BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
#ifndef OPENSSL_NO_TLSEXT
BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n");
+ BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
+ BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
#endif
}
BIO_printf(bio_err," (default is %s)\n",TEST_CERT2);
BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n");
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2);
+ BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
+ BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
#endif
}
[B<-cipher cipherlist>]
[B<-starttls protocol>]
[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-sess_out filename>]
+[B<-sess_in filename>]
[B<-rand file(s)>]
=head1 DESCRIPTION
B<protocol> is a keyword for the intended protocol. Currently, the only
supported keywords are "smtp", "pop3", "imap", and "ftp".
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server. Note: this
+option is only available if extension support is explicitly enabled at compile
+time
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support. Note: this option is only available
+if extension support is explicitly enabled at compile time
+
+=item B<-sess_out filename>
+
+output SSL session to B<filename>
+
+=item B<-sess_in sess.pem>
+
+load SSL session from B<filename>. The client will attempt to resume a
+connection from this session.
+
=item B<-engine id>
specifying an engine (by it's unique B<id> string) will cause B<s_client>
If there are problems verifying a server certificate then the
B<-showcerts> option can be used to show the whole chain.
+Since the SSLv23 client hello cannot include compression methods or extensions
+these will only be supported if its use is disabled, for example by using the
+B<-no_sslv2> option.
+
+TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly
+enabled at compile time using for example the B<enable-tlsext> switch.
+
=head1 BUGS
Because this program has a lot of options and also because some of
[B<-WWW>]
[B<-HTTP>]
[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
[B<-id_prefix arg>]
[B<-rand file(s)>]
the preference order, the order of the server cipherlist irrelevant. See
the B<ciphers> command for more information.
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support.
+
=item B<-www>
sends a status message back to the client when it connects. This includes
The session parameters can printed out using the B<sess_id> program.
+TLS extensions are only supported in OpenSSL 0.9.8 if they are explictly
+enabled at compile time using for example the B<enable-tlsext> switch.
+
=head1 BUGS
Because this program has a lot of options and also because some of
projects / openssl.git / commitdiff