|
|
|
@ -83,11 +83,6 @@ B<openssl> B<s_server>
|
|
|
|
|
[B<-split_send_frag> I<+int>]
|
|
|
|
|
[B<-max_pipelines> I<+int>]
|
|
|
|
|
[B<-read_buf> I<+int>]
|
|
|
|
|
[B<-no_ssl3>]
|
|
|
|
|
[B<-no_tls1>]
|
|
|
|
|
[B<-no_tls1_1>]
|
|
|
|
|
[B<-no_tls1_2>]
|
|
|
|
|
[B<-no_tls1_3>]
|
|
|
|
|
[B<-bugs>]
|
|
|
|
|
[B<-no_comp>]
|
|
|
|
|
[B<-comp>]
|
|
|
|
@ -149,17 +144,9 @@ B<openssl> B<s_server>
|
|
|
|
|
[B<-psk_session> I<file>]
|
|
|
|
|
[B<-srpvfile> I<infile>]
|
|
|
|
|
[B<-srpuserseed> I<val>]
|
|
|
|
|
[B<-ssl3>]
|
|
|
|
|
[B<-tls1>]
|
|
|
|
|
[B<-tls1_1>]
|
|
|
|
|
[B<-tls1_2>]
|
|
|
|
|
[B<-tls1_3>]
|
|
|
|
|
[B<-dtls>]
|
|
|
|
|
[B<-timeout>]
|
|
|
|
|
[B<-mtu> I<+int>]
|
|
|
|
|
[B<-listen>]
|
|
|
|
|
[B<-dtls1>]
|
|
|
|
|
[B<-dtls1_2>]
|
|
|
|
|
[B<-sctp>]
|
|
|
|
|
[B<-sctp_label_bug>]
|
|
|
|
|
[B<-no_dhe>]
|
|
|
|
@ -173,6 +160,7 @@ B<openssl> B<s_server>
|
|
|
|
|
[B<-no_anti_replay>]
|
|
|
|
|
[B<-http_server_binmode>]
|
|
|
|
|
{- $OpenSSL::safe::opt_name_synopsis -}
|
|
|
|
|
{- $OpenSSL::safe::opt_version_synopsis -}
|
|
|
|
|
{- $OpenSSL::safe::opt_x_synopsis -}
|
|
|
|
|
{- $OpenSSL::safe::opt_trust_synopsis -}
|
|
|
|
|
{- $OpenSSL::safe::opt_r_synopsis -}
|
|
|
|
@ -391,22 +379,18 @@ web browser. Cannot be used in conjunction with B<-early_data>.
|
|
|
|
|
|
|
|
|
|
Emulates a simple web server. Pages will be resolved relative to the
|
|
|
|
|
current directory, for example if the URL https://myhost/page.html is
|
|
|
|
|
requested the file F<./page.html> will be loaded. Cannot be used in conjunction
|
|
|
|
|
requested the file F<./page.html> will be loaded.
|
|
|
|
|
The files loaded are
|
|
|
|
|
assumed to contain a complete and correct HTTP response (lines that
|
|
|
|
|
are part of the HTTP response line and headers must end with CRLF). Cannot be
|
|
|
|
|
used in conjunction with B<-early_data>.
|
|
|
|
|
Cannot be used in conjunction
|
|
|
|
|
with B<-early_data>.
|
|
|
|
|
|
|
|
|
|
=item B<-tlsextdebug>
|
|
|
|
|
|
|
|
|
|
Print a hex dump of any TLS extensions received from the server.
|
|
|
|
|
|
|
|
|
|
=item B<-HTTP>
|
|
|
|
|
|
|
|
|
|
Emulates a simple web server. Pages will be resolved relative to the
|
|
|
|
|
current directory, for example if the URL https://myhost/page.html is
|
|
|
|
|
requested the file F<./page.html> will be loaded. The files loaded are
|
|
|
|
|
assumed to contain a complete and correct HTTP response (lines that
|
|
|
|
|
are part of the HTTP response line and headers must end with CRLF). Cannot be
|
|
|
|
|
used in conjunction with B<-early_data>.
|
|
|
|
|
|
|
|
|
|
=item B<-id_prefix> I<val>
|
|
|
|
|
|
|
|
|
|
Generate SSL/TLS session IDs prefixed by I<val>. This is mostly useful
|
|
|
|
@ -495,16 +479,6 @@ effect if the buffer size is larger than the size that would otherwise be used
|
|
|
|
|
and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
|
|
|
|
|
further information).
|
|
|
|
|
|
|
|
|
|
=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
|
|
|
|
|
|
|
|
|
|
These options require or disable the use of the specified SSL or TLS protocols.
|
|
|
|
|
By default, this command will negotiate the highest mutually supported
|
|
|
|
|
protocol version.
|
|
|
|
|
When a specific TLS version is required, only that version will be accepted
|
|
|
|
|
from the client.
|
|
|
|
|
Note that not all protocols and flags may be available, depending on how
|
|
|
|
|
OpenSSL was built.
|
|
|
|
|
|
|
|
|
|
=item B<-bugs>
|
|
|
|
|
|
|
|
|
|
There are several known bugs in SSL and TLS implementations. Adding this
|
|
|
|
@ -639,13 +613,6 @@ Any without a cookie will be responded to with a HelloVerifyRequest.
|
|
|
|
|
If a ClientHello with a cookie is received then this command will
|
|
|
|
|
connect to that peer and complete the handshake.
|
|
|
|
|
|
|
|
|
|
=item B<-dtls>, B<-dtls1>, B<-dtls1_2>
|
|
|
|
|
|
|
|
|
|
These options make this command use DTLS protocols instead of TLS.
|
|
|
|
|
With B<-dtls>, it will negotiate any supported DTLS protocol
|
|
|
|
|
version, whilst B<-dtls1> and B<-dtls1_2> will only support DTLSv1.0 and
|
|
|
|
|
DTLSv1.2 respectively.
|
|
|
|
|
|
|
|
|
|
=item B<-sctp>
|
|
|
|
|
|
|
|
|
|
Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in
|
|
|
|
@ -709,6 +676,8 @@ by the client in binary mode.
|
|
|
|
|
|
|
|
|
|
{- $OpenSSL::safe::opt_name_item -}
|
|
|
|
|
|
|
|
|
|
{- $OpenSSL::safe::opt_version_item -}
|
|
|
|
|
|
|
|
|
|
{- $OpenSSL::safe::opt_x_item -}
|
|
|
|
|
|
|
|
|
|
{- $OpenSSL::safe::opt_trust_item -}
|
|
|
|
|