Matt Caswell
8caab744f5
Fix s_server problem with no-ec
...
s_server was trying to set the ECDH curve when no-ec was defined. This also
highlighted the fact that the -no_ecdhe option to s_server is broken, and
doesn't make any sense any more (ECDHE is on by default and the only way it
can be disabled is through the cipherstring). Therefore this commit removes
the option.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-15 11:26:38 +00:00
Kurt Roeckx
361a119127
Remove support for all 40 and 56 bit ciphers.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
MR: #364
2015-12-05 17:45:59 +01:00
Matt Caswell
bc8857bf70
More async documentation
...
Document the libssl and command line application aspects of async.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-11-20 23:34:35 +00:00
Matt Caswell
40e2d76bec
Document -no-CApath and -no-CAfile
...
Add documentation to all the appropriate apps for the new -no-CApath and
-no-CAfile options.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-25 14:49:59 +01:00
Matt Caswell
35d15a3952
Add -listen documentation
...
This commit adds documentation for the new -listen option to s_server. Along
the way it also adds documentation for -dtls, -dtls1 and -dtls1_2 which was
missing.
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-23 13:53:27 +01:00
Rich Salz
9b86974e0c
Fix L<> content in manpages
...
L<foo|foo> is sub-optimal If the xref is the same as the title,
which is what we do, then you only need L<foo>. This fixes all
1457 occurrences in 349 files. Approximately. (And pod used to
need both.)
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-21 15:11:50 -04:00
Matt Caswell
7a4dadc3a6
Removed support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. Also removed
...
the "-hack" option from s_server that set this option.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-02-26 23:22:46 +00:00
Matt Caswell
fa7b01115b
Add documentation for the -no_alt_chains option for various apps, as well as
...
the X509_V_FLAG_NO_ALT_CHAINS flag.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-02-25 09:15:10 +00:00
Kurt Roeckx
45f55f6a5b
Remove SSLv2 support
...
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-04 11:55:03 +01:00
Rich Salz
8d4193305b
RT3102: Document -verify_error_return flag
...
Also moved some options around so all the "verify" options.
are clumped together.
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-08-28 17:11:25 -04:00
Dr. Stephen Henson
ca2015a617
Clarify -Verify and PSK.
...
PR#3452
2014-07-15 20:22:39 +01:00
Hubert Kario
7efd0e777e
document -nextprotoneg option in man pages
...
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.
PR#3444
2014-07-14 23:42:59 +01:00
Dr. Stephen Henson
cba3f1c739
Document certificate status request options.
2014-07-06 22:40:01 +01:00
Dr. Stephen Henson
b948ee27b0
Remove all RFC5878 code.
...
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
2014-07-04 13:26:35 +01:00
Rich Salz
fc1d88f02f
Close a whole bunch of documentation-related tickets:
...
298 424 656 882 939 1630 1807 2263 2294 2311 2424 2623
2637 2686 2697 2921 2922 2940 3055 3112 3156 3177 3277
2014-07-02 22:42:40 -04:00
Hubert Kario
e42d84be33
add references to verify(1) man page for args_verify() options
...
cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.
2014-06-19 23:09:21 +01:00
Hubert Kario
6d3d579367
Document -trusted_first option in man pages and help.
...
Add -trusted_first description to help messages and man pages
of tools that deal with certificate verification.
2014-06-19 23:09:21 +01:00
Hubert Kario
08bef7be1e
add description of -no_ecdhe option to s_server man page
...
While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.
2014-05-30 22:59:43 +01:00
Scott Schaefer
2b4ffc659e
Fix various spelling errors
2014-02-14 22:29:12 +00:00
Scott Deboy
36086186a9
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
...
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
2013-09-06 13:59:13 +01:00
Trevor
9cd50f738f
Cleanup of custom extension stuff.
...
serverinfo rejects non-empty extensions.
Omit extension if no relevant serverinfo data.
Improve error-handling in serverinfo callback.
Cosmetic cleanups.
s_client documentation.
s_server documentation.
SSL_CTX_serverinfo documentation.
Cleaup -1 and NULL callback handling for custom extensions, add tests.
Cleanup ssl_rsa.c serverinfo code.
Whitespace cleanup.
Improve comments in ssl.h for serverinfo.
Whitespace.
Cosmetic cleanup.
Reject non-zero-len serverinfo extensions.
Whitespace.
Make it build.
2013-06-18 16:13:08 +01:00
Dr. Stephen Henson
13cfb04343
reorganise SSL_CONF_cmd manual page and update some links
2012-11-20 01:01:33 +00:00
Dr. Stephen Henson
8dbeb110fb
document -trace and -msgfile options
2012-11-19 16:37:18 +00:00
Dr. Stephen Henson
765b413794
update docs for s_server/s_client
2012-11-19 16:07:53 +00:00
Dr. Stephen Henson
642aa226db
document -naccept option
2012-11-18 15:51:26 +00:00
Dr. Stephen Henson
e5fa864f62
Updates from 1.0.0-stable.
2009-04-15 15:27:03 +00:00
Lutz Jänicke
51e00db226
Document "openssl s_server" -crl_check* options
...
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:15 +00:00
Dr. Stephen Henson
d24a9c8f5a
Docs and usage messages for RFC4507bis support.
2007-08-23 11:34:48 +00:00
Nils Larsch
ddac197404
add initial support for RFC 4279 PSK SSL ciphersuites
...
PR: 1191
Submitted by: Mika Kousa and Pasi Eronen of Nokia Corporation
Reviewed by: Nils Larsch
2006-03-10 23:06:27 +00:00
Dr. Stephen Henson
826a42a088
PR: 910
...
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.
Update docs.
2004-11-16 17:30:59 +00:00
Richard Levitte
e986704d24
Add documentation for -starttls (s_client) and -id_prefix (s_server).
...
PR: 542
2003-03-20 16:34:27 +00:00
Bodo Möller
1d8634b110
msg_callback documentation
2001-11-10 02:12:09 +00:00
Ulf Möller
3b80e3aa9e
ispell
2001-09-07 06:13:40 +00:00
Richard Levitte
7b8250053b
Document the change.
2001-03-10 16:28:49 +00:00
Lutz Jänicke
45ecfb1973
Typo, spotted by "Greg Stark" <gstark@ethentica.com>.
2001-03-01 16:50:11 +00:00
Lutz Jänicke
52b621db88
Add "-rand" option to s_client and s_server.
2001-02-15 10:22:07 +00:00
Richard Levitte
5270e7025e
Merge the engine branch into the main trunk. All conflicts resolved.
...
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401
s_server not s_client
2000-10-23 19:13:35 +00:00
Ulf Möller
657e60fa00
ispell (and minor modifications)
2000-02-03 23:23:24 +00:00
Richard Levitte
bb075f8833
Update all links so they will be rendered better.
2000-01-27 01:25:31 +00:00
Dr. Stephen Henson
fabce04122
Make s_server, s_client check cipher list return codes.
...
Update docs.
2000-01-23 02:28:08 +00:00
Dr. Stephen Henson
cc8709a090
Docs for sess_id utility.
2000-01-21 22:38:52 +00:00
Dr. Stephen Henson
dd46d58f65
Change the 'man' directory to 'apps'. Yes I wish cvs
...
could rename too :-(
2000-01-21 02:17:04 +00:00