- {"no_ssl3", OPT_S_NOSSL3, '-' }, \
- {"no_tls1", OPT_S_NOTLS1, '-' }, \
- {"no_tls1_1", OPT_S_NOTLS1_1, '-' }, \
- {"no_tls1_2", OPT_S_NOTLS1_2, '-' }, \
- {"bugs", OPT_S_BUGS, '-' }, \
- {"no_comp", OPT_S_NOCOMP, '-' }, \
- {"ecdh_single", OPT_S_ECDHSINGLE, '-' }, \
- {"no_ticket", OPT_S_NOTICKET, '-' }, \
- {"serverpref", OPT_S_SERVERPREF, '-' }, \
- {"legacy_renegotiation", OPT_S_LEGACYRENEG, '-' }, \
- {"legacy_server_connect", OPT_S_LEGACYCONN, '-' }, \
- {"no_resumption_on_reneg", OPT_S_ONRESUMP, '-' }, \
- {"no_legacy_server_connect", OPT_S_NOLEGACYCONN, '-' }, \
- {"strict", OPT_S_STRICT, '-' }, \
- {"sigalgs", OPT_S_SIGALGS, 's', }, \
- {"client_sigalgs", OPT_S_CLIENTSIGALGS, 's', }, \
- {"curves", OPT_S_CURVES, 's', }, \
- {"named_curve", OPT_S_NAMEDCURVE, 's', }, \
- {"cipher", OPT_S_CIPHER, 's', }, \
- {"dhparam", OPT_S_DHPARAM, '<' }, \
- {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-' }
+ {"no_ssl3", OPT_S_NOSSL3, '-',"Just disable SSLv3" }, \
+ {"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \
+ {"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \
+ {"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \
+ {"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \
+ {"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \
+ {"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \
+ {"no_ticket", OPT_S_NOTICKET, '-', \
+ "Disable use of TLS session tickets"}, \
+ {"serverpref", OPT_S_SERVERPREF, '-', "Use server's cipher preferences"}, \
+ {"legacy_renegotiation", OPT_S_LEGACYRENEG, '-', \
+ "Enable use of legacy renegotiation (dangerous)"}, \
+ {"legacy_server_connect", OPT_S_LEGACYCONN, '-', \
+ "Allow initial connection to servers that don't support RI"}, \
+ {"no_resumption_on_reneg", OPT_S_ONRESUMP, '-', \
+ "Disallow session resumption on renegotiation"}, \
+ {"no_legacy_server_connect", OPT_S_NOLEGACYCONN, '-', \
+ "Disallow initial connection to servers that don't support RI"}, \
+ {"strict", OPT_S_STRICT, '-', \
+ "Enforce strict certificate checks as per TLS standard"}, \
+ {"sigalgs", OPT_S_SIGALGS, 's', \
+ "Signature algorithms to support (colon-separated list)" }, \
+ {"client_sigalgs", OPT_S_CLIENTSIGALGS, 's', \
+ "Signature algorithms to support for client certificate" \
+ " authentication (colon-separated list)" }, \
+ {"curves", OPT_S_CURVES, 's', \
+ "Elliptic curves to advertise (colon-separated list)" }, \
+ {"named_curve", OPT_S_NAMEDCURVE, 's', \
+ "Elliptic curve used for ECDHE (server-side only)" }, \
+ {"cipher", OPT_S_CIPHER, 's', "Specify cipher list to be used"}, \
+ {"dhparam", OPT_S_DHPARAM, '<', \
+ "DH parameter file to use, in cert file if not specified"}, \
+ {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
+ "Perform all sorts of protocol violations for testing purposes"}