From 0b3b2b33c7e888fc1e735ad25cc1b963b5c24ad4 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Thu, 12 Dec 2019 13:34:32 -0500
Subject: [PATCH] Better documentation of -www,-WWW,-HTTP flags

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10134)
---
 doc/man1/openssl-s_server.pod.in | 36 +++++++++++++++++++-------------
 doc/man1/openssl.pod             |  2 ++
 2 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index a4bc020c39..47343585bd 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -368,28 +368,34 @@ DH).
 
 Inhibit printing of session and certificate information.
 
+=item B<-tlsextdebug>
+
+Print a hex dump of any TLS extensions received from the server.
+
 =item B<-www>
 
 Sends a status message back to the client when it connects. This includes
 information about the ciphers used and various session parameters.
-The output is in HTML format so this option will normally be used with a
-web browser. Cannot be used in conjunction with B<-early_data>.
+The output is in HTML format so this option can be used with a web browser.
+The special URL C</renegcert> turns on client cert validation, and C</reneg>
+tells the server to request renegotiation.
+The B<-early_data> option cannot be used with this option.
 
-=item B<-WWW>
+=item B<-WWW>, B<-HTTP>
 
 Emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file F<./page.html> will be loaded.
-The files loaded are
-assumed to contain a complete and correct HTTP response (lines that
-are part of the HTTP response line and headers must end with CRLF). Cannot be
-used in conjunction with B<-early_data>.
-Cannot be used in conjunction
-with B<-early_data>.
-
-=item B<-tlsextdebug>
-
-Print a hex dump of any TLS extensions received from the server.
+current directory, for example if the URL C<https://myhost/page.html> is
+requested the file F<./page.html> will be sent.
+If the B<-HTTP> flag is used, the files are sent directly, and should contain
+any HTTP response headers (including status response line).
+If the B<-WWW> option is used,
+the response headers are generated by the server, and the file extension is
+examined to determine the B<Content-Type> header.
+Extensions of C<html>, C<htm>, and C<php> are C<text/html> and all others are
+C<text/plain>.
+In addition, the special URL C</stats> will return status
+information like the B<-www> option.
+Neither of these options can be used in conjunction with B<-early_data>.
 
 =item B<-id_prefix> I<val>
 
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
index a3f7353a43..dfa7a3bf7c 100644
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@@ -931,6 +931,8 @@ B<sep_multiline>.
 Places spaces round the equal sign, C<=>, character which follows the field
 name.
 
+=back
+
 =head2 TLS Version Options
 
 Several commands use SSL, TLS, or DTLS. By default, the commands use TLS and
-- 
2.34.1