Add documentation for new s_server/s_client options

Document the new split_send_frag, max_pipelines and read_buf options.
Reviewed-by: NTim Hudson <tjh@openssl.org>

apps/s_client.c

@@ -763,7 +763,7 @@ OPTIONS s_client_options[] = {
     {"async", OPT_ASYNC, '-', "Support asynchronous operation"},
     {"ssl_config", OPT_SSL_CONFIG, 's', "Use specified configuration file"},
     {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n',
-     "Size used to split data for encrypt/decrypt pipelines"},
+     "Size used to split data for encrypt pipelines"},
     {"max_pipelines", OPT_MAX_PIPELINES, 'n',
      "Maximum number of encrypt/decrypt pipelines to be used"},
     {"read_buf", OPT_READ_BUF, 'n',

apps/s_server.c

@@ -943,7 +943,7 @@ OPTIONS s_server_options[] = {
     {"ssl_config", OPT_SSL_CONFIG, 's', \
      "Configure SSL_CTX using the configuration 'val'"},
     {"split_send_frag", OPT_SPLIT_SEND_FRAG, 'n',
-     "Size used to split data for encrypt/decrypt pipelines"},
+     "Size used to split data for encrypt pipelines"},
     {"max_pipelines", OPT_MAX_PIPELINES, 'n',
      "Maximum number of encrypt/decrypt pipelines to be used"},
     {"read_buf", OPT_READ_BUF, 'n',

doc/apps/s_client.pod

@@ -75,6 +75,9 @@ B<openssl> B<s_client>
 [B<-dtls1_2>]
 [B<-fallback_scsv>]
 [B<-async>]
+[B<-split_send_frag>]
+[B<-max_pipelines>]
+[B<-read_buf>]
 [B<-bugs>]
 [B<-comp>]
 [B<-no_comp>]
@@ -338,6 +341,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine
 is also used via the B<-engine> option. For test purposes the dummy async engine
 (dasync) can be used (if available).
 
+=item B<-split_send_frag int>
+
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable ciphersuite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+L<SSL_CTX_set_split_send_fragment(3)> for further information.
+
+=item B<-max_pipelines int>
+
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suiteable ciphersuite has been negotiated. The default value is 1.
+See L<SSL_CTX_set_max_pipelines(3)> for further information.
+
+=item B<-read_buf int>
+
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
+further information).
+
 =item B<-bugs>
 
 there are several known bug in SSL and TLS implementations. Adding this

doc/apps/s_server.pod

@@ -73,6 +73,9 @@ B<openssl> B<s_server>
 [B<-dtls1_2>]
 [B<-listen>]
 [B<-async>]
+[B<-split_send_frag>]
+[B<-max_pipelines>]
+[B<-read_buf>]
 [B<-no_ssl3>]
 [B<-no_tls1>]
 [B<-no_tls1_1>]
@@ -322,6 +325,29 @@ asynchronously. This will only have an effect if an asynchronous capable engine
 is also used via the B<-engine> option. For test purposes the dummy async engine
 (dasync) can be used (if available).
 
+=item B<-split_send_frag int>
+
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable ciphersuite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+L<SSL_CTX_set_split_send_fragment(3)> for further information.
+
+=item B<-max_pipelines int>
+
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suiteable ciphersuite has been negotiated. The default value is 1.
+See L<SSL_CTX_set_max_pipelines(3)> for further information.
+
+=item B<-read_buf int>
+
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see L<SSL_CTX_set_default_read_buffer_len(3)> for
+further information).
+
 =item B<-bugs>
 
 There are several known bug in SSL and TLS implementations. Adding this