From: Steven Collison Date: Tue, 28 Mar 2017 16:02:37 +0000 (-0700) Subject: doc: Add missing options in s_{server,client} X-Git-Tag: OpenSSL_1_0_2l~27 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8625e92a7669ff69b23bc5dffe5cbefe7792c5c0;p=oweals%2Fopenssl.git doc: Add missing options in s_{server,client} These were added to the help in ad775e04f6dab but not the pods. Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/3065) (cherry picked from commit 254b58fd7335fa3c58e2535d46658109ffd8bdcd) --- diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 29675dd213..b45acbc5e3 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -42,6 +42,8 @@ B B [B<-no_tls1_2>] [B<-fallback_scsv>] [B<-bugs>] +[B<-sigalgs sigalglist>] +[B<-curves curvelist>] [B<-cipher cipherlist>] [B<-serverpref>] [B<-starttls protocol>] @@ -217,6 +219,19 @@ Send TLS_FALLBACK_SCSV in the ClientHello. there are several known bug in SSL and TLS implementations. Adding this option enables various workarounds. +=item B<-sigalgs sigalglist> + +Specifies the list of signature algorithms that are sent by the client. +The server selects one entry in the list based on its preferences. +For example strings, see L + +=item B<-curves curvelist> + +Specifies the list of supported curves to be sent by the client. The curve is +is ultimately selected by the server. For a list of all curves, use: + + $ openssl ecparam -list_curves + =item B<-cipher cipherlist> this allows the cipher list sent by the client to be modified. Although diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index fa17488d91..1fe93ddfbe 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -35,6 +35,8 @@ B B [B<-CAfile filename>] [B<-no_alt_chains>] [B<-nocert>] +[B<-client_sigalgs sigalglist>] +[B<-named_curve curve>] [B<-cipher cipherlist>] [B<-serverpref>] [B<-quiet>] @@ -234,6 +236,18 @@ option enables various workarounds. this option enables a further workaround for some some early Netscape SSL code (?). +=item B<-client_sigalgs sigalglist> + +Signature algorithms to support for client certificate authentication +(colon-separated list) + +=item B<-named_curve curve> + +Specifies the elliptic curve to use. NOTE: this is single curve, not a list. +For a list of all possible curves, use: + + $ openssl ecparam -list_curves + =item B<-cipher cipherlist> this allows the cipher list used by the server to be modified. When