From d67fe76786587bc6995337d2a9cb525fb60bf998 Mon Sep 17 00:00:00 2001
From: EasySec <Easy.Sec@free.fr>
Date: Sat, 12 Nov 2016 21:08:32 +0100
Subject: [PATCH] Update s_client and s_server documentation about some missing
 arguments

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1837)
(cherry picked from commit a22f9c84b468eed83c651cb5f2c68c7ad4103ffd)
---
 apps/s_client.c       |  2 +-
 apps/s_server.c       |  2 +-
 doc/apps/s_client.pod | 19 ++++++++++++++++++-
 doc/apps/s_server.pod | 35 ++++++++++++++++++++++++++++++++---
 4 files changed, 52 insertions(+), 6 deletions(-)

diff --git a/apps/s_client.c b/apps/s_client.c
index a14d8855b3..b8aaee9396 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -567,7 +567,7 @@ OPTIONS s_client_options[] = {
     {"proxy", OPT_PROXY, 's',
      "Connect to via specified proxy to the real server"},
 #ifdef AF_UNIX
-    {"unix", OPT_UNIX, 's', "Connect over unix domain sockets"},
+    {"unix", OPT_UNIX, 's', "Connect over the specified Unix-domain socket"},
 #endif
     {"4", OPT_4, '-', "Use IPv4 only"},
 #ifdef AF_INET6
diff --git a/apps/s_server.c b/apps/s_server.c
index 9eb226b2f2..66405e68a5 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -684,7 +684,7 @@ OPTIONS s_server_options[] = {
     {"port", OPT_PORT, 'p',
      "TCP/IP port to listen on for connections (default is " PORT ")"},
     {"accept", OPT_ACCEPT, 's',
-     "TCP/IP optional host and port to accept on (default is " PORT ")"},
+     "TCP/IP optional host and port to listen on for connections (default is *:" PORT ")"},
 #ifdef AF_UNIX
     {"unix", OPT_UNIX, 's', "Unix domain socket to accept on"},
 #endif
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index 7ad9811118..b617c415f5 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -10,6 +10,9 @@ B<openssl> B<s_client>
 [B<-help>]
 [B<-connect host:port>]
 [B<-proxy host:port>]
+[B<-unix path>]
+[B<-4>]
+[B<-6>]
 [B<-servername name>]
 [B<-verify depth>]
 [B<-verify_return_error>]
@@ -68,10 +71,12 @@ B<openssl> B<s_client>
 [B<-tls1>]
 [B<-tls1_1>]
 [B<-tls1_2>]
+[B<-tls1_3>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_tls1_1>]
 [B<-no_tls1_2>]
+[B<-no_tls1_3>]
 [B<-dtls>]
 [B<-dtls1>]
 [B<-dtls1_2>]
@@ -130,6 +135,18 @@ When used with the B<-connect> flag, the program uses the host and port
 specified with this flag and issues an HTTP CONNECT command to connect
 to the desired server.
 
+=item B<-unix path>
+
+Connect over the specified Unix-domain socket.
+
+=item B<-4>
+
+Use IPv4 only.
+
+=item B<-6>
+
+Use IPv6 only.
+
 =item B<-servername name>
 
 Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
@@ -336,7 +353,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 
-=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
 
 These options require or disable the use of the specified SSL or TLS protocols.
 By default B<s_client> will negotiate the highest mutually supported protocol
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index b0d7888730..94065ba753 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -8,8 +8,13 @@ s_server - SSL/TLS server program
 
 B<openssl> B<s_server>
 [B<-help>]
-[B<-accept port>]
+[B<-port port>]
+[B<-accept val>]
 [B<-naccept count>]
+[B<-unix val>]
+[B<-unlink>]
+[B<-4>]
+[B<-6>]
 [B<-context id>]
 [B<-verify depth>]
 [B<-Verify depth>]
@@ -69,6 +74,9 @@ B<openssl> B<s_server>
 [B<-quiet>]
 [B<-ssl3>]
 [B<-tls1>]
+[B<-tls1_1>]
+[B<-tls1_2>]
+[B<-tls1_3>]
 [B<-dtls>]
 [B<-dtls1>]
 [B<-dtls1_2>]
@@ -81,6 +89,7 @@ B<openssl> B<s_server>
 [B<-no_tls1>]
 [B<-no_tls1_1>]
 [B<-no_tls1_2>]
+[B<-no_tls1_3>]
 [B<-no_dhe>]
 [B<-bugs>]
 [B<-comp>]
@@ -121,14 +130,34 @@ manual page.
 
 Print out a usage message.
 
-=item B<-accept port>
+=item B<-port port>
 
 The TCP port to listen on for connections. If not specified 4433 is used.
 
+=item B<-accept val>
+
+The optional TCP host and port to listen on for connections. If not specified, *:4433 is used.
+
 =item B<-naccept count>
 
 The server will exit after receiving B<number> connections, default unlimited.
 
+=item B<-unix val>
+
+Unix domain socket to accept on.
+
+=item B<-unlink>
+
+For -unix, unlink existing socket first.
+
+=item B<-4>
+
+Use IPv4 only.
+
+=item B<-6>
+
+Use IPv6 only.
+
 =item B<-context id>
 
 Sets the SSL context id. It can be given any string value. If this option
@@ -295,7 +324,7 @@ Use the PSK key B<key> when using a PSK cipher suite. The key is
 given as a hexadecimal number without leading 0x, for example -psk
 1a2b3c4d.
 
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
 
 These options require or disable the use of the specified SSL or TLS protocols.
 By default B<s_server> will negotiate the highest mutually supported protocol
-- 
2.25.1