diff options
author | Scott Deboy <sdeboy@secondstryke.com> | 2013-06-18 14:34:38 -0700 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-09-06 13:59:13 +0100 |
commit | 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc (patch) | |
tree | a145840fa49b4951e052274b00a6cd9296964954 /doc/apps/s_client.pod | |
parent | cda01d55ba9f238d8892c8e909580030ea5b3ebd (diff) | |
download | openssl-36086186a9b90cdad0d2cd0a598a10f03f8f4bcc.tar.gz |
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
Diffstat (limited to 'doc/apps/s_client.pod')
-rw-r--r-- | doc/apps/s_client.pod | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index a37c4e2b7c..85e5b9cecb 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -45,6 +45,8 @@ B<openssl> B<s_client> [B<-sess_in filename>] [B<-rand file(s)>] [B<-serverinfo types>] +[B<-auth>] +[B<-auth_require_reneg>] =head1 DESCRIPTION @@ -272,6 +274,15 @@ a list of comma-separated TLS Extension Types (numbers between 0 and The server's response (if any) will be encoded and displayed as a PEM file. +=item B<-auth> + +send RFC 5878 client and server authorization extensions in the Client Hello as well as +supplemental data if the server also sent the authorization extensions in the Server Hello. + +=item B<-auth_require_reneg> + +only send RFC 5878 client and server authorization extensions during renegotiation. + =back =head1 CONNECTED COMMANDS |