From ff48c0d9098080b51ea12710029135916d117806 Mon Sep 17 00:00:00 2001 From: marha Date: Tue, 30 Mar 2010 12:36:28 +0000 Subject: svn merge -r514:HEAD ^/branches/released . --- openssl/doc/apps/s_client.pod | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'openssl/doc/apps/s_client.pod') diff --git a/openssl/doc/apps/s_client.pod b/openssl/doc/apps/s_client.pod index c44d357cf..4ebf7b585 100644 --- a/openssl/doc/apps/s_client.pod +++ b/openssl/doc/apps/s_client.pod @@ -101,6 +101,11 @@ also used when building the client certificate chain. A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain. +=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig> + +Set various certificate chain valiadition option. See the +L|verify(1)> manual page for details. + =item B<-reconnect> reconnects to the same server 5 times using the same session ID, this can @@ -161,6 +166,16 @@ input. inhibit printing of session and certificate information. This implicitly turns on B<-ign_eof> as well. +=item B<-psk_identity identity> + +Use the PSK identity B when using a PSK cipher suite. + +=item B<-psk key> + +Use the PSK key B when using a PSK cipher suite. The key is +given as a hexadecimal number without leading 0x, for example -psk +1a2b3c4d. + =item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> these options disable the use of certain SSL or TLS protocols. By default @@ -192,14 +207,11 @@ supported keywords are "smtp", "pop3", "imap", and "ftp". =item B<-tlsextdebug> -print out a hex dump of any TLS extensions received from the server. Note: this -option is only available if extension support is explicitly enabled at compile -time +print out a hex dump of any TLS extensions received from the server. =item B<-no_ticket> -disable RFC4507bis session ticket support. Note: this option is only available -if extension support is explicitly enabled at compile time +disable RFC4507bis session ticket support. =item B<-sess_out filename> @@ -212,7 +224,7 @@ connection from this session. =item B<-engine id> -specifying an engine (by it's unique B string) will cause B +specifying an engine (by its unique B string) will cause B to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. @@ -274,9 +286,6 @@ Since the SSLv23 client hello cannot include compression methods or extensions these will only be supported if its use is disabled, for example by using the B<-no_sslv2> option. -TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly -enabled at compile time using for example the B switch. - =head1 BUGS Because this program has a lot of options and also because some of -- cgit v1.2.3