From 0df8088132af29b3069aa15408fc1ea49e5cabb4 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 16 Feb 2016 11:13:33 +0000
Subject: [PATCH] Add documentation for new s_server/s_client options

Document the new split_send_frag, max_pipelines and read_buf options.

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 apps/s_client.c       |  2 +-
 apps/s_server.c       |  2 +-
 doc/apps/s_client.pod | 26 ++++++++++++++++++++++++++
 doc/apps/s_server.pod | 26 ++++++++++++++++++++++++++
 4 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/apps/s_client.c b/apps/s_client.c
index ab22d4211f..5a5a90b1cb 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -763,7 +763,7 @@ OPTIONS s_client_options[] = {
     {"async", OPT_ASYNC, '-', "Support asynchronous operation"},
     {"ssl_config", OPT_SSL_CONFIG, 's', "Use specified configuration file"},
     {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n',
-     "Size used to split data for encrypt/decrypt pipelines"},
+     "Size used to split data for encrypt pipelines"},
     {"max_pipelines", OPT_MAX_PIPELINES, 'n',
      "Maximum number of encrypt/decrypt pipelines to be used"},
     {"read_buf", OPT_READ_BUF, 'n',
diff --git a/apps/s_server.c b/apps/s_server.c
index 6e1c5989c5..870c7b24f9 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -943,7 +943,7 @@ OPTIONS s_server_options[] = {
     {"ssl_config", OPT_SSL_CONFIG, 's', \
      "Configure SSL_CTX using the configuration 'val'"},
     {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n',
-     "Size used to split data for encrypt/decrypt pipelines"},
+     "Size used to split data for encrypt pipelines"},
     {"max_pipelines", OPT_MAX_PIPELINES, 'n',
      "Maximum number of encrypt/decrypt pipelines to be used"},
     {"read_buf", OPT_READ_BUF, 'n',
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index 607ece5541..7e03a24323 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -75,6 +75,9 @@ B<openssl> B<s_client>
 [B<-dtls1_2>]
 [B<-fallback_scsv>]
 [B<-async>]
+[B<-split_send_frag>]
+[B<-max_pipelines>]
+[B<-read_buf>]
 [B<-bugs>]
 [B<-comp>]
 [B<-no_comp>]
@@ -338,6 +341,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine
 is also used via the B<-engine> option. For test purposes the dummy async engine
 (dasync) can be used (if available).
 
+=item B<-split_send_frag int>
+
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable ciphersuite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+L<SSL_CTX_set_split_send_fragment(3)> for further information.
+
+=item B<-max_pipelines int>
+
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suiteable ciphersuite has been negotiated. The default value is 1.
+See L<SSL_CTX_set_max_pipelines(3)> for further information.
+
+=item B<-read_buf int>
+
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
+further information).
+
 =item B<-bugs>
 
 there are several known bug in SSL and TLS implementations. Adding this
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index 14534914a9..d63a20670c 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -73,6 +73,9 @@ B<openssl> B<s_server>
 [B<-dtls1_2>]
 [B<-listen>]
 [B<-async>]
+[B<-split_send_frag>]
+[B<-max_pipelines>]
+[B<-read_buf>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_tls1_1>]
@@ -322,6 +325,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine
 is also used via the B<-engine> option. For test purposes the dummy async engine
 (dasync) can be used (if available).
 
+=item B<-split_send_frag int>
+
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable ciphersuite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+L<SSL_CTX_set_split_send_fragment(3)> for further information.
+
+=item B<-max_pipelines int>
+
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suiteable ciphersuite has been negotiated. The default value is 1.
+See L<SSL_CTX_set_max_pipelines(3)> for further information.
+
+=item B<-read_buf int>
+
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
+further information).
+
 =item B<-bugs>
 
 There are several known bug in SSL and TLS implementations. Adding this
-- 
2.25.1