buggy gnutls-cli -h output on w32 builds [was: Re: gnutls4win for 2.12.x or 3.x?]

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Dec 3 23:27:40 CET 2012

Thanks for the pointer, Nikos.  I've tried these out now.  It looks like
someone is wrong with the -h output, which looks like the transcript below.

I hope this is a useful report.  my debugging skills on windows are
extremely rusty.



> C:\Documents and Settings\dkg\Desktop\gnutls\bin>gnutls-cli.exe -h
> gnutls-cli - GnuTLS client - Ver. 3.0.22
> USAGE:  gnutls-cli.exe [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [hostname]
>    -d, --$s$s                 Enable debugging.
>                                 - It must be in the range:
>                                   0 to 9999
>    -V, --$s$s                 More verbose output
>                                 - may appear multiple times
>        --$s$s                 Enable trust on first use authentication
>                                 - disabled as --no-tofu
>        --$s$s                 Enable OCSP certificate verification
>                                 - disabled as --no-ocsp
>    -r, --$s$s                 Establish a session and resume
>    -e, --$s$s                 Establish a session and rehandshake
>        --$s$s                 Don't accept session tickets
>    -s, --$s$s                 Connect, establish a plain session and start TLS.
>    -u, --$s$s                 Use DTLS (datagram TLS) over UDP
>        --$s$s                 Set MTU for datagram TLS
>                                 - It must be in the range:
>                                   0 to 17000
>        --$s$s                 Send CR LF instead of LF
>        --$s$s                 Use DER format for certificates to read from
>    -f, --$s$s                 Send the openpgp fingerprint, instead of the key
>        --$s$s                 Disable all the TLS extensions
>        --$s$s                 Print peer's certificate in PEM format
>        --$s$s                 The maximum record size to advertize
>                                 - It must be in the range:
>                                   0 to 4096
>        --$s$s                 Priorities string
>        --$s$s                 Certificate file or PKCS #11 URL to use
>        --$s$s                 CRL file to use
>                                 - file must pre-exist
>        --$s$s                 PGP Key file to use
>                                 - file must pre-exist
>        --$s$s                 PGP Key ring file to use
>                                 - file must pre-exist
>        --$s$s                 PGP Public Key (certificate) file to use
>                                 - file must pre-exist
>        --$s$s                 X.509 key file or PKCS #11 URL to use
>        --$s$s                 X.509 Certificate file or PKCS #11 URL to use
>        --$s$s                 PGP subkey to use (hex or auto)
>        --$s$s                 SRP username to use
>        --$s$s                 SRP password to use
>        --$s$s                 PSK username to use
>        --$s$s                 PSK key (in hex) to use
>    -p, --$s$s                 The port or service to connect to
>        --$s$s                 Don't abort program if server certificate can't be
>  validated
>        --$s$s                 Benchmark individual ciphers
>        --$s$s                 Benchmark individual software ciphers (no hw accel
> eration)
>        --$s$s                 Benchmark ciphers and key exchange methods in TLS
>    -l, --$s$s                 Print a list of the supported algorithms and modes
>    -v, --$s$s                 Output version information and exit
>    -h, --$s$s                 Display extended usage information and exit
> Options are specified by doubled hyphens and their name or by a single
> hyphen and the flag character.
> Operands and options may be intermixed.  They will be reordered.
> Simple client program to set up a TLS connection to some other computer.  It
> sets up a TLS connection and forwards data from the standard input to the
> secured socket and vice versa.
> please send bug reports to:  bug-gnutls at gnu.org

More information about the Gnutls-help mailing list