From 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc Mon Sep 17 00:00:00 2001 From: Scott Deboy Date: Tue, 18 Jun 2013 14:34:38 -0700 Subject: Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation. --- doc/apps/s_client.pod | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'doc/apps/s_client.pod') diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index a37c4e2b7c..85e5b9cecb 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -45,6 +45,8 @@ B B [B<-sess_in filename>] [B<-rand file(s)>] [B<-serverinfo types>] +[B<-auth>] +[B<-auth_require_reneg>] =head1 DESCRIPTION @@ -272,6 +274,15 @@ a list of comma-separated TLS Extension Types (numbers between 0 and The server's response (if any) will be encoded and displayed as a PEM file. +=item B<-auth> + +send RFC 5878 client and server authorization extensions in the Client Hello as well as +supplemental data if the server also sent the authorization extensions in the Server Hello. + +=item B<-auth_require_reneg> + +only send RFC 5878 client and server authorization extensions during renegotiation. + =back =head1 CONNECTED COMMANDS -- cgit v1.2.3