From d24a9c8f5a087357e5cfcde9f1de52fda9b5321f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 23 Aug 2007 11:34:48 +0000 Subject: Docs and usage messages for RFC4507bis support. --- doc/apps/s_client.pod | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'doc/apps/s_client.pod') diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index afdc3f7df2..f99f5ac456 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -38,6 +38,10 @@ B B [B<-cipher cipherlist>] [B<-starttls protocol>] [B<-engine id>] +[B<-tlsextdebug>] +[B<-no_ticket>] +[B<-sess_out filename>] +[B<-sess_in filename>] [B<-rand file(s)>] =head1 DESCRIPTION @@ -196,6 +200,23 @@ send the protocol-specific message(s) to switch to TLS for communication. B is a keyword for the intended protocol. Currently, the only supported keywords are "smtp", "pop3", "imap", and "ftp". +=item B<-tlsextdebug> + +print out a hex dump of any TLS extensions received from the server. + +=item B<-no_ticket> + +disable RFC4507bis session ticket support. + +=item B<-sess_out filename> + +output SSL session to B + +=item B<-sess_in sess.pem> + +load SSL session from B. The client will attempt to resume a +connection from this session. + =item B<-engine id> specifying an engine (by it's unique B string) will cause B @@ -256,6 +277,10 @@ on the command line is no guarantee that the certificate works. If there are problems verifying a server certificate then the B<-showcerts> option can be used to show the whole chain. +Since the SSLv23 client hello cannot include compression methods or extensions +these will only be supported if its use is disabled, for example by using the +B<-no_sslv2> option. + =head1 BUGS Because this program has a lot of options and also because some of -- cgit v1.2.3