diff options
Diffstat (limited to 'security/nss/cmd/selfserv/selfserv.c')
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index f34af7d74..65b1ee304 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -159,7 +159,7 @@ static void PrintUsageHeader(const char *progName) { fprintf(stderr, - "Usage: %s -n rsa_nickname -p port [-BDENRbjlmrsuvx] [-w password]\n" + "Usage: %s -n rsa_nickname -p port [-BDENRZbjlmrsuvx] [-w password]\n" " [-t threads] [-i pid_file] [-c ciphers] [-Y] [-d dbdir] [-g numblocks]\n" " [-f password_file] [-L [seconds]] [-M maxProcs] [-P dbprefix]\n" " [-V [min-version]:[max-version]] [-a sni_name]\n" @@ -169,7 +169,8 @@ PrintUsageHeader(const char *progName) " [-e ec_nickname]" #endif /* NSS_DISABLE_ECC */ "\n" - " -U [0|1] -H [0|1|2] -W [0|1]\n", + " -U [0|1] -H [0|1|2] -W [0|1]\n" + "\n", progName); } @@ -219,7 +220,7 @@ PrintParameterUsage() "-A <ca> Nickname of a CA used to sign a stapled cert status\n" "-U override default ECDHE ephemeral key reuse, 0: refresh, 1: reuse\n" "-H override default DHE server support, 0: disable, 1: enable, " - " 2: require DH named groups\n" + " 2: require DH named groups [RFC7919]\n" "-W override default DHE server weak parameters support, 0: disable, 1: enable\n" "-c Restrict ciphers\n" "-Y prints cipher values allowed for parameter -c and exits\n" @@ -227,7 +228,8 @@ PrintParameterUsage() "-Q enables ALPN for HTTP/1.1 [RFC7301]\n" "-I comma separated list of enabled groups for TLS key exchange.\n" " The following values are valid:\n" - " P256, P384, P521, x25519, FF2048, FF3072, FF4096, FF6144, FF8192\n", + " P256, P384, P521, x25519, FF2048, FF3072, FF4096, FF6144, FF8192\n" + "-Z enable 0-RTT (for TLS 1.3; also use -u)\n", stderr); } @@ -2305,7 +2307,9 @@ main(int argc, char **argv) if (SECU_ParseSSLVersionRangeString(optstate->value, enabledVersions, &enabledVersions) != SECSuccess) { + fprintf(stderr, "Bad version specified.\n"); Usage(progName); + exit(1); } break; |