Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / usr.bin / openssl / man / sess_id.1
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
8b0cefbb 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
8b0cefbb 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
8b0cefbb 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
8b0cefbb
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
8b0cefbb 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
8b0cefbb
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
8b0cefbb
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
984263bc 41'br\}
8b0cefbb 42.\"
e257b235
PA
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
8b0cefbb 47.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
8b0cefbb
JR
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
e257b235 51.ie \nF \{\
8b0cefbb
JR
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 54..
8b0cefbb
JR
55. nr % 0
56. rr F
984263bc 57.\}
e257b235
PA
58.el \{\
59. de IX
60..
61.\}
aac4ff6f 62.\"
8b0cefbb
JR
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
984263bc 66.if n \{\
8b0cefbb
JR
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
984263bc
MD
72.\}
73.if t \{\
8b0cefbb
JR
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
984263bc 79.\}
8b0cefbb 80. \" simple accents for nroff and troff
984263bc 81.if n \{\
8b0cefbb
JR
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
984263bc
MD
88.\}
89.if t \{\
8b0cefbb
JR
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 96.\}
8b0cefbb 97. \" troff and (daisy-wheel) nroff accents
984263bc
MD
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 107. \" corrections for vroff
984263bc
MD
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 110. \" for low resolution devices (crt and lpr)
984263bc
MD
111.if \n(.H>23 .if \n(.V>19 \
112\{\
8b0cefbb
JR
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
984263bc
MD
122.\}
123.rm #[ #] #H #V #F C
8b0cefbb
JR
124.\" ========================================================================
125.\"
126.IX Title "SESS_ID 1"
e3261593 127.TH SESS_ID 1 "2012-01-04" "1.0.0f" "OpenSSL"
e257b235
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
984263bc 132.SH "NAME"
e3cdf75b 133sess_id \- SSL/TLS session handling utility
984263bc 134.SH "SYNOPSIS"
8b0cefbb
JR
135.IX Header "SYNOPSIS"
136\&\fBopenssl\fR \fBsess_id\fR
984263bc
MD
137[\fB\-inform PEM|DER\fR]
138[\fB\-outform PEM|DER\fR]
139[\fB\-in filename\fR]
140[\fB\-out filename\fR]
141[\fB\-text\fR]
142[\fB\-noout\fR]
8b0cefbb 143[\fB\-context \s-1ID\s0\fR]
984263bc 144.SH "DESCRIPTION"
8b0cefbb
JR
145.IX Header "DESCRIPTION"
146The \fBsess_id\fR process the encoded version of the \s-1SSL\s0 session structure
147and optionally prints out \s-1SSL\s0 session details (for example the \s-1SSL\s0 session
984263bc 148master key) in human readable format. Since this is a diagnostic tool that
8b0cefbb 149needs some knowledge of the \s-1SSL\s0 protocol to use properly, most users will
984263bc 150not need to use it.
8b0cefbb
JR
151.IP "\fB\-inform DER|PEM\fR" 4
152.IX Item "-inform DER|PEM"
984263bc
MD
153This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1\s0 \s-1DER\s0 encoded
154format containing session details. The precise format can vary from one version
155to the next. The \fB\s-1PEM\s0\fR form is the default format: it consists of the \fB\s-1DER\s0\fR
156format base64 encoded with additional header and footer lines.
8b0cefbb
JR
157.IP "\fB\-outform DER|PEM\fR" 4
158.IX Item "-outform DER|PEM"
984263bc 159This specifies the output format, the options have the same meaning as the
8b0cefbb
JR
160\&\fB\-inform\fR option.
161.IP "\fB\-in filename\fR" 4
162.IX Item "-in filename"
984263bc
MD
163This specifies the input filename to read session information from or standard
164input by default.
8b0cefbb
JR
165.IP "\fB\-out filename\fR" 4
166.IX Item "-out filename"
984263bc
MD
167This specifies the output filename to write session information to or standard
168output if this option is not specified.
8b0cefbb
JR
169.IP "\fB\-text\fR" 4
170.IX Item "-text"
984263bc 171prints out the various public or private key components in
e257b235 172plain text in addition to the encoded version.
8b0cefbb
JR
173.IP "\fB\-cert\fR" 4
174.IX Item "-cert"
984263bc
MD
175if a certificate is present in the session it will be output using this option,
176if the \fB\-text\fR option is also present then it will be printed out in text form.
8b0cefbb
JR
177.IP "\fB\-noout\fR" 4
178.IX Item "-noout"
984263bc 179this option prevents output of the encoded version of the session.
8b0cefbb
JR
180.IP "\fB\-context \s-1ID\s0\fR" 4
181.IX Item "-context ID"
984263bc
MD
182this option can set the session id so the output session information uses the
183supplied \s-1ID\s0. The \s-1ID\s0 can be any string of characters. This option wont normally
184be used.
185.SH "OUTPUT"
8b0cefbb 186.IX Header "OUTPUT"
984263bc
MD
187Typical output:
188.PP
189.Vb 10
e257b235 190\& SSL\-Session:
984263bc
MD
191\& Protocol : TLSv1
192\& Cipher : 0016
e257b235
PA
193\& Session\-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
194\& Session\-ID\-ctx: 01000000
195\& Master\-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
196\& Key\-Arg : None
984263bc
MD
197\& Start Time: 948459261
198\& Timeout : 300 (sec)
199\& Verify return code 0 (ok)
200.Ve
8b0cefbb 201.PP
984263bc 202Theses are described below in more detail.
8b0cefbb
JR
203.IP "\fBProtocol\fR" 4
204.IX Item "Protocol"
984263bc 205this is the protocol in use TLSv1, SSLv3 or SSLv2.
8b0cefbb
JR
206.IP "\fBCipher\fR" 4
207.IX Item "Cipher"
984263bc
MD
208the cipher used this is the actual raw \s-1SSL\s0 or \s-1TLS\s0 cipher code, see the \s-1SSL\s0
209or \s-1TLS\s0 specifications for more information.
8b0cefbb
JR
210.IP "\fBSession-ID\fR" 4
211.IX Item "Session-ID"
984263bc 212the \s-1SSL\s0 session \s-1ID\s0 in hex format.
8b0cefbb
JR
213.IP "\fBSession-ID-ctx\fR" 4
214.IX Item "Session-ID-ctx"
984263bc 215the session \s-1ID\s0 context in hex format.
8b0cefbb
JR
216.IP "\fBMaster-Key\fR" 4
217.IX Item "Master-Key"
984263bc 218this is the \s-1SSL\s0 session master key.
8b0cefbb
JR
219.IP "\fBKey-Arg\fR" 4
220.IX Item "Key-Arg"
984263bc 221the key argument, this is only used in \s-1SSL\s0 v2.
8b0cefbb
JR
222.IP "\fBStart Time\fR" 4
223.IX Item "Start Time"
984263bc 224this is the session start time represented as an integer in standard Unix format.
8b0cefbb
JR
225.IP "\fBTimeout\fR" 4
226.IX Item "Timeout"
984263bc 227the timeout in seconds.
8b0cefbb
JR
228.IP "\fBVerify return code\fR" 4
229.IX Item "Verify return code"
984263bc
MD
230this is the return code when an \s-1SSL\s0 client certificate is verified.
231.SH "NOTES"
8b0cefbb
JR
232.IX Header "NOTES"
233The \s-1PEM\s0 encoded session format uses the header and footer lines:
984263bc
MD
234.PP
235.Vb 2
e257b235
PA
236\& \-\-\-\-\-BEGIN SSL SESSION PARAMETERS\-\-\-\-\-
237\& \-\-\-\-\-END SSL SESSION PARAMETERS\-\-\-\-\-
984263bc 238.Ve
8b0cefbb
JR
239.PP
240Since the \s-1SSL\s0 session output contains the master key it is possible to read the contents
984263bc
MD
241of an encrypted session using this information. Therefore appropriate security precautions
242should be taken if the information is being output by a \*(L"real\*(R" application. This is
243however strongly discouraged and should only be used for debugging purposes.
244.SH "BUGS"
8b0cefbb 245.IX Header "BUGS"
984263bc
MD
246The cipher and start time should be printed out in human readable form.
247.SH "SEE ALSO"
e3cdf75b 248.IX Header "SEE ALSO"
8b0cefbb 249\&\fIciphers\fR\|(1), \fIs_server\fR\|(1)