diff options
author | Matt Caswell <matt@openssl.org> | 2016-02-16 11:13:33 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-03-07 21:39:28 +0000 |
commit | 0df8088132af29b3069aa15408fc1ea49e5cabb4 (patch) | |
tree | f3fbb5bed4793095c7e0acb7761640acab508b6c | |
parent | d7ded13af1a1fdf6bc55a3a961d64c0e27aad19d (diff) | |
download | openssl-0df8088132af29b3069aa15408fc1ea49e5cabb4.zip openssl-0df8088132af29b3069aa15408fc1ea49e5cabb4.tar.gz openssl-0df8088132af29b3069aa15408fc1ea49e5cabb4.tar.bz2 |
Add documentation for new s_server/s_client options
Document the new split_send_frag, max_pipelines and read_buf options.
Reviewed-by: Tim Hudson <tjh@openssl.org>
-rw-r--r-- | apps/s_client.c | 2 | ||||
-rw-r--r-- | apps/s_server.c | 2 | ||||
-rw-r--r-- | doc/apps/s_client.pod | 26 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 26 |
4 files changed, 54 insertions, 2 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index ab22d42..5a5a90b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -763,7 +763,7 @@ OPTIONS s_client_options[] = { {"async", OPT_ASYNC, '-', "Support asynchronous operation"}, {"ssl_config", OPT_SSL_CONFIG, 's', "Use specified configuration file"}, {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n', - "Size used to split data for encrypt/decrypt pipelines"}, + "Size used to split data for encrypt pipelines"}, {"max_pipelines", OPT_MAX_PIPELINES, 'n', "Maximum number of encrypt/decrypt pipelines to be used"}, {"read_buf", OPT_READ_BUF, 'n', diff --git a/apps/s_server.c b/apps/s_server.c index 6e1c598..870c7b2 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -943,7 +943,7 @@ OPTIONS s_server_options[] = { {"ssl_config", OPT_SSL_CONFIG, 's', \ "Configure SSL_CTX using the configuration 'val'"}, {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n', - "Size used to split data for encrypt/decrypt pipelines"}, + "Size used to split data for encrypt pipelines"}, {"max_pipelines", OPT_MAX_PIPELINES, 'n', "Maximum number of encrypt/decrypt pipelines to be used"}, {"read_buf", OPT_READ_BUF, 'n', diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 607ece5..7e03a24 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -75,6 +75,9 @@ B<openssl> B<s_client> [B<-dtls1_2>] [B<-fallback_scsv>] [B<-async>] +[B<-split_send_frag>] +[B<-max_pipelines>] +[B<-read_buf>] [B<-bugs>] [B<-comp>] [B<-no_comp>] @@ -338,6 +341,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine is also used via the B<-engine> option. For test purposes the dummy async engine (dasync) can be used (if available). +=item B<-split_send_frag int> + +The size used to split data for encrypt pipelines. If more data is written in +one go than this value then it will be split into multiple pipelines, up to the +maximum number of pipelines defined by max_pipelines. This only has an effect if +a suitable ciphersuite has been negotiated, an engine that supports pipelining +has been loaded, and max_pipelines is greater than 1. See +L<SSL_CTX_set_split_send_fragment(3)> for further information. + +=item B<-max_pipelines int> + +The maximum number of encrypt/decrypt pipelines to be used. This will only have +an effect if an engine has been loaded that supports pipelining (e.g. the dasync +engine) and a suiteable ciphersuite has been negotiated. The default value is 1. +See L<SSL_CTX_set_max_pipelines(3)> for further information. + +=item B<-read_buf int> + +The default read buffer size to be used for connections. This will only have an +effect if the buffer size is larger than the size that would otherwise be used +and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for +further information). + =item B<-bugs> there are several known bug in SSL and TLS implementations. Adding this diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 1453491..d63a206 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -73,6 +73,9 @@ B<openssl> B<s_server> [B<-dtls1_2>] [B<-listen>] [B<-async>] +[B<-split_send_frag>] +[B<-max_pipelines>] +[B<-read_buf>] [B<-no_ssl3>] [B<-no_tls1>] [B<-no_tls1_1>] @@ -322,6 +325,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine is also used via the B<-engine> option. For test purposes the dummy async engine (dasync) can be used (if available). +=item B<-split_send_frag int> + +The size used to split data for encrypt pipelines. If more data is written in +one go than this value then it will be split into multiple pipelines, up to the +maximum number of pipelines defined by max_pipelines. This only has an effect if +a suitable ciphersuite has been negotiated, an engine that supports pipelining +has been loaded, and max_pipelines is greater than 1. See +L<SSL_CTX_set_split_send_fragment(3)> for further information. + +=item B<-max_pipelines int> + +The maximum number of encrypt/decrypt pipelines to be used. This will only have +an effect if an engine has been loaded that supports pipelining (e.g. the dasync +engine) and a suiteable ciphersuite has been negotiated. The default value is 1. +See L<SSL_CTX_set_max_pipelines(3)> for further information. + +=item B<-read_buf int> + +The default read buffer size to be used for connections. This will only have an +effect if the buffer size is larger than the size that would otherwise be used +and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for +further information). + =item B<-bugs> There are several known bug in SSL and TLS implementations. Adding this |