diff options
| author | olszomal <Malgorzata.Olszowka@stunnel.org> | 2024-07-08 11:50:35 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-07-10 09:37:15 +0200 |
| commit | e4e7e747f136675b4d99f0b44ed590a9067d7b56 (patch) | |
| tree | 2d2af602df7f192ca3d639b0841cda84de7587da | |
| parent | e909d0a214bccc9a3bded1772b9bf8afb82b96e5 (diff) | |
| download | openssl-e4e7e747f136675b4d99f0b44ed590a9067d7b56.zip openssl-e4e7e747f136675b4d99f0b44ed590a9067d7b56.tar.gz openssl-e4e7e747f136675b4d99f0b44ed590a9067d7b56.tar.bz2 | |
Clarify supported curves in the s_client/s_server documentation
Mention that supported curves (aka groups) include named EC parameters
as well as X25519 and X448 or FFDHE groups.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24774)
(cherry picked from commit 775188702574dcd6cc53b7a9d3501a639c146121)
| -rw-r--r-- | doc/man1/openssl-s_client.pod.in | 6 | ||||
| -rw-r--r-- | doc/man1/openssl-s_server.pod.in | 5 |
2 files changed, 9 insertions, 2 deletions
diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in index b8ba2fc..c1c6a88 100644 --- a/doc/man1/openssl-s_client.pod.in +++ b/doc/man1/openssl-s_client.pod.in @@ -616,7 +616,11 @@ For example strings, see L<SSL_CTX_set1_sigalgs(3)> =item B<-curves> I<curvelist> Specifies the list of supported curves to be sent by the client. The curve is -ultimately selected by the server. For a list of all curves, use: +ultimately selected by the server. + +The list of all supported groups includes named EC parameters as well as X25519 +and X448 or FFDHE groups, and may also include groups implemented in 3rd-party +providers. For a list of named EC parameters, use: $ openssl ecparam -list_curves diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in index 319f1e3..d99aead 100644 --- a/doc/man1/openssl-s_server.pod.in +++ b/doc/man1/openssl-s_server.pod.in @@ -641,7 +641,10 @@ Signature algorithms to support for client certificate authentication =item B<-named_curve> I<val> Specifies the elliptic curve to use. NOTE: this is single curve, not a list. -For a list of all possible curves, use: + +The list of all supported groups includes named EC parameters as well as X25519 +and X448 or FFDHE groups, and may also include groups implemented in 3rd-party +providers. For a list of named EC parameters, use: $ openssl ecparam -list_curves |