Refactor the tls/dlts version options

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10134)

1 files changed, 9 insertions, 40 deletions

diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 743ad616d5..a4bc020c39 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -83,11 +83,6 @@ B<openssl> B<s_server>
 [B<-split_send_frag> I<+int>]
 [B<-max_pipelines> I<+int>]
 [B<-read_buf> I<+int>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-no_tls1_1>]
-[B<-no_tls1_2>]
-[B<-no_tls1_3>]
 [B<-bugs>]
 [B<-no_comp>]
 [B<-comp>]
@@ -149,17 +144,9 @@ B<openssl> B<s_server>
 [B<-psk_session> I<file>]
 [B<-srpvfile> I<infile>]
 [B<-srpuserseed> I<val>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-tls1_1>]
-[B<-tls1_2>]
-[B<-tls1_3>]
-[B<-dtls>]
 [B<-timeout>]
 [B<-mtu> I<+int>]
 [B<-listen>]
-[B<-dtls1>]
-[B<-dtls1_2>]
 [B<-sctp>]
 [B<-sctp_label_bug>]
 [B<-no_dhe>]
@@ -173,6 +160,7 @@ B<openssl> B<s_server>
 [B<-no_anti_replay>]
 [B<-http_server_binmode>]
 {- $OpenSSL::safe::opt_name_synopsis -}
+{- $OpenSSL::safe::opt_version_synopsis -}
 {- $OpenSSL::safe::opt_x_synopsis -}
 {- $OpenSSL::safe::opt_trust_synopsis -}
 {- $OpenSSL::safe::opt_r_synopsis -}
@@ -391,22 +379,18 @@ web browser. Cannot be used in conjunction with B<-early_data>.
 
 Emulates a simple web server. Pages will be resolved relative to the
 current directory, for example if the URL https://myhost/page.html is
-requested the file F<./page.html> will be loaded. Cannot be used in conjunction
+requested the file F<./page.html> will be loaded.
+The files loaded are
+assumed to contain a complete and correct HTTP response (lines that
+are part of the HTTP response line and headers must end with CRLF). Cannot be
+used in conjunction with B<-early_data>.
+Cannot be used in conjunction
 with B<-early_data>.
 
 =item B<-tlsextdebug>
 
 Print a hex dump of any TLS extensions received from the server.
 
-=item B<-HTTP>
-
-Emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file F<./page.html> will be loaded. The files loaded are
-assumed to contain a complete and correct HTTP response (lines that
-are part of the HTTP response line and headers must end with CRLF). Cannot be
-used in conjunction with B<-early_data>.
-
 =item B<-id_prefix> I<val>
 
 Generate SSL/TLS session IDs prefixed by I<val>. This is mostly useful
@@ -495,16 +479,6 @@ effect if the buffer size is larger than the size that would otherwise be used
 and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
 further information).
 
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>
-
-These options require or disable the use of the specified SSL or TLS protocols.
-By default, this command will negotiate the highest mutually supported
-protocol version.
-When a specific TLS version is required, only that version will be accepted
-from the client.
-Note that not all protocols and flags may be available, depending on how
-OpenSSL was built.
-
 =item B<-bugs>
 
 There are several known bugs in SSL and TLS implementations. Adding this
@@ -639,13 +613,6 @@ Any without a cookie will be responded to with a HelloVerifyRequest.
 If a ClientHello with a cookie is received then this command will
 connect to that peer and complete the handshake.
 
-=item B<-dtls>, B<-dtls1>, B<-dtls1_2>
-
-These options make this command use DTLS protocols instead of TLS.
-With B<-dtls>, it will negotiate any supported DTLS protocol
-version, whilst B<-dtls1> and B<-dtls1_2> will only support DTLSv1.0 and
-DTLSv1.2 respectively.
-
 =item B<-sctp>
 
 Use SCTP for the transport protocol instead of UDP in DTLS. Must be used in
@@ -709,6 +676,8 @@ by the client in binary mode.
 
 {- $OpenSSL::safe::opt_name_item -}
 
+{- $OpenSSL::safe::opt_version_item -}
+
 {- $OpenSSL::safe::opt_x_item -}
 
 {- $OpenSSL::safe::opt_trust_item -}