-
Notifications
You must be signed in to change notification settings - Fork 183
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
net-proxy/yass: add 1.10.2-r1 and 1.9.6-r1
update manpages.
- Loading branch information
1 parent
5f4cff3
commit 7ed8dbe
Showing
3 changed files
with
183 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,181 @@ | ||
From 79829ce2b3edbd65c316adcf2186e68ddb5220c5 Mon Sep 17 00:00:00 2001 | ||
From: Keeyou <keeyou-cn@outlook.com> | ||
Date: Fri, 24 May 2024 09:49:15 +0800 | ||
Subject: [PATCH] cli: update manpages (trivial) | ||
|
||
--- | ||
doc/yass_cli.1 | 5 ++++- | ||
doc/yass_cli.md | 5 ++++- | ||
doc/yass_server.1 | 8 ++++---- | ||
doc/yass_server.md | 8 ++++---- | ||
src/config/config.cpp | 8 ++++---- | ||
src/config/config_tls.cpp | 14 ++++++++++---- | ||
6 files changed, 30 insertions(+), 18 deletions(-) | ||
|
||
diff --git a/doc/yass_cli.1 b/doc/yass_cli.1 | ||
index fa58ebe4..bbf7884b 100644 | ||
--- a/doc/yass_cli.1 | ||
+++ b/doc/yass_cli.1 | ||
@@ -17,7 +17,7 @@ See \fIhttps://github\.com/Chilledheart/yass/wiki/Usage\fR\. | ||
Use specified \fIfile\fR as config file\. | ||
.TP | ||
\fB\-\-limit_rate\fR \fIrate\fR | ||
-Limits the \fIrate\fR of response transmission to a client\. Uint can be \fB(none)\fR, \fBk\fR, \fBm\fR\. | ||
+Limits the \fIrate\fR of response transmission to a client\. Uint can be \fB(none)\fR, \fBk\fR and \fBm\fR\. | ||
.TP | ||
\fB\-\-ipv6_mode\fR | ||
Enable IPv6 support\. | ||
@@ -71,6 +71,9 @@ Tells where to use the specified certificate \fIfile\fR to verify the peer\. | ||
\fB\-\-capath\fR \fIdir\fR | ||
Tells where to use the specified certificate \fIdir\fR to verify the peer\. | ||
.TP | ||
+\fB\-\-certificate_chain_file\fR \fIfile\fR | ||
+Use custom certificate chain provided by \fIfile\fR to verify server\'s certificate (optional by https and http2)\. | ||
+.TP | ||
\fB\-k\fR, \fB\-\-insecure_mode\fR | ||
This option makes to skip the verification step and proceed without checking\. | ||
.TP | ||
diff --git a/doc/yass_cli.md b/doc/yass_cli.md | ||
index b12eaf16..f93ff1d3 100644 | ||
--- a/doc/yass_cli.md | ||
+++ b/doc/yass_cli.md | ||
@@ -24,7 +24,7 @@ See <https://github.com/Chilledheart/yass/wiki/Usage>. | ||
Use specified _file_ as config file. | ||
|
||
* `--limit_rate` _rate_: | ||
- Limits the _rate_ of response transmission to a client. Uint can be `(none)`, `k`, `m`. | ||
+ Limits the _rate_ of response transmission to a client. Uint can be `(none)`, `k` and `m`. | ||
|
||
* `--ipv6_mode`: | ||
Enable IPv6 support. | ||
@@ -85,6 +85,9 @@ See <https://github.com/Chilledheart/yass/wiki/Usage>. | ||
* `--capath` _dir_: | ||
Tells where to use the specified certificate _dir_ to verify the peer. | ||
|
||
+* `--certificate_chain_file` _file_: | ||
+ Use custom certificate chain provided by _file_ to verify server's certificate (optional by https and http2). | ||
+ | ||
* `-k`, `--insecure_mode`: | ||
This option makes to skip the verification step and proceed without checking. | ||
|
||
diff --git a/doc/yass_server.1 b/doc/yass_server.1 | ||
index b09a57b2..a7147984 100644 | ||
--- a/doc/yass_server.1 | ||
+++ b/doc/yass_server.1 | ||
@@ -17,7 +17,7 @@ See \fIhttps://github\.com/Chilledheart/yass/wiki/Usage\fR\. | ||
Use specified \fIfile\fR as config file\. | ||
.TP | ||
\fB\-\-limit_rate\fR \fIrate\fR | ||
-Limits the \fIrate\fR of response transmission to a client\. Uint can be \fB(none)\fR, \fBk\fR, \fBm\fR\. | ||
+Limits the \fIrate\fR of response transmission to a client\. Uint can be \fB(none)\fR, \fBk\fR and \fBm\fR\. | ||
.TP | ||
\fB\-\-ipv6_mode\fR | ||
Enable IPv6 support\. | ||
@@ -72,13 +72,13 @@ Tells where to use the specified certificate \fIfile\fR to verify the peer\. | ||
Tells where to use the specified certificate \fIdir\fR to verify the peer\. | ||
.TP | ||
\fB\-\-certificate_chain_file\fR \fIfile\fR | ||
-Certificate Chain \fIfile\fR (required by https and http2)\. | ||
+Use custom certificate chain provided by \fIfile\fR to verify server\'s private key (required by https and http2)\. | ||
.TP | ||
\fB\-\-private_key_file\fR \fIfile\fR | ||
-Private Key \fIfile\fR (required by https and http2)\. | ||
+Use custom private key provided by \fIfile\fR to secure connection between server and client (required by https and http2)\. | ||
.TP | ||
\fB\-\-private_key_password\fR \fIpassword\fR | ||
-Private Key \fIpassword\fR (required by https and http2)\. | ||
+Use custom private key password provided by \fIpassword\fR to decrypt server\'s encrypted private key\. | ||
.TP | ||
\fB\-\-user\fR \fIuser\fR | ||
Set non\-privileged user for worker\. | ||
diff --git a/doc/yass_server.md b/doc/yass_server.md | ||
index 92a3bb07..7aa01d3c 100644 | ||
--- a/doc/yass_server.md | ||
+++ b/doc/yass_server.md | ||
@@ -24,7 +24,7 @@ See <https://github.com/Chilledheart/yass/wiki/Usage>. | ||
Use specified _file_ as config file. | ||
|
||
* `--limit_rate` _rate_: | ||
- Limits the _rate_ of response transmission to a client. Uint can be `(none)`, `k`, `m`. | ||
+ Limits the _rate_ of response transmission to a client. Uint can be `(none)`, `k` and `m`. | ||
|
||
* `--ipv6_mode`: | ||
Enable IPv6 support. | ||
@@ -85,13 +85,13 @@ See <https://github.com/Chilledheart/yass/wiki/Usage>. | ||
Tells where to use the specified certificate _dir_ to verify the peer. | ||
|
||
* `--certificate_chain_file` _file_: | ||
- Certificate Chain _file_ (required by https and http2). | ||
+ Use custom certificate chain provided by _file_ to verify server's private key (required by https and http2). | ||
|
||
* `--private_key_file` _file_: | ||
- Private Key _file_ (required by https and http2). | ||
+ Use custom private key provided by _file_ to secure connection between server and client (required by https and http2). | ||
|
||
* `--private_key_password` _password_: | ||
- Private Key _password_ (required by https and http2). | ||
+ Use custom private key password provided by _password_ to decrypt server's encrypted private key. | ||
|
||
* `--user` _user_: | ||
Set non-privileged user for worker. | ||
diff --git a/src/config/config.cpp b/src/config/config.cpp | ||
index e3d76ca3..ddda2fab 100644 | ||
--- a/src/config/config.cpp | ||
+++ b/src/config/config.cpp | ||
@@ -346,7 +346,7 @@ void SetClientUsageMessage(std::string_view exec_path) { | ||
--use_ca_bundle_crt Use builtin ca-bundle.crt instead of system CA store | ||
--cacert <file> Tells where to use the specified certificate file to verify the peer | ||
--capath <dir> Tells where to use the specified certificate dir to verify the peer | ||
- --certificate_chain_file <file> Specify Certificate Chain File Path | ||
+ --certificate_chain_file <file> Use custom certificate chain file to verify server's certificate | ||
-k, --insecure_mode Skip the verification step and proceed without checking | ||
--tls13_early_data Enable 0RTTI Early Data | ||
--enable_post_quantum_kyber Enable post-quantum secure TLS key encapsulation mechanism X25519Kyber768, based on a NIST standard (ML-KEM) | ||
@@ -366,9 +366,9 @@ void SetServerUsageMessage(std::string_view exec_path) { | ||
--use_ca_bundle_crt Use builtin ca-bundle.crt instead of system CA store | ||
--cacert <file> Tells where to use the specified certificate file to verify the peer | ||
--capath <dir> Tells where to use the specified certificate dir to verify the peer | ||
- --certificate_chain_file <file> Specify Certificate Chain File Path | ||
- --private_key_file <file> Specify Private Key File Path | ||
- --private_key_password <password> Specify Private Key Password | ||
+ --certificate_chain_file <file> Use custom certificate chain file to verify server's certificate | ||
+ --private_key_file <file> Use custom private key file to secure connection between server and client | ||
+ --private_key_password <password> Use custom private key password to decrypt server's encrypted private key | ||
--tls13_early_data Enable 0RTTI Early Data | ||
)")); | ||
} | ||
diff --git a/src/config/config_tls.cpp b/src/config/config_tls.cpp | ||
index 02df03ba..65fd67a8 100644 | ||
--- a/src/config/config_tls.cpp | ||
+++ b/src/config/config_tls.cpp | ||
@@ -10,9 +10,15 @@ | ||
std::string g_certificate_chain_content; | ||
std::string g_private_key_content; | ||
|
||
-ABSL_FLAG(std::string, certificate_chain_file, "", "Certificate Chain File Path (Both of Server and Client)"); | ||
-ABSL_FLAG(std::string, private_key_file, "", "Private Key File Path (Server Only)"); | ||
-ABSL_FLAG(std::string, private_key_password, "", "Private Key Password (Server Only)"); | ||
+ABSL_FLAG(std::string, certificate_chain_file, "", "Use custom certificate chain file to verify server's certificate"); | ||
+ABSL_FLAG(std::string, | ||
+ private_key_file, | ||
+ "", | ||
+ "Use custom private key file to secure connection between server and client"); | ||
+ABSL_FLAG(std::string, | ||
+ private_key_password, | ||
+ "", | ||
+ "Use custom private key password to decrypt server's encrypted private key"); | ||
ABSL_FLAG(bool, | ||
insecure_mode, | ||
false, | ||
@@ -22,7 +28,7 @@ ABSL_FLAG(std::string, | ||
getenv("YASS_CA_BUNDLE") ? getenv("YASS_CA_BUNDLE") : "", | ||
"Tells where to use the specified certificate file to verify the peer. " | ||
"You can override it with YASS_CA_BUNDLE environment variable"); | ||
-ABSL_FLAG(std::string, capath, "", "Tells where to use the specified certificate directory to verify the peer."); | ||
+ABSL_FLAG(std::string, capath, "", "Tells where to use the specified certificate directory to verify the peer"); | ||
|
||
ABSL_FLAG(bool, tls13_early_data, true, "Enable 0RTTI Early Data (risk at production)"); | ||
ABSL_FLAG(bool, | ||
-- | ||
2.45.1 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters