1gnutls-cli-debug(1) User Commands gnutls-cli-debug(1)
2
3
4
6 gnutls-cli-debug - GnuTLS debug client
7
9 gnutls-cli-debug [-flags] [-flag [value]] [--option-name[[=| ]value]]
10
11 Operands and options may be intermixed. They will be reordered.
12
13
15 TLS debug client. It sets up multiple TLS connections to a server and
16 queries its capabilities. It was created to assist in debugging GnuTLS,
17 but it might be useful to extract a TLS server's capabilities. It con‐
18 nects to a TLS server, performs tests and print the server's capabili‐
19 ties. If called with the `-v' parameter more checks will be performed.
20 Can be used to check for servers with special needs or bugs.
21
23 -d number, --debug=number
24 Enable debugging. This option takes an integer number as its
25 argument. The value of number is constrained to being:
26 in the range 0 through 9999
27
28 Specifies the debug level.
29
30 -V, --verbose
31 More verbose output. This option may appear an unlimited number
32 of times.
33
34
35 -p number, --port=number
36 The port to connect to. This option takes an integer number as
37 its argument. The value of number is constrained to being:
38 in the range 0 through 65536
39
40
41 --app-proto=string
42 The application protocol to be used to obtain the server's cer‐
43 tificate (https, ftp, smtp, imap).
44
45
46 -h, --help
47 Display usage information and exit.
48
49 -!, --more-help
50 Pass the extended usage information through a pager.
51
52 -v [{v|c|n --version [{v|c|n}]}]
53 Output version of program and exit. The default mode is `v', a
54 simple version. The `c' mode will print copyright information
55 and `n' will print the full copyright notice.
56
58 $ ../src/gnutls-cli-debug localhost
59 Resolving 'localhost'...
60 Connecting to '127.0.0.1:443'...
61 Checking for SSL 3.0 support... yes
62 Checking whether %COMPAT is required... no
63 Checking for TLS 1.0 support... yes
64 Checking for TLS 1.1 support... no
65 Checking fallback from TLS 1.1 to... TLS 1.0
66 Checking for TLS 1.2 support... no
67 Checking whether we need to disable TLS 1.0... N/A
68 Checking for Safe renegotiation support... yes
69 Checking for Safe renegotiation support (SCSV)... yes
70 Checking for HTTPS server name... not checked
71 Checking for version rollback bug in RSA PMS... no
72 Checking for version rollback bug in Client Hello... no
73 Checking whether the server ignores the RSA PMS version... no
74 Checking whether the server can accept Hello Extensions... yes
75 Checking whether the server can accept small records (512 bytes)... yes
76 Checking whether the server can accept cipher suites not in SSL 3.0 spec... yes
77 Checking whether the server can accept a bogus TLS record version in the client hello... yes
78 Checking for certificate information... N/A
79 Checking for trusted CAs... N/A
80 Checking whether the server understands TLS closure alerts... partially
81 Checking whether the server supports session resumption... yes
82 Checking for export-grade ciphersuite support... no
83 Checking RSA-export ciphersuite info... N/A
84 Checking for anonymous authentication support... no
85 Checking anonymous Diffie-Hellman group info... N/A
86 Checking for ephemeral Diffie-Hellman support... no
87 Checking ephemeral Diffie-Hellman group info... N/A
88 Checking for ephemeral EC Diffie-Hellman support... yes
89 Checking ephemeral EC Diffie-Hellman group info...
90 Curve SECP256R1
91 Checking for AES-GCM cipher support... no
92 Checking for AES-CBC cipher support... yes
93 Checking for CAMELLIA cipher support... no
94 Checking for 3DES-CBC cipher support... yes
95 Checking for ARCFOUR 128 cipher support... yes
96 Checking for ARCFOUR 40 cipher support... no
97 Checking for MD5 MAC support... yes
98 Checking for SHA1 MAC support... yes
99 Checking for SHA256 MAC support... no
100 Checking for ZLIB compression support... no
101 Checking for max record size... no
102 Checking for OpenPGP authentication support... no
103
105 One of the following exit values will be returned:
106
107 0 (EXIT_SUCCESS)
108 Successful program execution.
109
110 1 (EXIT_FAILURE)
111 The operation failed or the command syntax was not valid.
112
113 70 (EX_SOFTWARE)
114 libopts had an internal operational error. Please report it to
115 autogen-users@lists.sourceforge.net. Thank you.
116
118 gnutls-cli(1), gnutls-serv(1)
119
121 Nikos Mavrogiannopoulos, Simon Josefsson and others; see
122 /usr/share/doc/gnutls/AUTHORS for a complete list.
123
125 Copyright (C) 2000-2018 Free Software Foundation, and others all rights
126 reserved. This program is released under the terms of the GNU General
127 Public License, version 3 or later.
128
130 Please send bug reports to: bugs@gnutls.org
131
133 This manual page was AutoGen-erated from the gnutls-cli-debug option
134 definitions.
135
136
137
1383.3.29 16 Feb 2018 gnutls-cli-debug(1)