[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-3-g75f1bde
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-3-g75f1bde |
Date: |
Sat, 13 Oct 2012 20:23:24 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=75f1bde4d6090bb5a7b0bd60a8081afd8be3c0ca
The branch, master has been updated
via 75f1bde4d6090bb5a7b0bd60a8081afd8be3c0ca (commit)
via 9754daef647fa5b313e83d5a59c01f7c4f5048b4 (commit)
from 43269acc9bef22a9735047f35f1eb4577b492c18 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 75f1bde4d6090bb5a7b0bd60a8081afd8be3c0ca
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Oct 13 20:51:02 2012 +0200
Added --local-dns option to gnutls-cli.
commit 9754daef647fa5b313e83d5a59c01f7c4f5048b4
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Oct 13 12:20:30 2012 +0200
disable default extensions on --disable-extensions.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 8 +
doc/invoke-gnutls-cli.texi | 17 +-
src/cli-args.c | 675 +++++++++++++++++++++++---------------------
src/cli-args.def | 11 +-
src/cli-args.h | 144 +++++-----
src/cli.c | 26 +--
6 files changed, 465 insertions(+), 416 deletions(-)
diff --git a/NEWS b/NEWS
index fc25f54..ce32bf7 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,14 @@ GnuTLS NEWS -- History of user-visible changes.
-*- outline -*-
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end for copying conditions.
+* Version 3.1.4 (unreleased)
+
+** gnutls-cli: Added --local-dns option.
+
+** API and ABI modifications:
+No changes since last version.
+
+
* Version 3.1.3 (released 2012-10-12)
** libgnutls: Added support for the OCSP Certificate Status
diff --git a/doc/invoke-gnutls-cli.texi b/doc/invoke-gnutls-cli.texi
index ade332a..41b9e82 100644
--- a/doc/invoke-gnutls-cli.texi
+++ b/doc/invoke-gnutls-cli.texi
@@ -7,7 +7,7 @@
#
# DO NOT EDIT THIS FILE (invoke-gnutls-cli.texi)
#
-# It has been AutoGen-ed October 7, 2012 at 10:36:28 AM by AutoGen 5.16
+# It has been AutoGen-ed October 13, 2012 at 08:49:25 PM by AutoGen 5.16
# From the definitions ../src/cli-args.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -47,6 +47,8 @@ USAGE: gnutls-cli [ -<flag> [<val>] |
--<name>address@hidden| @}<val>] ]... [hostname]
- disabled as --no-tofu
--dane Enable DANE certificate verification (DNSSEC)
- disabled as --no-dane
+ --local-dns Use the local DNS server for DNSSEC resolving.
+ - disabled as --no-local-dns
--ca-verification Disable CA certificate verification
- disabled as --no-ca-verification
- enabled by default
@@ -136,6 +138,13 @@ This is the ``enable dane certificate verification
(dnssec)'' option.
This option will, in addition to certificate authentication using
the trusted CAs, verify the server certificates using on the DANE information
available via DNSSEC.
address@hidden local-dns}
address@hidden local-dns option
address@hidden gnutls-cli-local-dns
+
+This is the ``use the local dns server for dnssec resolving.'' option.
+This option will use the local DNS server for DNSSEC.
+This is disabled by default due to many servers not allowing DNSSEC.
@anchor{gnutls-cli ca-verification}
@subheading ca-verification option
@cindex gnutls-cli-ca-verification
@@ -188,6 +197,12 @@ The client will indicate to the server in a TLS extension
that it wants a OCSP s
This is the ``connect, establish a plain session and start tls.'' option.
The TLS session will be initiated when EOF or a SIGALRM is received.
address@hidden disable-extensions}
address@hidden disable-extensions option
address@hidden gnutls-cli-disable-extensions
+
+This is the ``disable all the tls extensions'' option.
+This option disables all TLS extensions. Deprecated option. Use the priority
string.
@anchor{gnutls-cli dh-bits}
@subheading dh-bits option
@cindex gnutls-cli-dh-bits
diff --git a/src/cli-args.c b/src/cli-args.c
index 819ac38..c21f254 100644
--- a/src/cli-args.c
+++ b/src/cli-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.c)
*
- * It has been AutoGen-ed October 7, 2012 at 01:02:46 PM by AutoGen 5.16
+ * It has been AutoGen-ed October 13, 2012 at 08:48:21 PM by AutoGen 5.16
* From the definitions cli-args.def
* and the template file options
*
@@ -67,7 +67,7 @@ extern FILE * option_usage_fp;
/*
* gnutls-cli option static const strings
*/
-static char const gnutls_cli_opt_strs[3738] =
+static char const gnutls_cli_opt_strs[3808] =
/* 0 */ "gnutls-cli @address@hidden"
"Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
"This is free software. It is licensed for use, modification and\n"
@@ -97,134 +97,137 @@ static char const gnutls_cli_opt_strs[3738] =
/* 1013 */ "Enable DANE certificate verification (DNSSEC)\0"
/* 1059 */ "DANE\0"
/* 1064 */ "no-dane\0"
-/* 1072 */ "Disable CA certificate verification\0"
-/* 1108 */ "CA_VERIFICATION\0"
-/* 1124 */ "no-ca-verification\0"
-/* 1143 */ "Enable OCSP certificate verification\0"
-/* 1180 */ "OCSP\0"
-/* 1185 */ "no-ocsp\0"
-/* 1193 */ "Establish a session and resume\0"
-/* 1224 */ "RESUME\0"
-/* 1231 */ "resume\0"
-/* 1238 */ "Activate heartbeat support\0"
-/* 1265 */ "HEARTBEAT\0"
-/* 1275 */ "heartbeat\0"
-/* 1285 */ "Establish a session and rehandshake\0"
-/* 1321 */ "REHANDSHAKE\0"
-/* 1333 */ "rehandshake\0"
-/* 1345 */ "Don't accept session tickets\0"
-/* 1374 */ "NOTICKET\0"
-/* 1383 */ "noticket\0"
-/* 1392 */ "Enable OCSP status request\0"
-/* 1419 */ "OCSP_STATUS_REQUEST\0"
-/* 1439 */ "no-ocsp-status-request\0"
-/* 1462 */ "Connect, establish a plain session and start TLS.\0"
-/* 1512 */ "STARTTLS\0"
-/* 1521 */ "starttls\0"
-/* 1530 */ "Use DTLS (datagram TLS) over UDP\0"
-/* 1563 */ "UDP\0"
-/* 1567 */ "udp\0"
-/* 1571 */ "Set MTU for datagram TLS\0"
-/* 1596 */ "MTU\0"
-/* 1600 */ "mtu\0"
-/* 1604 */ "Send CR LF instead of LF\0"
-/* 1629 */ "CRLF\0"
-/* 1634 */ "crlf\0"
-/* 1639 */ "Use DER format for certificates to read from\0"
-/* 1684 */ "X509FMTDER\0"
-/* 1695 */ "x509fmtder\0"
-/* 1706 */ "Send the openpgp fingerprint, instead of the key\0"
-/* 1755 */ "FINGERPRINT\0"
-/* 1767 */ "fingerprint\0"
-/* 1779 */ "Disable all the TLS extensions\0"
-/* 1810 */ "DISABLE_EXTENSIONS\0"
-/* 1829 */ "disable-extensions\0"
-/* 1848 */ "Print peer's certificate in PEM format\0"
-/* 1887 */ "PRINT_CERT\0"
-/* 1898 */ "print-cert\0"
-/* 1909 */ "The maximum record size to advertize\0"
-/* 1946 */ "RECORDSIZE\0"
-/* 1957 */ "recordsize\0"
-/* 1968 */ "The minimum number of bits allowed for DH\0"
-/* 2010 */ "DH_BITS\0"
-/* 2018 */ "dh-bits\0"
-/* 2026 */ "Priorities string\0"
-/* 2044 */ "PRIORITY\0"
-/* 2053 */ "priority\0"
-/* 2062 */ "Certificate file or PKCS #11 URL to use\0"
-/* 2102 */ "X509CAFILE\0"
-/* 2113 */ "x509cafile\0"
-/* 2124 */ "CRL file to use\0"
-/* 2140 */ "X509CRLFILE\0"
-/* 2152 */ "x509crlfile\0"
-/* 2164 */ "PGP Key file to use\0"
-/* 2184 */ "PGPKEYFILE\0"
-/* 2195 */ "pgpkeyfile\0"
-/* 2206 */ "PGP Key ring file to use\0"
-/* 2231 */ "PGPKEYRING\0"
-/* 2242 */ "pgpkeyring\0"
-/* 2253 */ "PGP Public Key (certificate) file to use\0"
-/* 2294 */ "PGPCERTFILE\0"
-/* 2306 */ "pgpcertfile\0"
-/* 2318 */ "X.509 key file or PKCS #11 URL to use\0"
-/* 2356 */ "X509KEYFILE\0"
-/* 2368 */ "x509keyfile\0"
-/* 2380 */ "X.509 Certificate file or PKCS #11 URL to use\0"
-/* 2426 */ "X509CERTFILE\0"
-/* 2439 */ "x509certfile\0"
-/* 2452 */ "PGP subkey to use (hex or auto)\0"
-/* 2484 */ "PGPSUBKEY\0"
-/* 2494 */ "pgpsubkey\0"
-/* 2504 */ "SRP username to use\0"
-/* 2524 */ "SRPUSERNAME\0"
-/* 2536 */ "srpusername\0"
-/* 2548 */ "SRP password to use\0"
-/* 2568 */ "SRPPASSWD\0"
-/* 2578 */ "srppasswd\0"
-/* 2588 */ "PSK username to use\0"
-/* 2608 */ "PSKUSERNAME\0"
-/* 2620 */ "pskusername\0"
-/* 2632 */ "PSK key (in hex) to use\0"
-/* 2656 */ "PSKKEY\0"
-/* 2663 */ "pskkey\0"
-/* 2670 */ "The port or service to connect to\0"
-/* 2704 */ "PORT\0"
-/* 2709 */ "port\0"
-/* 2714 */ "Don't abort program if server certificate can't be validated\0"
-/* 2775 */ "INSECURE\0"
-/* 2784 */ "insecure\0"
-/* 2793 */ "Benchmark individual ciphers\0"
-/* 2822 */ "BENCHMARK_CIPHERS\0"
-/* 2840 */ "benchmark-ciphers\0"
-/* 2858 */ "Benchmark individual software ciphers (no hw acceleration)\0"
-/* 2917 */ "BENCHMARK_SOFT_CIPHERS\0"
-/* 2940 */ "benchmark-soft-ciphers\0"
-/* 2963 */ "Benchmark TLS key exchange methods\0"
-/* 2998 */ "BENCHMARK_TLS_KX\0"
-/* 3015 */ "benchmark-tls-kx\0"
-/* 3032 */ "Benchmark TLS ciphers\0"
-/* 3054 */ "BENCHMARK_TLS_CIPHERS\0"
-/* 3076 */ "benchmark-tls-ciphers\0"
-/* 3098 */ "Print a list of the supported algorithms and modes\0"
-/* 3149 */ "LIST\0"
-/* 3154 */ "list\0"
-/* 3159 */ "Display extended usage information and exit\0"
-/* 3203 */ "help\0"
-/* 3208 */ "Extended usage information passed thru pager\0"
-/* 3253 */ "more-help\0"
-/* 3263 */ "Output version information and exit\0"
-/* 3299 */ "version\0"
-/* 3307 */ "GNUTLS_CLI\0"
-/* 3318 */ "gnutls-cli - GnuTLS client - Ver. @address@hidden"
+/* 1072 */ "Use the local DNS server for DNSSEC resolving.\0"
+/* 1119 */ "LOCAL_DNS\0"
+/* 1129 */ "no-local-dns\0"
+/* 1142 */ "Disable CA certificate verification\0"
+/* 1178 */ "CA_VERIFICATION\0"
+/* 1194 */ "no-ca-verification\0"
+/* 1213 */ "Enable OCSP certificate verification\0"
+/* 1250 */ "OCSP\0"
+/* 1255 */ "no-ocsp\0"
+/* 1263 */ "Establish a session and resume\0"
+/* 1294 */ "RESUME\0"
+/* 1301 */ "resume\0"
+/* 1308 */ "Activate heartbeat support\0"
+/* 1335 */ "HEARTBEAT\0"
+/* 1345 */ "heartbeat\0"
+/* 1355 */ "Establish a session and rehandshake\0"
+/* 1391 */ "REHANDSHAKE\0"
+/* 1403 */ "rehandshake\0"
+/* 1415 */ "Don't accept session tickets\0"
+/* 1444 */ "NOTICKET\0"
+/* 1453 */ "noticket\0"
+/* 1462 */ "Enable OCSP status request\0"
+/* 1489 */ "OCSP_STATUS_REQUEST\0"
+/* 1509 */ "no-ocsp-status-request\0"
+/* 1532 */ "Connect, establish a plain session and start TLS.\0"
+/* 1582 */ "STARTTLS\0"
+/* 1591 */ "starttls\0"
+/* 1600 */ "Use DTLS (datagram TLS) over UDP\0"
+/* 1633 */ "UDP\0"
+/* 1637 */ "udp\0"
+/* 1641 */ "Set MTU for datagram TLS\0"
+/* 1666 */ "MTU\0"
+/* 1670 */ "mtu\0"
+/* 1674 */ "Send CR LF instead of LF\0"
+/* 1699 */ "CRLF\0"
+/* 1704 */ "crlf\0"
+/* 1709 */ "Use DER format for certificates to read from\0"
+/* 1754 */ "X509FMTDER\0"
+/* 1765 */ "x509fmtder\0"
+/* 1776 */ "Send the openpgp fingerprint, instead of the key\0"
+/* 1825 */ "FINGERPRINT\0"
+/* 1837 */ "fingerprint\0"
+/* 1849 */ "Disable all the TLS extensions\0"
+/* 1880 */ "DISABLE_EXTENSIONS\0"
+/* 1899 */ "disable-extensions\0"
+/* 1918 */ "Print peer's certificate in PEM format\0"
+/* 1957 */ "PRINT_CERT\0"
+/* 1968 */ "print-cert\0"
+/* 1979 */ "The maximum record size to advertize\0"
+/* 2016 */ "RECORDSIZE\0"
+/* 2027 */ "recordsize\0"
+/* 2038 */ "The minimum number of bits allowed for DH\0"
+/* 2080 */ "DH_BITS\0"
+/* 2088 */ "dh-bits\0"
+/* 2096 */ "Priorities string\0"
+/* 2114 */ "PRIORITY\0"
+/* 2123 */ "priority\0"
+/* 2132 */ "Certificate file or PKCS #11 URL to use\0"
+/* 2172 */ "X509CAFILE\0"
+/* 2183 */ "x509cafile\0"
+/* 2194 */ "CRL file to use\0"
+/* 2210 */ "X509CRLFILE\0"
+/* 2222 */ "x509crlfile\0"
+/* 2234 */ "PGP Key file to use\0"
+/* 2254 */ "PGPKEYFILE\0"
+/* 2265 */ "pgpkeyfile\0"
+/* 2276 */ "PGP Key ring file to use\0"
+/* 2301 */ "PGPKEYRING\0"
+/* 2312 */ "pgpkeyring\0"
+/* 2323 */ "PGP Public Key (certificate) file to use\0"
+/* 2364 */ "PGPCERTFILE\0"
+/* 2376 */ "pgpcertfile\0"
+/* 2388 */ "X.509 key file or PKCS #11 URL to use\0"
+/* 2426 */ "X509KEYFILE\0"
+/* 2438 */ "x509keyfile\0"
+/* 2450 */ "X.509 Certificate file or PKCS #11 URL to use\0"
+/* 2496 */ "X509CERTFILE\0"
+/* 2509 */ "x509certfile\0"
+/* 2522 */ "PGP subkey to use (hex or auto)\0"
+/* 2554 */ "PGPSUBKEY\0"
+/* 2564 */ "pgpsubkey\0"
+/* 2574 */ "SRP username to use\0"
+/* 2594 */ "SRPUSERNAME\0"
+/* 2606 */ "srpusername\0"
+/* 2618 */ "SRP password to use\0"
+/* 2638 */ "SRPPASSWD\0"
+/* 2648 */ "srppasswd\0"
+/* 2658 */ "PSK username to use\0"
+/* 2678 */ "PSKUSERNAME\0"
+/* 2690 */ "pskusername\0"
+/* 2702 */ "PSK key (in hex) to use\0"
+/* 2726 */ "PSKKEY\0"
+/* 2733 */ "pskkey\0"
+/* 2740 */ "The port or service to connect to\0"
+/* 2774 */ "PORT\0"
+/* 2779 */ "port\0"
+/* 2784 */ "Don't abort program if server certificate can't be validated\0"
+/* 2845 */ "INSECURE\0"
+/* 2854 */ "insecure\0"
+/* 2863 */ "Benchmark individual ciphers\0"
+/* 2892 */ "BENCHMARK_CIPHERS\0"
+/* 2910 */ "benchmark-ciphers\0"
+/* 2928 */ "Benchmark individual software ciphers (no hw acceleration)\0"
+/* 2987 */ "BENCHMARK_SOFT_CIPHERS\0"
+/* 3010 */ "benchmark-soft-ciphers\0"
+/* 3033 */ "Benchmark TLS key exchange methods\0"
+/* 3068 */ "BENCHMARK_TLS_KX\0"
+/* 3085 */ "benchmark-tls-kx\0"
+/* 3102 */ "Benchmark TLS ciphers\0"
+/* 3124 */ "BENCHMARK_TLS_CIPHERS\0"
+/* 3146 */ "benchmark-tls-ciphers\0"
+/* 3168 */ "Print a list of the supported algorithms and modes\0"
+/* 3219 */ "LIST\0"
+/* 3224 */ "list\0"
+/* 3229 */ "Display extended usage information and exit\0"
+/* 3273 */ "help\0"
+/* 3278 */ "Extended usage information passed thru pager\0"
+/* 3323 */ "more-help\0"
+/* 3333 */ "Output version information and exit\0"
+/* 3369 */ "version\0"
+/* 3377 */ "GNUTLS_CLI\0"
+/* 3388 */ "gnutls-cli - GnuTLS client - Ver. @address@hidden"
"USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
[hostname]\n\0"
-/* 3431 */ "address@hidden"
-/* 3450 */ "\n\n\0"
-/* 3453 */ "\n"
+/* 3501 */ "address@hidden"
+/* 3520 */ "\n\n\0"
+/* 3523 */ "\n"
"Simple client program to set up a TLS connection to some other
computer. It\n"
"sets up a TLS connection and forwards data from the standard
input to the\n"
"secured socket and vice versa.\n\0"
-/* 3637 */ "gnutls-cli @address@hidden"
-/* 3658 */ "Usage: gnutls-cli [options] hostname\n"
+/* 3707 */ "gnutls-cli @address@hidden"
+/* 3728 */ "Usage: gnutls-cli [options] hostname\n"
"gnutls-cli --help for usage instructions.\n";
/*
@@ -265,11 +268,21 @@ static char const gnutls_cli_opt_strs[3738] =
#define DANE_FLAGS (OPTST_DISABLED)
/*
+ * local-dns option description:
+ */
+#define LOCAL_DNS_DESC (gnutls_cli_opt_strs+1072)
+#define LOCAL_DNS_NAME (gnutls_cli_opt_strs+1119)
+#define NOT_LOCAL_DNS_name (gnutls_cli_opt_strs+1129)
+#define NOT_LOCAL_DNS_PFX (gnutls_cli_opt_strs+1010)
+#define LOCAL_DNS_name (NOT_LOCAL_DNS_name + 3)
+#define LOCAL_DNS_FLAGS (OPTST_DISABLED)
+
+/*
* ca-verification option description:
*/
-#define CA_VERIFICATION_DESC (gnutls_cli_opt_strs+1072)
-#define CA_VERIFICATION_NAME (gnutls_cli_opt_strs+1108)
-#define NOT_CA_VERIFICATION_name (gnutls_cli_opt_strs+1124)
+#define CA_VERIFICATION_DESC (gnutls_cli_opt_strs+1142)
+#define CA_VERIFICATION_NAME (gnutls_cli_opt_strs+1178)
+#define NOT_CA_VERIFICATION_name (gnutls_cli_opt_strs+1194)
#define NOT_CA_VERIFICATION_PFX (gnutls_cli_opt_strs+1010)
#define CA_VERIFICATION_name (NOT_CA_VERIFICATION_name + 3)
#define CA_VERIFICATION_FLAGS (OPTST_INITENABLED)
@@ -277,9 +290,9 @@ static char const gnutls_cli_opt_strs[3738] =
/*
* ocsp option description:
*/
-#define OCSP_DESC (gnutls_cli_opt_strs+1143)
-#define OCSP_NAME (gnutls_cli_opt_strs+1180)
-#define NOT_OCSP_name (gnutls_cli_opt_strs+1185)
+#define OCSP_DESC (gnutls_cli_opt_strs+1213)
+#define OCSP_NAME (gnutls_cli_opt_strs+1250)
+#define NOT_OCSP_name (gnutls_cli_opt_strs+1255)
#define NOT_OCSP_PFX (gnutls_cli_opt_strs+1010)
#define OCSP_name (NOT_OCSP_name + 3)
#define OCSP_FLAGS (OPTST_DISABLED)
@@ -287,41 +300,41 @@ static char const gnutls_cli_opt_strs[3738] =
/*
* resume option description:
*/
-#define RESUME_DESC (gnutls_cli_opt_strs+1193)
-#define RESUME_NAME (gnutls_cli_opt_strs+1224)
-#define RESUME_name (gnutls_cli_opt_strs+1231)
+#define RESUME_DESC (gnutls_cli_opt_strs+1263)
+#define RESUME_NAME (gnutls_cli_opt_strs+1294)
+#define RESUME_name (gnutls_cli_opt_strs+1301)
#define RESUME_FLAGS (OPTST_DISABLED)
/*
* heartbeat option description:
*/
-#define HEARTBEAT_DESC (gnutls_cli_opt_strs+1238)
-#define HEARTBEAT_NAME (gnutls_cli_opt_strs+1265)
-#define HEARTBEAT_name (gnutls_cli_opt_strs+1275)
+#define HEARTBEAT_DESC (gnutls_cli_opt_strs+1308)
+#define HEARTBEAT_NAME (gnutls_cli_opt_strs+1335)
+#define HEARTBEAT_name (gnutls_cli_opt_strs+1345)
#define HEARTBEAT_FLAGS (OPTST_DISABLED)
/*
* rehandshake option description:
*/
-#define REHANDSHAKE_DESC (gnutls_cli_opt_strs+1285)
-#define REHANDSHAKE_NAME (gnutls_cli_opt_strs+1321)
-#define REHANDSHAKE_name (gnutls_cli_opt_strs+1333)
+#define REHANDSHAKE_DESC (gnutls_cli_opt_strs+1355)
+#define REHANDSHAKE_NAME (gnutls_cli_opt_strs+1391)
+#define REHANDSHAKE_name (gnutls_cli_opt_strs+1403)
#define REHANDSHAKE_FLAGS (OPTST_DISABLED)
/*
* noticket option description:
*/
-#define NOTICKET_DESC (gnutls_cli_opt_strs+1345)
-#define NOTICKET_NAME (gnutls_cli_opt_strs+1374)
-#define NOTICKET_name (gnutls_cli_opt_strs+1383)
+#define NOTICKET_DESC (gnutls_cli_opt_strs+1415)
+#define NOTICKET_NAME (gnutls_cli_opt_strs+1444)
+#define NOTICKET_name (gnutls_cli_opt_strs+1453)
#define NOTICKET_FLAGS (OPTST_DISABLED)
/*
* ocsp-status-request option description:
*/
-#define OCSP_STATUS_REQUEST_DESC (gnutls_cli_opt_strs+1392)
-#define OCSP_STATUS_REQUEST_NAME (gnutls_cli_opt_strs+1419)
-#define NOT_OCSP_STATUS_REQUEST_name (gnutls_cli_opt_strs+1439)
+#define OCSP_STATUS_REQUEST_DESC (gnutls_cli_opt_strs+1462)
+#define OCSP_STATUS_REQUEST_NAME (gnutls_cli_opt_strs+1489)
+#define NOT_OCSP_STATUS_REQUEST_name (gnutls_cli_opt_strs+1509)
#define NOT_OCSP_STATUS_REQUEST_PFX (gnutls_cli_opt_strs+1010)
#define OCSP_STATUS_REQUEST_name (NOT_OCSP_STATUS_REQUEST_name + 3)
#define OCSP_STATUS_REQUEST_FLAGS (OPTST_INITENABLED)
@@ -329,268 +342,268 @@ static char const gnutls_cli_opt_strs[3738] =
/*
* starttls option description:
*/
-#define STARTTLS_DESC (gnutls_cli_opt_strs+1462)
-#define STARTTLS_NAME (gnutls_cli_opt_strs+1512)
-#define STARTTLS_name (gnutls_cli_opt_strs+1521)
+#define STARTTLS_DESC (gnutls_cli_opt_strs+1532)
+#define STARTTLS_NAME (gnutls_cli_opt_strs+1582)
+#define STARTTLS_name (gnutls_cli_opt_strs+1591)
#define STARTTLS_FLAGS (OPTST_DISABLED)
/*
* udp option description:
*/
-#define UDP_DESC (gnutls_cli_opt_strs+1530)
-#define UDP_NAME (gnutls_cli_opt_strs+1563)
-#define UDP_name (gnutls_cli_opt_strs+1567)
+#define UDP_DESC (gnutls_cli_opt_strs+1600)
+#define UDP_NAME (gnutls_cli_opt_strs+1633)
+#define UDP_name (gnutls_cli_opt_strs+1637)
#define UDP_FLAGS (OPTST_DISABLED)
/*
* mtu option description:
*/
-#define MTU_DESC (gnutls_cli_opt_strs+1571)
-#define MTU_NAME (gnutls_cli_opt_strs+1596)
-#define MTU_name (gnutls_cli_opt_strs+1600)
+#define MTU_DESC (gnutls_cli_opt_strs+1641)
+#define MTU_NAME (gnutls_cli_opt_strs+1666)
+#define MTU_name (gnutls_cli_opt_strs+1670)
#define MTU_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* crlf option description:
*/
-#define CRLF_DESC (gnutls_cli_opt_strs+1604)
-#define CRLF_NAME (gnutls_cli_opt_strs+1629)
-#define CRLF_name (gnutls_cli_opt_strs+1634)
+#define CRLF_DESC (gnutls_cli_opt_strs+1674)
+#define CRLF_NAME (gnutls_cli_opt_strs+1699)
+#define CRLF_name (gnutls_cli_opt_strs+1704)
#define CRLF_FLAGS (OPTST_DISABLED)
/*
* x509fmtder option description:
*/
-#define X509FMTDER_DESC (gnutls_cli_opt_strs+1639)
-#define X509FMTDER_NAME (gnutls_cli_opt_strs+1684)
-#define X509FMTDER_name (gnutls_cli_opt_strs+1695)
+#define X509FMTDER_DESC (gnutls_cli_opt_strs+1709)
+#define X509FMTDER_NAME (gnutls_cli_opt_strs+1754)
+#define X509FMTDER_name (gnutls_cli_opt_strs+1765)
#define X509FMTDER_FLAGS (OPTST_DISABLED)
/*
* fingerprint option description:
*/
-#define FINGERPRINT_DESC (gnutls_cli_opt_strs+1706)
-#define FINGERPRINT_NAME (gnutls_cli_opt_strs+1755)
-#define FINGERPRINT_name (gnutls_cli_opt_strs+1767)
+#define FINGERPRINT_DESC (gnutls_cli_opt_strs+1776)
+#define FINGERPRINT_NAME (gnutls_cli_opt_strs+1825)
+#define FINGERPRINT_name (gnutls_cli_opt_strs+1837)
#define FINGERPRINT_FLAGS (OPTST_DISABLED)
/*
* disable-extensions option description:
*/
-#define DISABLE_EXTENSIONS_DESC (gnutls_cli_opt_strs+1779)
-#define DISABLE_EXTENSIONS_NAME (gnutls_cli_opt_strs+1810)
-#define DISABLE_EXTENSIONS_name (gnutls_cli_opt_strs+1829)
+#define DISABLE_EXTENSIONS_DESC (gnutls_cli_opt_strs+1849)
+#define DISABLE_EXTENSIONS_NAME (gnutls_cli_opt_strs+1880)
+#define DISABLE_EXTENSIONS_name (gnutls_cli_opt_strs+1899)
#define DISABLE_EXTENSIONS_FLAGS (OPTST_DISABLED)
/*
* print-cert option description:
*/
-#define PRINT_CERT_DESC (gnutls_cli_opt_strs+1848)
-#define PRINT_CERT_NAME (gnutls_cli_opt_strs+1887)
-#define PRINT_CERT_name (gnutls_cli_opt_strs+1898)
+#define PRINT_CERT_DESC (gnutls_cli_opt_strs+1918)
+#define PRINT_CERT_NAME (gnutls_cli_opt_strs+1957)
+#define PRINT_CERT_name (gnutls_cli_opt_strs+1968)
#define PRINT_CERT_FLAGS (OPTST_DISABLED)
/*
* recordsize option description:
*/
-#define RECORDSIZE_DESC (gnutls_cli_opt_strs+1909)
-#define RECORDSIZE_NAME (gnutls_cli_opt_strs+1946)
-#define RECORDSIZE_name (gnutls_cli_opt_strs+1957)
+#define RECORDSIZE_DESC (gnutls_cli_opt_strs+1979)
+#define RECORDSIZE_NAME (gnutls_cli_opt_strs+2016)
+#define RECORDSIZE_name (gnutls_cli_opt_strs+2027)
#define RECORDSIZE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* dh-bits option description:
*/
-#define DH_BITS_DESC (gnutls_cli_opt_strs+1968)
-#define DH_BITS_NAME (gnutls_cli_opt_strs+2010)
-#define DH_BITS_name (gnutls_cli_opt_strs+2018)
+#define DH_BITS_DESC (gnutls_cli_opt_strs+2038)
+#define DH_BITS_NAME (gnutls_cli_opt_strs+2080)
+#define DH_BITS_name (gnutls_cli_opt_strs+2088)
#define DH_BITS_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* priority option description:
*/
-#define PRIORITY_DESC (gnutls_cli_opt_strs+2026)
-#define PRIORITY_NAME (gnutls_cli_opt_strs+2044)
-#define PRIORITY_name (gnutls_cli_opt_strs+2053)
+#define PRIORITY_DESC (gnutls_cli_opt_strs+2096)
+#define PRIORITY_NAME (gnutls_cli_opt_strs+2114)
+#define PRIORITY_name (gnutls_cli_opt_strs+2123)
#define PRIORITY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* x509cafile option description:
*/
-#define X509CAFILE_DESC (gnutls_cli_opt_strs+2062)
-#define X509CAFILE_NAME (gnutls_cli_opt_strs+2102)
-#define X509CAFILE_name (gnutls_cli_opt_strs+2113)
+#define X509CAFILE_DESC (gnutls_cli_opt_strs+2132)
+#define X509CAFILE_NAME (gnutls_cli_opt_strs+2172)
+#define X509CAFILE_name (gnutls_cli_opt_strs+2183)
#define X509CAFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* x509crlfile option description:
*/
-#define X509CRLFILE_DESC (gnutls_cli_opt_strs+2124)
-#define X509CRLFILE_NAME (gnutls_cli_opt_strs+2140)
-#define X509CRLFILE_name (gnutls_cli_opt_strs+2152)
+#define X509CRLFILE_DESC (gnutls_cli_opt_strs+2194)
+#define X509CRLFILE_NAME (gnutls_cli_opt_strs+2210)
+#define X509CRLFILE_name (gnutls_cli_opt_strs+2222)
#define X509CRLFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
* pgpkeyfile option description:
*/
-#define PGPKEYFILE_DESC (gnutls_cli_opt_strs+2164)
-#define PGPKEYFILE_NAME (gnutls_cli_opt_strs+2184)
-#define PGPKEYFILE_name (gnutls_cli_opt_strs+2195)
+#define PGPKEYFILE_DESC (gnutls_cli_opt_strs+2234)
+#define PGPKEYFILE_NAME (gnutls_cli_opt_strs+2254)
+#define PGPKEYFILE_name (gnutls_cli_opt_strs+2265)
#define PGPKEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
* pgpkeyring option description:
*/
-#define PGPKEYRING_DESC (gnutls_cli_opt_strs+2206)
-#define PGPKEYRING_NAME (gnutls_cli_opt_strs+2231)
-#define PGPKEYRING_name (gnutls_cli_opt_strs+2242)
+#define PGPKEYRING_DESC (gnutls_cli_opt_strs+2276)
+#define PGPKEYRING_NAME (gnutls_cli_opt_strs+2301)
+#define PGPKEYRING_name (gnutls_cli_opt_strs+2312)
#define PGPKEYRING_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
* pgpcertfile option description:
*/
-#define PGPCERTFILE_DESC (gnutls_cli_opt_strs+2253)
-#define PGPCERTFILE_NAME (gnutls_cli_opt_strs+2294)
-#define PGPCERTFILE_name (gnutls_cli_opt_strs+2306)
+#define PGPCERTFILE_DESC (gnutls_cli_opt_strs+2323)
+#define PGPCERTFILE_NAME (gnutls_cli_opt_strs+2364)
+#define PGPCERTFILE_name (gnutls_cli_opt_strs+2376)
#define PGPCERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
* x509keyfile option description:
*/
-#define X509KEYFILE_DESC (gnutls_cli_opt_strs+2318)
-#define X509KEYFILE_NAME (gnutls_cli_opt_strs+2356)
-#define X509KEYFILE_name (gnutls_cli_opt_strs+2368)
+#define X509KEYFILE_DESC (gnutls_cli_opt_strs+2388)
+#define X509KEYFILE_NAME (gnutls_cli_opt_strs+2426)
+#define X509KEYFILE_name (gnutls_cli_opt_strs+2438)
#define X509KEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* x509certfile option description:
*/
-#define X509CERTFILE_DESC (gnutls_cli_opt_strs+2380)
-#define X509CERTFILE_NAME (gnutls_cli_opt_strs+2426)
-#define X509CERTFILE_name (gnutls_cli_opt_strs+2439)
+#define X509CERTFILE_DESC (gnutls_cli_opt_strs+2450)
+#define X509CERTFILE_NAME (gnutls_cli_opt_strs+2496)
+#define X509CERTFILE_name (gnutls_cli_opt_strs+2509)
#define X509CERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* pgpsubkey option description:
*/
-#define PGPSUBKEY_DESC (gnutls_cli_opt_strs+2452)
-#define PGPSUBKEY_NAME (gnutls_cli_opt_strs+2484)
-#define PGPSUBKEY_name (gnutls_cli_opt_strs+2494)
+#define PGPSUBKEY_DESC (gnutls_cli_opt_strs+2522)
+#define PGPSUBKEY_NAME (gnutls_cli_opt_strs+2554)
+#define PGPSUBKEY_name (gnutls_cli_opt_strs+2564)
#define PGPSUBKEY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* srpusername option description:
*/
-#define SRPUSERNAME_DESC (gnutls_cli_opt_strs+2504)
-#define SRPUSERNAME_NAME (gnutls_cli_opt_strs+2524)
-#define SRPUSERNAME_name (gnutls_cli_opt_strs+2536)
+#define SRPUSERNAME_DESC (gnutls_cli_opt_strs+2574)
+#define SRPUSERNAME_NAME (gnutls_cli_opt_strs+2594)
+#define SRPUSERNAME_name (gnutls_cli_opt_strs+2606)
#define SRPUSERNAME_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* srppasswd option description:
*/
-#define SRPPASSWD_DESC (gnutls_cli_opt_strs+2548)
-#define SRPPASSWD_NAME (gnutls_cli_opt_strs+2568)
-#define SRPPASSWD_name (gnutls_cli_opt_strs+2578)
+#define SRPPASSWD_DESC (gnutls_cli_opt_strs+2618)
+#define SRPPASSWD_NAME (gnutls_cli_opt_strs+2638)
+#define SRPPASSWD_name (gnutls_cli_opt_strs+2648)
#define SRPPASSWD_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* pskusername option description:
*/
-#define PSKUSERNAME_DESC (gnutls_cli_opt_strs+2588)
-#define PSKUSERNAME_NAME (gnutls_cli_opt_strs+2608)
-#define PSKUSERNAME_name (gnutls_cli_opt_strs+2620)
+#define PSKUSERNAME_DESC (gnutls_cli_opt_strs+2658)
+#define PSKUSERNAME_NAME (gnutls_cli_opt_strs+2678)
+#define PSKUSERNAME_name (gnutls_cli_opt_strs+2690)
#define PSKUSERNAME_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* pskkey option description:
*/
-#define PSKKEY_DESC (gnutls_cli_opt_strs+2632)
-#define PSKKEY_NAME (gnutls_cli_opt_strs+2656)
-#define PSKKEY_name (gnutls_cli_opt_strs+2663)
+#define PSKKEY_DESC (gnutls_cli_opt_strs+2702)
+#define PSKKEY_NAME (gnutls_cli_opt_strs+2726)
+#define PSKKEY_name (gnutls_cli_opt_strs+2733)
#define PSKKEY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* port option description:
*/
-#define PORT_DESC (gnutls_cli_opt_strs+2670)
-#define PORT_NAME (gnutls_cli_opt_strs+2704)
-#define PORT_name (gnutls_cli_opt_strs+2709)
+#define PORT_DESC (gnutls_cli_opt_strs+2740)
+#define PORT_NAME (gnutls_cli_opt_strs+2774)
+#define PORT_name (gnutls_cli_opt_strs+2779)
#define PORT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* insecure option description:
*/
-#define INSECURE_DESC (gnutls_cli_opt_strs+2714)
-#define INSECURE_NAME (gnutls_cli_opt_strs+2775)
-#define INSECURE_name (gnutls_cli_opt_strs+2784)
+#define INSECURE_DESC (gnutls_cli_opt_strs+2784)
+#define INSECURE_NAME (gnutls_cli_opt_strs+2845)
+#define INSECURE_name (gnutls_cli_opt_strs+2854)
#define INSECURE_FLAGS (OPTST_DISABLED)
/*
* benchmark-ciphers option description:
*/
-#define BENCHMARK_CIPHERS_DESC (gnutls_cli_opt_strs+2793)
-#define BENCHMARK_CIPHERS_NAME (gnutls_cli_opt_strs+2822)
-#define BENCHMARK_CIPHERS_name (gnutls_cli_opt_strs+2840)
+#define BENCHMARK_CIPHERS_DESC (gnutls_cli_opt_strs+2863)
+#define BENCHMARK_CIPHERS_NAME (gnutls_cli_opt_strs+2892)
+#define BENCHMARK_CIPHERS_name (gnutls_cli_opt_strs+2910)
#define BENCHMARK_CIPHERS_FLAGS (OPTST_DISABLED)
/*
* benchmark-soft-ciphers option description:
*/
-#define BENCHMARK_SOFT_CIPHERS_DESC (gnutls_cli_opt_strs+2858)
-#define BENCHMARK_SOFT_CIPHERS_NAME (gnutls_cli_opt_strs+2917)
-#define BENCHMARK_SOFT_CIPHERS_name (gnutls_cli_opt_strs+2940)
+#define BENCHMARK_SOFT_CIPHERS_DESC (gnutls_cli_opt_strs+2928)
+#define BENCHMARK_SOFT_CIPHERS_NAME (gnutls_cli_opt_strs+2987)
+#define BENCHMARK_SOFT_CIPHERS_name (gnutls_cli_opt_strs+3010)
#define BENCHMARK_SOFT_CIPHERS_FLAGS (OPTST_DISABLED)
/*
* benchmark-tls-kx option description:
*/
-#define BENCHMARK_TLS_KX_DESC (gnutls_cli_opt_strs+2963)
-#define BENCHMARK_TLS_KX_NAME (gnutls_cli_opt_strs+2998)
-#define BENCHMARK_TLS_KX_name (gnutls_cli_opt_strs+3015)
+#define BENCHMARK_TLS_KX_DESC (gnutls_cli_opt_strs+3033)
+#define BENCHMARK_TLS_KX_NAME (gnutls_cli_opt_strs+3068)
+#define BENCHMARK_TLS_KX_name (gnutls_cli_opt_strs+3085)
#define BENCHMARK_TLS_KX_FLAGS (OPTST_DISABLED)
/*
* benchmark-tls-ciphers option description:
*/
-#define BENCHMARK_TLS_CIPHERS_DESC (gnutls_cli_opt_strs+3032)
-#define BENCHMARK_TLS_CIPHERS_NAME (gnutls_cli_opt_strs+3054)
-#define BENCHMARK_TLS_CIPHERS_name (gnutls_cli_opt_strs+3076)
+#define BENCHMARK_TLS_CIPHERS_DESC (gnutls_cli_opt_strs+3102)
+#define BENCHMARK_TLS_CIPHERS_NAME (gnutls_cli_opt_strs+3124)
+#define BENCHMARK_TLS_CIPHERS_name (gnutls_cli_opt_strs+3146)
#define BENCHMARK_TLS_CIPHERS_FLAGS (OPTST_DISABLED)
/*
* list option description:
*/
-#define LIST_DESC (gnutls_cli_opt_strs+3098)
-#define LIST_NAME (gnutls_cli_opt_strs+3149)
-#define LIST_name (gnutls_cli_opt_strs+3154)
+#define LIST_DESC (gnutls_cli_opt_strs+3168)
+#define LIST_NAME (gnutls_cli_opt_strs+3219)
+#define LIST_name (gnutls_cli_opt_strs+3224)
#define LIST_FLAGS (OPTST_DISABLED)
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (gnutls_cli_opt_strs+3159)
-#define HELP_name (gnutls_cli_opt_strs+3203)
+#define HELP_DESC (gnutls_cli_opt_strs+3229)
+#define HELP_name (gnutls_cli_opt_strs+3273)
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (gnutls_cli_opt_strs+3208)
-#define MORE_HELP_name (gnutls_cli_opt_strs+3253)
+#define MORE_HELP_DESC (gnutls_cli_opt_strs+3278)
+#define MORE_HELP_name (gnutls_cli_opt_strs+3323)
#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
#else
#define MORE_HELP_DESC NULL
@@ -603,8 +616,8 @@ static char const gnutls_cli_opt_strs[3738] =
# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
#endif
-#define VER_DESC (gnutls_cli_opt_strs+3263)
-#define VER_name (gnutls_cli_opt_strs+3299)
+#define VER_DESC (gnutls_cli_opt_strs+3333)
+#define VER_name (gnutls_cli_opt_strs+3369)
/*
* Declare option callback procedures
*/
@@ -673,8 +686,20 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ DANE_DESC, DANE_NAME, DANE_name,
/* disablement strs */ NOT_DANE_name, NOT_DANE_PFX },
- { /* entry idx, value */ 4, VALUE_OPT_CA_VERIFICATION,
- /* equiv idx, value */ 4, VALUE_OPT_CA_VERIFICATION,
+ { /* entry idx, value */ 4, VALUE_OPT_LOCAL_DNS,
+ /* equiv idx, value */ 4, VALUE_OPT_LOCAL_DNS,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ LOCAL_DNS_FLAGS, 0,
+ /* last opt argumnt */ { NULL }, /* --local-dns */
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ NULL,
+ /* desc, NAME, name */ LOCAL_DNS_DESC, LOCAL_DNS_NAME, LOCAL_DNS_name,
+ /* disablement strs */ NOT_LOCAL_DNS_name, NOT_LOCAL_DNS_PFX },
+
+ { /* entry idx, value */ 5, VALUE_OPT_CA_VERIFICATION,
+ /* equiv idx, value */ 5, VALUE_OPT_CA_VERIFICATION,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ CA_VERIFICATION_FLAGS, 0,
@@ -685,8 +710,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ CA_VERIFICATION_DESC, CA_VERIFICATION_NAME,
CA_VERIFICATION_name,
/* disablement strs */ NOT_CA_VERIFICATION_name, NOT_CA_VERIFICATION_PFX
},
- { /* entry idx, value */ 5, VALUE_OPT_OCSP,
- /* equiv idx, value */ 5, VALUE_OPT_OCSP,
+ { /* entry idx, value */ 6, VALUE_OPT_OCSP,
+ /* equiv idx, value */ 6, VALUE_OPT_OCSP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OCSP_FLAGS, 0,
@@ -697,8 +722,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ OCSP_DESC, OCSP_NAME, OCSP_name,
/* disablement strs */ NOT_OCSP_name, NOT_OCSP_PFX },
- { /* entry idx, value */ 6, VALUE_OPT_RESUME,
- /* equiv idx, value */ 6, VALUE_OPT_RESUME,
+ { /* entry idx, value */ 7, VALUE_OPT_RESUME,
+ /* equiv idx, value */ 7, VALUE_OPT_RESUME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ RESUME_FLAGS, 0,
@@ -709,8 +734,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ RESUME_DESC, RESUME_NAME, RESUME_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 7, VALUE_OPT_HEARTBEAT,
- /* equiv idx, value */ 7, VALUE_OPT_HEARTBEAT,
+ { /* entry idx, value */ 8, VALUE_OPT_HEARTBEAT,
+ /* equiv idx, value */ 8, VALUE_OPT_HEARTBEAT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ HEARTBEAT_FLAGS, 0,
@@ -721,8 +746,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ HEARTBEAT_DESC, HEARTBEAT_NAME, HEARTBEAT_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 8, VALUE_OPT_REHANDSHAKE,
- /* equiv idx, value */ 8, VALUE_OPT_REHANDSHAKE,
+ { /* entry idx, value */ 9, VALUE_OPT_REHANDSHAKE,
+ /* equiv idx, value */ 9, VALUE_OPT_REHANDSHAKE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ REHANDSHAKE_FLAGS, 0,
@@ -733,8 +758,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ REHANDSHAKE_DESC, REHANDSHAKE_NAME,
REHANDSHAKE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 9, VALUE_OPT_NOTICKET,
- /* equiv idx, value */ 9, VALUE_OPT_NOTICKET,
+ { /* entry idx, value */ 10, VALUE_OPT_NOTICKET,
+ /* equiv idx, value */ 10, VALUE_OPT_NOTICKET,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ NOTICKET_FLAGS, 0,
@@ -745,8 +770,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ NOTICKET_DESC, NOTICKET_NAME, NOTICKET_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 10, VALUE_OPT_OCSP_STATUS_REQUEST,
- /* equiv idx, value */ 10, VALUE_OPT_OCSP_STATUS_REQUEST,
+ { /* entry idx, value */ 11, VALUE_OPT_OCSP_STATUS_REQUEST,
+ /* equiv idx, value */ 11, VALUE_OPT_OCSP_STATUS_REQUEST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OCSP_STATUS_REQUEST_FLAGS, 0,
@@ -757,8 +782,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ OCSP_STATUS_REQUEST_DESC,
OCSP_STATUS_REQUEST_NAME, OCSP_STATUS_REQUEST_name,
/* disablement strs */ NOT_OCSP_STATUS_REQUEST_name,
NOT_OCSP_STATUS_REQUEST_PFX },
- { /* entry idx, value */ 11, VALUE_OPT_STARTTLS,
- /* equiv idx, value */ 11, VALUE_OPT_STARTTLS,
+ { /* entry idx, value */ 12, VALUE_OPT_STARTTLS,
+ /* equiv idx, value */ 12, VALUE_OPT_STARTTLS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ STARTTLS_FLAGS, 0,
@@ -769,8 +794,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ STARTTLS_DESC, STARTTLS_NAME, STARTTLS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 12, VALUE_OPT_UDP,
- /* equiv idx, value */ 12, VALUE_OPT_UDP,
+ { /* entry idx, value */ 13, VALUE_OPT_UDP,
+ /* equiv idx, value */ 13, VALUE_OPT_UDP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ UDP_FLAGS, 0,
@@ -781,8 +806,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ UDP_DESC, UDP_NAME, UDP_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 13, VALUE_OPT_MTU,
- /* equiv idx, value */ 13, VALUE_OPT_MTU,
+ { /* entry idx, value */ 14, VALUE_OPT_MTU,
+ /* equiv idx, value */ 14, VALUE_OPT_MTU,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ MTU_FLAGS, 0,
@@ -793,8 +818,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ MTU_DESC, MTU_NAME, MTU_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 14, VALUE_OPT_CRLF,
- /* equiv idx, value */ 14, VALUE_OPT_CRLF,
+ { /* entry idx, value */ 15, VALUE_OPT_CRLF,
+ /* equiv idx, value */ 15, VALUE_OPT_CRLF,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ CRLF_FLAGS, 0,
@@ -805,8 +830,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ CRLF_DESC, CRLF_NAME, CRLF_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 15, VALUE_OPT_X509FMTDER,
- /* equiv idx, value */ 15, VALUE_OPT_X509FMTDER,
+ { /* entry idx, value */ 16, VALUE_OPT_X509FMTDER,
+ /* equiv idx, value */ 16, VALUE_OPT_X509FMTDER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509FMTDER_FLAGS, 0,
@@ -817,8 +842,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ X509FMTDER_DESC, X509FMTDER_NAME, X509FMTDER_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 16, VALUE_OPT_FINGERPRINT,
- /* equiv idx, value */ 16, VALUE_OPT_FINGERPRINT,
+ { /* entry idx, value */ 17, VALUE_OPT_FINGERPRINT,
+ /* equiv idx, value */ 17, VALUE_OPT_FINGERPRINT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ FINGERPRINT_FLAGS, 0,
@@ -829,8 +854,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ FINGERPRINT_DESC, FINGERPRINT_NAME,
FINGERPRINT_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 17, VALUE_OPT_DISABLE_EXTENSIONS,
- /* equiv idx, value */ 17, VALUE_OPT_DISABLE_EXTENSIONS,
+ { /* entry idx, value */ 18, VALUE_OPT_DISABLE_EXTENSIONS,
+ /* equiv idx, value */ 18, VALUE_OPT_DISABLE_EXTENSIONS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DISABLE_EXTENSIONS_FLAGS, 0,
@@ -841,8 +866,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ DISABLE_EXTENSIONS_DESC, DISABLE_EXTENSIONS_NAME,
DISABLE_EXTENSIONS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 18, VALUE_OPT_PRINT_CERT,
- /* equiv idx, value */ 18, VALUE_OPT_PRINT_CERT,
+ { /* entry idx, value */ 19, VALUE_OPT_PRINT_CERT,
+ /* equiv idx, value */ 19, VALUE_OPT_PRINT_CERT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PRINT_CERT_FLAGS, 0,
@@ -853,8 +878,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PRINT_CERT_DESC, PRINT_CERT_NAME, PRINT_CERT_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 19, VALUE_OPT_RECORDSIZE,
- /* equiv idx, value */ 19, VALUE_OPT_RECORDSIZE,
+ { /* entry idx, value */ 20, VALUE_OPT_RECORDSIZE,
+ /* equiv idx, value */ 20, VALUE_OPT_RECORDSIZE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ RECORDSIZE_FLAGS, 0,
@@ -865,8 +890,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ RECORDSIZE_DESC, RECORDSIZE_NAME, RECORDSIZE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 20, VALUE_OPT_DH_BITS,
- /* equiv idx, value */ 20, VALUE_OPT_DH_BITS,
+ { /* entry idx, value */ 21, VALUE_OPT_DH_BITS,
+ /* equiv idx, value */ 21, VALUE_OPT_DH_BITS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DH_BITS_FLAGS, 0,
@@ -877,8 +902,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ DH_BITS_DESC, DH_BITS_NAME, DH_BITS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 21, VALUE_OPT_PRIORITY,
- /* equiv idx, value */ 21, VALUE_OPT_PRIORITY,
+ { /* entry idx, value */ 22, VALUE_OPT_PRIORITY,
+ /* equiv idx, value */ 22, VALUE_OPT_PRIORITY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PRIORITY_FLAGS, 0,
@@ -889,8 +914,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PRIORITY_DESC, PRIORITY_NAME, PRIORITY_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 22, VALUE_OPT_X509CAFILE,
- /* equiv idx, value */ 22, VALUE_OPT_X509CAFILE,
+ { /* entry idx, value */ 23, VALUE_OPT_X509CAFILE,
+ /* equiv idx, value */ 23, VALUE_OPT_X509CAFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CAFILE_FLAGS, 0,
@@ -901,8 +926,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ X509CAFILE_DESC, X509CAFILE_NAME, X509CAFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 23, VALUE_OPT_X509CRLFILE,
- /* equiv idx, value */ 23, VALUE_OPT_X509CRLFILE,
+ { /* entry idx, value */ 24, VALUE_OPT_X509CRLFILE,
+ /* equiv idx, value */ 24, VALUE_OPT_X509CRLFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CRLFILE_FLAGS, 0,
@@ -913,8 +938,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ X509CRLFILE_DESC, X509CRLFILE_NAME,
X509CRLFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 24, VALUE_OPT_PGPKEYFILE,
- /* equiv idx, value */ 24, VALUE_OPT_PGPKEYFILE,
+ { /* entry idx, value */ 25, VALUE_OPT_PGPKEYFILE,
+ /* equiv idx, value */ 25, VALUE_OPT_PGPKEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYFILE_FLAGS, 0,
@@ -925,8 +950,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PGPKEYFILE_DESC, PGPKEYFILE_NAME, PGPKEYFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 25, VALUE_OPT_PGPKEYRING,
- /* equiv idx, value */ 25, VALUE_OPT_PGPKEYRING,
+ { /* entry idx, value */ 26, VALUE_OPT_PGPKEYRING,
+ /* equiv idx, value */ 26, VALUE_OPT_PGPKEYRING,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYRING_FLAGS, 0,
@@ -937,8 +962,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PGPKEYRING_DESC, PGPKEYRING_NAME, PGPKEYRING_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 26, VALUE_OPT_PGPCERTFILE,
- /* equiv idx, value */ 26, VALUE_OPT_PGPCERTFILE,
+ { /* entry idx, value */ 27, VALUE_OPT_PGPCERTFILE,
+ /* equiv idx, value */ 27, VALUE_OPT_PGPCERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPCERTFILE_FLAGS, 0,
@@ -949,8 +974,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PGPCERTFILE_DESC, PGPCERTFILE_NAME,
PGPCERTFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 27, VALUE_OPT_X509KEYFILE,
- /* equiv idx, value */ 27, VALUE_OPT_X509KEYFILE,
+ { /* entry idx, value */ 28, VALUE_OPT_X509KEYFILE,
+ /* equiv idx, value */ 28, VALUE_OPT_X509KEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509KEYFILE_FLAGS, 0,
@@ -961,8 +986,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ X509KEYFILE_DESC, X509KEYFILE_NAME,
X509KEYFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 28, VALUE_OPT_X509CERTFILE,
- /* equiv idx, value */ 28, VALUE_OPT_X509CERTFILE,
+ { /* entry idx, value */ 29, VALUE_OPT_X509CERTFILE,
+ /* equiv idx, value */ 29, VALUE_OPT_X509CERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CERTFILE_FLAGS, 0,
@@ -973,8 +998,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ X509CERTFILE_DESC, X509CERTFILE_NAME,
X509CERTFILE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 29, VALUE_OPT_PGPSUBKEY,
- /* equiv idx, value */ 29, VALUE_OPT_PGPSUBKEY,
+ { /* entry idx, value */ 30, VALUE_OPT_PGPSUBKEY,
+ /* equiv idx, value */ 30, VALUE_OPT_PGPSUBKEY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPSUBKEY_FLAGS, 0,
@@ -985,8 +1010,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PGPSUBKEY_DESC, PGPSUBKEY_NAME, PGPSUBKEY_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 30, VALUE_OPT_SRPUSERNAME,
- /* equiv idx, value */ 30, VALUE_OPT_SRPUSERNAME,
+ { /* entry idx, value */ 31, VALUE_OPT_SRPUSERNAME,
+ /* equiv idx, value */ 31, VALUE_OPT_SRPUSERNAME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPUSERNAME_FLAGS, 0,
@@ -997,8 +1022,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ SRPUSERNAME_DESC, SRPUSERNAME_NAME,
SRPUSERNAME_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 31, VALUE_OPT_SRPPASSWD,
- /* equiv idx, value */ 31, VALUE_OPT_SRPPASSWD,
+ { /* entry idx, value */ 32, VALUE_OPT_SRPPASSWD,
+ /* equiv idx, value */ 32, VALUE_OPT_SRPPASSWD,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPPASSWD_FLAGS, 0,
@@ -1009,8 +1034,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ SRPPASSWD_DESC, SRPPASSWD_NAME, SRPPASSWD_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 32, VALUE_OPT_PSKUSERNAME,
- /* equiv idx, value */ 32, VALUE_OPT_PSKUSERNAME,
+ { /* entry idx, value */ 33, VALUE_OPT_PSKUSERNAME,
+ /* equiv idx, value */ 33, VALUE_OPT_PSKUSERNAME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKUSERNAME_FLAGS, 0,
@@ -1021,8 +1046,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PSKUSERNAME_DESC, PSKUSERNAME_NAME,
PSKUSERNAME_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 33, VALUE_OPT_PSKKEY,
- /* equiv idx, value */ 33, VALUE_OPT_PSKKEY,
+ { /* entry idx, value */ 34, VALUE_OPT_PSKKEY,
+ /* equiv idx, value */ 34, VALUE_OPT_PSKKEY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKKEY_FLAGS, 0,
@@ -1033,8 +1058,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PSKKEY_DESC, PSKKEY_NAME, PSKKEY_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 34, VALUE_OPT_PORT,
- /* equiv idx, value */ 34, VALUE_OPT_PORT,
+ { /* entry idx, value */ 35, VALUE_OPT_PORT,
+ /* equiv idx, value */ 35, VALUE_OPT_PORT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PORT_FLAGS, 0,
@@ -1045,8 +1070,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PORT_DESC, PORT_NAME, PORT_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 35, VALUE_OPT_INSECURE,
- /* equiv idx, value */ 35, VALUE_OPT_INSECURE,
+ { /* entry idx, value */ 36, VALUE_OPT_INSECURE,
+ /* equiv idx, value */ 36, VALUE_OPT_INSECURE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ INSECURE_FLAGS, 0,
@@ -1057,8 +1082,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ INSECURE_DESC, INSECURE_NAME, INSECURE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 36, VALUE_OPT_BENCHMARK_CIPHERS,
- /* equiv idx, value */ 36, VALUE_OPT_BENCHMARK_CIPHERS,
+ { /* entry idx, value */ 37, VALUE_OPT_BENCHMARK_CIPHERS,
+ /* equiv idx, value */ 37, VALUE_OPT_BENCHMARK_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_CIPHERS_FLAGS, 0,
@@ -1069,8 +1094,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BENCHMARK_CIPHERS_DESC, BENCHMARK_CIPHERS_NAME,
BENCHMARK_CIPHERS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 37, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
- /* equiv idx, value */ 37, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
+ { /* entry idx, value */ 38, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
+ /* equiv idx, value */ 38, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_SOFT_CIPHERS_FLAGS, 0,
@@ -1081,8 +1106,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BENCHMARK_SOFT_CIPHERS_DESC,
BENCHMARK_SOFT_CIPHERS_NAME, BENCHMARK_SOFT_CIPHERS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 38, VALUE_OPT_BENCHMARK_TLS_KX,
- /* equiv idx, value */ 38, VALUE_OPT_BENCHMARK_TLS_KX,
+ { /* entry idx, value */ 39, VALUE_OPT_BENCHMARK_TLS_KX,
+ /* equiv idx, value */ 39, VALUE_OPT_BENCHMARK_TLS_KX,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_TLS_KX_FLAGS, 0,
@@ -1093,8 +1118,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BENCHMARK_TLS_KX_DESC, BENCHMARK_TLS_KX_NAME,
BENCHMARK_TLS_KX_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 39, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
- /* equiv idx, value */ 39, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
+ { /* entry idx, value */ 40, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
+ /* equiv idx, value */ 40, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_TLS_CIPHERS_FLAGS, 0,
@@ -1105,8 +1130,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BENCHMARK_TLS_CIPHERS_DESC,
BENCHMARK_TLS_CIPHERS_NAME, BENCHMARK_TLS_CIPHERS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 40, VALUE_OPT_LIST,
- /* equiv idx, value */ 40, VALUE_OPT_LIST,
+ { /* entry idx, value */ 41, VALUE_OPT_LIST,
+ /* equiv idx, value */ 41, VALUE_OPT_LIST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ LIST_FLAGS, 0,
@@ -1161,14 +1186,14 @@ static tOptDesc optDesc[OPTION_CT] = {
*
* Define the gnutls-cli Option Environment
*/
-#define zPROGNAME (gnutls_cli_opt_strs+3307)
-#define zUsageTitle (gnutls_cli_opt_strs+3318)
+#define zPROGNAME (gnutls_cli_opt_strs+3377)
+#define zUsageTitle (gnutls_cli_opt_strs+3388)
#define zRcName NULL
#define apzHomeList NULL
-#define zBugsAddr (gnutls_cli_opt_strs+3431)
-#define zExplain (gnutls_cli_opt_strs+3450)
-#define zDetail (gnutls_cli_opt_strs+3453)
-#define zFullVersion (gnutls_cli_opt_strs+3637)
+#define zBugsAddr (gnutls_cli_opt_strs+3501)
+#define zExplain (gnutls_cli_opt_strs+3520)
+#define zDetail (gnutls_cli_opt_strs+3523)
+#define zFullVersion (gnutls_cli_opt_strs+3707)
/* extracted from optcode.tlib near line 350 */
#if defined(ENABLE_NLS)
@@ -1182,7 +1207,7 @@ static tOptDesc optDesc[OPTION_CT] = {
#define gnutls_cli_full_usage (NULL)
-#define gnutls_cli_short_usage (gnutls_cli_opt_strs+3658)
+#define gnutls_cli_short_usage (gnutls_cli_opt_strs+3728)
#endif /* not defined __doxygen__ */
@@ -1460,7 +1485,7 @@ tOptions gnutls_cliOptions = {
NO_EQUIVALENT, /* '-#' option index */
NO_EQUIVALENT /* index of default opt */
},
- 44 /* full option count */, 41 /* user option count */,
+ 45 /* full option count */, 42 /* user option count */,
gnutls_cli_full_usage, gnutls_cli_short_usage,
NULL, NULL,
PKGDATADIR, gnutls_cli_packager_info
diff --git a/src/cli-args.def b/src/cli-args.def
index a23e0a5..85952d7 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -31,6 +31,15 @@ available via DNSSEC.";
};
flag = {
+ name = local-dns;
+ descrip = "Use the local DNS server for DNSSEC resolving.";
+ disabled;
+ disable = "no";
+ doc = "This option will use the local DNS server for DNSSEC.
+This is disabled by default due to many servers not allowing DNSSEC.";
+};
+
+flag = {
name = ca-verification;
descrip = "Disable CA certificate verification";
enabled;
@@ -125,7 +134,7 @@ flag = {
flag = {
name = disable-extensions;
descrip = "Disable all the TLS extensions";
- doc = "";
+ doc = "This option disables all TLS extensions. Deprecated option.
Use the priority string.";
};
flag = {
diff --git a/src/cli-args.h b/src/cli-args.h
index f2ad811..f664a70 100644
--- a/src/cli-args.h
+++ b/src/cli-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.h)
*
- * It has been AutoGen-ed October 7, 2012 at 01:02:46 PM by AutoGen 5.16
+ * It has been AutoGen-ed October 13, 2012 at 08:48:21 PM by AutoGen 5.16
* From the definitions cli-args.def
* and the template file options
*
@@ -71,49 +71,50 @@ typedef enum {
INDEX_OPT_VERBOSE = 1,
INDEX_OPT_TOFU = 2,
INDEX_OPT_DANE = 3,
- INDEX_OPT_CA_VERIFICATION = 4,
- INDEX_OPT_OCSP = 5,
- INDEX_OPT_RESUME = 6,
- INDEX_OPT_HEARTBEAT = 7,
- INDEX_OPT_REHANDSHAKE = 8,
- INDEX_OPT_NOTICKET = 9,
- INDEX_OPT_OCSP_STATUS_REQUEST = 10,
- INDEX_OPT_STARTTLS = 11,
- INDEX_OPT_UDP = 12,
- INDEX_OPT_MTU = 13,
- INDEX_OPT_CRLF = 14,
- INDEX_OPT_X509FMTDER = 15,
- INDEX_OPT_FINGERPRINT = 16,
- INDEX_OPT_DISABLE_EXTENSIONS = 17,
- INDEX_OPT_PRINT_CERT = 18,
- INDEX_OPT_RECORDSIZE = 19,
- INDEX_OPT_DH_BITS = 20,
- INDEX_OPT_PRIORITY = 21,
- INDEX_OPT_X509CAFILE = 22,
- INDEX_OPT_X509CRLFILE = 23,
- INDEX_OPT_PGPKEYFILE = 24,
- INDEX_OPT_PGPKEYRING = 25,
- INDEX_OPT_PGPCERTFILE = 26,
- INDEX_OPT_X509KEYFILE = 27,
- INDEX_OPT_X509CERTFILE = 28,
- INDEX_OPT_PGPSUBKEY = 29,
- INDEX_OPT_SRPUSERNAME = 30,
- INDEX_OPT_SRPPASSWD = 31,
- INDEX_OPT_PSKUSERNAME = 32,
- INDEX_OPT_PSKKEY = 33,
- INDEX_OPT_PORT = 34,
- INDEX_OPT_INSECURE = 35,
- INDEX_OPT_BENCHMARK_CIPHERS = 36,
- INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 37,
- INDEX_OPT_BENCHMARK_TLS_KX = 38,
- INDEX_OPT_BENCHMARK_TLS_CIPHERS = 39,
- INDEX_OPT_LIST = 40,
- INDEX_OPT_VERSION = 41,
- INDEX_OPT_HELP = 42,
- INDEX_OPT_MORE_HELP = 43
+ INDEX_OPT_LOCAL_DNS = 4,
+ INDEX_OPT_CA_VERIFICATION = 5,
+ INDEX_OPT_OCSP = 6,
+ INDEX_OPT_RESUME = 7,
+ INDEX_OPT_HEARTBEAT = 8,
+ INDEX_OPT_REHANDSHAKE = 9,
+ INDEX_OPT_NOTICKET = 10,
+ INDEX_OPT_OCSP_STATUS_REQUEST = 11,
+ INDEX_OPT_STARTTLS = 12,
+ INDEX_OPT_UDP = 13,
+ INDEX_OPT_MTU = 14,
+ INDEX_OPT_CRLF = 15,
+ INDEX_OPT_X509FMTDER = 16,
+ INDEX_OPT_FINGERPRINT = 17,
+ INDEX_OPT_DISABLE_EXTENSIONS = 18,
+ INDEX_OPT_PRINT_CERT = 19,
+ INDEX_OPT_RECORDSIZE = 20,
+ INDEX_OPT_DH_BITS = 21,
+ INDEX_OPT_PRIORITY = 22,
+ INDEX_OPT_X509CAFILE = 23,
+ INDEX_OPT_X509CRLFILE = 24,
+ INDEX_OPT_PGPKEYFILE = 25,
+ INDEX_OPT_PGPKEYRING = 26,
+ INDEX_OPT_PGPCERTFILE = 27,
+ INDEX_OPT_X509KEYFILE = 28,
+ INDEX_OPT_X509CERTFILE = 29,
+ INDEX_OPT_PGPSUBKEY = 30,
+ INDEX_OPT_SRPUSERNAME = 31,
+ INDEX_OPT_SRPPASSWD = 32,
+ INDEX_OPT_PSKUSERNAME = 33,
+ INDEX_OPT_PSKKEY = 34,
+ INDEX_OPT_PORT = 35,
+ INDEX_OPT_INSECURE = 36,
+ INDEX_OPT_BENCHMARK_CIPHERS = 37,
+ INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 38,
+ INDEX_OPT_BENCHMARK_TLS_KX = 39,
+ INDEX_OPT_BENCHMARK_TLS_CIPHERS = 40,
+ INDEX_OPT_LIST = 41,
+ INDEX_OPT_VERSION = 42,
+ INDEX_OPT_HELP = 43,
+ INDEX_OPT_MORE_HELP = 44
} teOptIndex;
-#define OPTION_CT 44
+#define OPTION_CT 45
#define GNUTLS_CLI_VERSION "@VERSION@"
#define GNUTLS_CLI_FULL_VERSION "gnutls-cli @VERSION@"
@@ -157,48 +158,49 @@ typedef enum {
#define VALUE_OPT_VERBOSE 'V'
#define VALUE_OPT_TOFU 2
#define VALUE_OPT_DANE 3
-#define VALUE_OPT_CA_VERIFICATION 4
-#define VALUE_OPT_OCSP 5
+#define VALUE_OPT_LOCAL_DNS 4
+#define VALUE_OPT_CA_VERIFICATION 5
+#define VALUE_OPT_OCSP 6
#define VALUE_OPT_RESUME 'r'
#define VALUE_OPT_HEARTBEAT 'b'
#define VALUE_OPT_REHANDSHAKE 'e'
-#define VALUE_OPT_NOTICKET 9
-#define VALUE_OPT_OCSP_STATUS_REQUEST 10
+#define VALUE_OPT_NOTICKET 10
+#define VALUE_OPT_OCSP_STATUS_REQUEST 11
#define VALUE_OPT_STARTTLS 's'
#define VALUE_OPT_UDP 'u'
-#define VALUE_OPT_MTU 13
+#define VALUE_OPT_MTU 14
#define OPT_VALUE_MTU (DESC(MTU).optArg.argInt)
-#define VALUE_OPT_CRLF 14
-#define VALUE_OPT_X509FMTDER 15
+#define VALUE_OPT_CRLF 15
+#define VALUE_OPT_X509FMTDER 16
#define VALUE_OPT_FINGERPRINT 'f'
-#define VALUE_OPT_DISABLE_EXTENSIONS 17
-#define VALUE_OPT_PRINT_CERT 18
-#define VALUE_OPT_RECORDSIZE 19
+#define VALUE_OPT_DISABLE_EXTENSIONS 18
+#define VALUE_OPT_PRINT_CERT 19
+#define VALUE_OPT_RECORDSIZE 20
#define OPT_VALUE_RECORDSIZE (DESC(RECORDSIZE).optArg.argInt)
-#define VALUE_OPT_DH_BITS 20
+#define VALUE_OPT_DH_BITS 21
#define OPT_VALUE_DH_BITS (DESC(DH_BITS).optArg.argInt)
-#define VALUE_OPT_PRIORITY 21
-#define VALUE_OPT_X509CAFILE 22
-#define VALUE_OPT_X509CRLFILE 23
-#define VALUE_OPT_PGPKEYFILE 24
-#define VALUE_OPT_PGPKEYRING 25
-#define VALUE_OPT_PGPCERTFILE 26
-#define VALUE_OPT_X509KEYFILE 27
-#define VALUE_OPT_X509CERTFILE 28
-#define VALUE_OPT_PGPSUBKEY 29
-#define VALUE_OPT_SRPUSERNAME 30
-#define VALUE_OPT_SRPPASSWD 31
-#define VALUE_OPT_PSKUSERNAME 32
-#define VALUE_OPT_PSKKEY 129
+#define VALUE_OPT_PRIORITY 22
+#define VALUE_OPT_X509CAFILE 23
+#define VALUE_OPT_X509CRLFILE 24
+#define VALUE_OPT_PGPKEYFILE 25
+#define VALUE_OPT_PGPKEYRING 26
+#define VALUE_OPT_PGPCERTFILE 27
+#define VALUE_OPT_X509KEYFILE 28
+#define VALUE_OPT_X509CERTFILE 29
+#define VALUE_OPT_PGPSUBKEY 30
+#define VALUE_OPT_SRPUSERNAME 31
+#define VALUE_OPT_SRPPASSWD 32
+#define VALUE_OPT_PSKUSERNAME 129
+#define VALUE_OPT_PSKKEY 130
#define VALUE_OPT_PORT 'p'
-#define VALUE_OPT_INSECURE 131
-#define VALUE_OPT_BENCHMARK_CIPHERS 132
-#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 133
-#define VALUE_OPT_BENCHMARK_TLS_KX 134
-#define VALUE_OPT_BENCHMARK_TLS_CIPHERS 135
+#define VALUE_OPT_INSECURE 132
+#define VALUE_OPT_BENCHMARK_CIPHERS 133
+#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 134
+#define VALUE_OPT_BENCHMARK_TLS_KX 135
+#define VALUE_OPT_BENCHMARK_TLS_CIPHERS 136
#define VALUE_OPT_LIST 'l'
#define VALUE_OPT_HELP 'h'
#define VALUE_OPT_MORE_HELP '!'
diff --git a/src/cli.c b/src/cli.c
index a4bcc46..2cf50d4 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -89,6 +89,7 @@ const char *x509_cafile = NULL;
const char *x509_crlfile = NULL;
static int x509ctype;
static int disable_extensions;
+static unsigned int init_flags = GNUTLS_CLIENT;
static const char * priorities = NULL;
const char *psk_username = NULL;
@@ -484,8 +485,9 @@ cert_verify_callback (gnutls_session_t session)
#ifdef HAVE_DANE
if (dane) /* try DANE auth */
{
+ unsigned int sflags =
ENABLED_OPT(LOCAL_DNS)?0:DANE_F_IGNORE_LOCAL_RESOLVER;
rc = dane_verify_session_crt( NULL, session, hostname, udp?"udp":"tcp",
atoi(service),
- DANE_F_IGNORE_LOCAL_RESOLVER, 0, &status);
+ sflags, 0, &status);
if (rc < 0)
{
fprintf(stderr, "*** DANE verification error: %s\n",
dane_strerror(rc));
@@ -612,12 +614,12 @@ init_tls_session (const char *hostname)
if (udp)
{
- gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
+ gnutls_init (&session, GNUTLS_DATAGRAM|init_flags);
if (mtu)
gnutls_dtls_set_mtu(session, mtu);
}
else
- gnutls_init (&session, GNUTLS_CLIENT);
+ gnutls_init (&session, init_flags);
if ((ret = gnutls_priority_set_direct (session, priorities, &err)) < 0)
{
@@ -671,21 +673,6 @@ init_tls_session (const char *hostname)
if (HAVE_OPT(HEARTBEAT))
gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
- /* OCSP status-request TLS extension */
- if (status_request_ocsp > 0 && disable_extensions == 0)
- {
- if (gnutls_ocsp_status_request_enable_client (session, NULL, 0, NULL) <
0)
- {
- fprintf (stderr, "Cannot set OCSP status request information.\n");
- exit (1);
- }
- }
-
-#ifdef ENABLE_SESSION_TICKET
- if (disable_extensions == 0 && !HAVE_OPT(NOTICKET)t)
- gnutls_session_ticket_enable_client (session);
-#endif
-
return session;
}
@@ -1127,6 +1114,9 @@ const char* rest = NULL;
}
disable_extensions = HAVE_OPT( DISABLE_EXTENSIONS);
+ if (disable_extensions)
+ init_flags |= GNUTLS_NO_EXTENSIONS;
+
starttls = HAVE_OPT(STARTTLS);
resume = HAVE_OPT(RESUME);
rehandshake = HAVE_OPT(REHANDSHAKE);
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-3-g75f1bde,
Nikos Mavrogiannopoulos <=