From 9e064bc1701599a15d0111a252b70fe45f2d2da8 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 10 May 2018 12:01:06 +0100 Subject: [PATCH] Provide documentation for the -psk_session option The s_client/s_server docs were missing documentation for this option. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/6215) --- doc/man1/s_client.pod | 8 ++++++++ doc/man1/s_server.pod | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index 5d33e1c993..19a8139c1b 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod @@ -71,6 +71,9 @@ B B [B<-crlf>] [B<-ign_eof>] [B<-no_ign_eof>] +[B<-psk_identity identity>] +[B<-psk key>] +[B<-psk_session file>] [B<-quiet>] [B<-ssl3>] [B<-tls1>] @@ -409,6 +412,11 @@ given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher. +=item B<-psk_session file> + +Use the pem encoded SSL_SESSION data stored in B as the basis of a PSK. +Note that this will only work if TLSv1.3 is negotiated. + =item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3> These options require or disable the use of the specified SSL or TLS protocols. diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod index 184ddc9f59..e577af80c7 100644 --- a/doc/man1/s_server.pod +++ b/doc/man1/s_server.pod @@ -157,6 +157,7 @@ B B [B<-psk_identity val>] [B<-psk_hint val>] [B<-psk val>] +[B<-psk_session file>] [B<-srpvfile infile>] [B<-srpuserseed val>] [B<-ssl3>] @@ -597,6 +598,11 @@ given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. This option must be provided in order to use a PSK cipher. +=item B<-psk_session file> + +Use the pem encoded SSL_SESSION data stored in B as the basis of a PSK. +Note that this will only work if TLSv1.3 is negotiated. + =item B<-listen> This option can only be used in conjunction with one of the DTLS options above. -- 2.25.1