order, the order of the server cipherlist irrelevant. See the B<ciphers> command for more information. =item B<-tlsextdebug> print out a hex dump of any TLS extensions received from the server. =item B<-no_ticket> disable RFC4507bis session ticket support. =item B<-www> sends a status message back to the client when it connects. This includes Loading Loading @@ -307,6 +317,9 @@ mean any CA is acceptable. This is useful for debugging purposes. The session parameters can printed out using the B<sess_id> program. TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly enabled at compile time using for example the B<enable-tlsext> switch. =head1 BUGS Because this program has a lot of options and also because some of Loading
