Add -listen documentation
This commit adds documentation for the new -listen option to s_server. Along the way it also adds documentation for -dtls, -dtls1 and -dtls1_2 which was missing. Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
parent
fd4e98ec84
commit
35d15a3952
1 changed files with 19 additions and 0 deletions
|
@ -67,6 +67,10 @@ B<openssl> B<s_server>
|
|||
[B<-no_tmp_rsa>]
|
||||
[B<-ssl3>]
|
||||
[B<-tls1>]
|
||||
[B<-dtls>]
|
||||
[B<-dtls1>]
|
||||
[B<-dtls1_2>]
|
||||
[B<-listen>]
|
||||
[B<-no_ssl3>]
|
||||
[B<-no_tls1>]
|
||||
[B<-no_dhe>]
|
||||
|
@ -283,6 +287,21 @@ these options disable the use of certain SSL or TLS protocols. By default
|
|||
the initial handshake uses a method which should be compatible with all
|
||||
servers and permit them to use SSL v3 or TLS as appropriate.
|
||||
|
||||
=item B<-dtls>, B<-dtls1>, B<-dtls1_2>
|
||||
|
||||
these options make s_server use DTLS protocols instead of TLS. With B<-dtls>
|
||||
s_server will negotiate any supported DTLS protcol version, whilst B<-dtls1> and
|
||||
B<-dtls1_2> will only support DTLS1.0 and DTLS1.2 respectively.
|
||||
|
||||
=item B<-listen>
|
||||
|
||||
this option can only be used in conjunction with one of the DTLS options above.
|
||||
With this option s_server will listen on a UDP port for incoming connections.
|
||||
Any ClientHellos that arrive will be checked to see if they have a cookie in
|
||||
them or not. Any without a cookie will be responded to with a
|
||||
HelloVerifyRequest. If a ClientHello with a cookie is received then s_server
|
||||
will connect to that peer and complete the handshake.
|
||||
|
||||
=item B<-bugs>
|
||||
|
||||
there are several known bug in SSL and TLS implementations. Adding this
|
||||
|
|
Loading…
Reference in a new issue