diff options
| author |   schwarze <schwarze@openbsd.org> | 2021-01-02 19:58:44 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2021-01-02 19:58:44 +0000 |
| commit | 14dc839606b71d6f01417c4eb5817faa23e4a2c4 (patch) | |
| tree | 9a5e67808cc64b28afd7b89888dcc3e89bad4a96 /lib/libtls | |
| parent | Make list of DHE parameters more prominent (diff) | |
| download | wireguard-openbsd-14dc839606b71d6f01417c4eb5817faa23e4a2c4.tar.xz wireguard-openbsd-14dc839606b71d6f01417c4eb5817faa23e4a2c4.zip | |
Tweak previous:
* Do not abuse .Bl -tag for lists without bodies, use .Bl -item instead.
* In tagged lists, put bodies into bodies, not into heads.
* Add a few missing macros.
* Drop some useless quoting.
Diffstat (limited to 'lib/libtls')
| -rw-r--r-- | lib/libtls/man/tls_config_set_protocols.3 | 53 |
1 files changed, 34 insertions, 19 deletions
diff --git a/lib/libtls/man/tls_config_set_protocols.3 b/lib/libtls/man/tls_config_set_protocols.3 index a636b06f4e0..7c62493e831 100644 --- a/lib/libtls/man/tls_config_set_protocols.3 +++ b/lib/libtls/man/tls_config_set_protocols.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_config_set_protocols.3,v 1.10 2021/01/02 19:15:04 kn Exp $ +.\" $OpenBSD: tls_config_set_protocols.3,v 1.11 2021/01/02 19:58:44 schwarze Exp $ .\" .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2015, 2016 Joel Sing <jsing@openbsd.org> @@ -74,11 +74,15 @@ otherwise. specifies which versions of the TLS protocol may be used. Possible values are the bitwise OR of: .Pp -.Bl -tag -width "TLS_PROTOCOL_TLSv1_2" -offset indent -compact -.It Dv TLS_PROTOCOL_TLSv1_0 -.It Dv TLS_PROTOCOL_TLSv1_1 -.It Dv TLS_PROTOCOL_TLSv1_2 -.It Dv TLS_PROTOCOL_TLSv1_3 +.Bl -item -offset indent -compact +.It +.Dv TLS_PROTOCOL_TLSv1_0 +.It +.Dv TLS_PROTOCOL_TLSv1_1 +.It +.Dv TLS_PROTOCOL_TLSv1_2 +.It +.Dv TLS_PROTOCOL_TLSv1_3 .El .Pp Additionally, the values @@ -106,10 +110,14 @@ Valid keywords are: .It Dv tlsv1.1 .It Dv tlsv1.2 .It Dv tlsv1.3 -.It Dv all Pq all supported protocols -.It Dv default Pq an alias for secure -.It Dv legacy Pq an alias for all -.It Dv secure Pq currently TLSv1.2 and TLSv1.3 +.It Dv all +.Pq all supported protocols +.It Dv default +.Pq an alias for Dv secure +.It Dv legacy +.Pq an alias for Dv all +.It Dv secure +.Pq currently TLSv1.2 and TLSv1.3 .El .Pp If a value has a negative prefix (in the form of a leading exclamation mark) @@ -125,11 +133,15 @@ sets the list of ciphers that may be used. Lists of ciphers are specified by name, and the permitted names are: .Pp -.Bl -tag -width "insecure" -offset indent -compact -.It Dv "secure" (or alias "default") -.It Dv "compat" -.It Dv "legacy" -.It Dv "insecure" (or alias "all") +.Bl -item -offset indent -compact +.It +.Dv secure Pq or alias Dv default +.It +.Dv compat +.It +.Dv legacy +.It +.Dv insecure Pq or alias Dv all .El .Pp Alternatively, libssl cipher strings can be specified. @@ -142,10 +154,13 @@ specifies the parameters that will be used during Diffie-Hellman Ephemeral (DHE) key exchange. Possible values are: .Pp -.Bl -tag -width "legacy" -offset indent -compact -.It Dv none -.It Dv auto -.It Dv legacy +.Bl -item -offset indent -compact +.It +.Dv none +.It +.Dv auto +.It +.Dv legacy .El .Pp In |