===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/openssl.1,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- src/usr.bin/openssl/openssl.1	2014/11/07 13:13:08	1.5
+++ src/usr.bin/openssl/openssl.1	2014/11/23 04:49:46	1.6
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.5 2014/11/07 13:13:08 jsing Exp $
+.\" $OpenBSD: openssl.1,v 1.6 2014/11/23 04:49:46 guenther Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -112,7 +112,7 @@
 .\"
 .\" OPENSSL
 .\"
-.Dd $Mdocdate: November 7 2014 $
+.Dd $Mdocdate: November 23 2014 $
 .Dt OPENSSL 1
 .Os
 .Sh NAME
@@ -6610,6 +6610,8 @@
 .Op Fl no_ssl3
 .Op Fl no_ticket
 .Op Fl no_tls1
+.Op Fl no_tls1_1
+.Op Fl no_tls1_2
 .Op Fl pause
 .Op Fl policy_check
 .Op Fl prexit
@@ -6729,7 +6731,7 @@
 .It Fl nbio_test
 Tests non-blocking I/O.
 .It Xo
-.Fl no_ssl3 | no_tls1 |
+.Fl no_ssl3 | no_tls1 | no_tls1_1 | no_tls1_2 |
 .Fl ssl3 | tls1
 .Xc
 These options disable the use of certain SSL or TLS protocols.
@@ -6835,9 +6837,9 @@
 .Pp
 If the handshake fails, there are several possible causes; if it is
 nothing obvious like no client certificate, then the
-.Fl bugs , ssl3 , tls1 , no_ssl3 ,
+.Fl bugs , ssl3 , tls1 , no_ssl3 , no_tls1 , no_tls1_1 ,
 and
-.Fl no_tls1
+.Fl no_tls1_2
 options can be tried in case it is a buggy server.
 In particular these options should be tried
 .Em before
@@ -6921,6 +6923,8 @@
 .Op Fl no_dhe
 .Op Fl no_ssl3
 .Op Fl no_tls1
+.Op Fl no_tls1_1
+.Op Fl no_tls1_2
 .Op Fl no_tmp_rsa
 .Op Fl nocert
 .Op Fl psk Ar key
@@ -7069,7 +7073,7 @@
 If this option is set, no DH parameters will be loaded, effectively
 disabling the ephemeral DH cipher suites.
 .It Xo
-.Fl no_ssl3 | no_tls1 |
+.Fl no_ssl3 | no_tls1 | no_tls1_1 | no_tls1_2 |
 .Fl ssl3 | tls1
 .Xc
 These options disable the use of certain SSL or TLS protocols.