TLS-SRP: new options documented

2 files changed, 39 insertions, 1 deletions

diff --git a/docs/curl.1 b/docs/curl.1
index a1027004a..f1fe1b9a9 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -1270,6 +1270,19 @@ default 512 bytes will be used.
 If this option is used several times, the last one will be used.
 
 (Added in 7.20.0)
+.IP "--tlsauthtype <authtype>"
+Set TLS authentication type. Currently, the only supported option is "SRP",
+for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
+specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
+(Added in 7.21.4)
+.IP "--tlsuser <user>"
+Set username for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set.  (Added in
+7.21.4)
+.IP "--tlspassword <password>"
+Set password for use with the TLS authentication method specified with
+\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set.  (Added in
+7.21.4)
 .IP "-T/--upload-file <file>"
 This transfers the specified local file to the remote URL. If there is no file
 part in the specified URL, Curl will append the local file name. NOTE that you
@@ -1396,6 +1409,8 @@ This curl supports IDN - international domain names.
 .IP "SSPI"
 SSPI is supported. If you use NTLM and set a blank user name, curl will
 authenticate with your current user and password.
+.IP "TLS-SRP"
+SRP (Secure Remote Password) authentication is supported for TLS.
 .RE
 .IP "-w/--write-out <format>"
 Defines what to display on stdout after a completed and successful
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 8c772c6e5..7f3e27dd1 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -870,6 +870,29 @@ This is a meta symbol. Or this value together with a single specific auth
 value to force libcurl to probe for un-restricted auth and if not, only that
 single auth algorithm is acceptable. (Added in 7.21.3)
 .RE
+.IP CURLOPT_TLSAUTH_TYPE
+Pass a long as parameter, which is set to a bitmask, to tell libcurl which
+authentication method(s) you want it to use for TLS authentication.
+.RS
+.IP CURLOPT_TLSAUTH_SRP
+TLS-SRP authentication. Secure Remote Password authentication for TLS is
+defined in RFC 5054 and provides mutual authentication if both sides have a
+shared secret. To use TLS-SRP, you must also set the
+\fICURLOPT_TLSAUTH_USERNAME\fP and \fICURLOPT_TLSAUTH_PASSWORD\fP options.
+
+You need to build libcurl with GnuTLS and with TLS-SRP support for this to
+work. (Added in 7.21.4)
+.RE
+.IP CURLOPT_TLSAUTH_USERNAME
+Pass a char * as parameter, which should point to the zero-terminated username
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
+\fICURLOPT_TLS_PASSWORD\fP option also be set. (Added in 7.21.4)
+.IP CURLOPT_TLSAUTH_PASSWORD
+Pass a char * as parameter, which should point to the zero-terminated password
+to use for the TLS authentication method specified with the
+\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the
+\fICURLOPT_TLS_USERNAME\fP option also be set. (Added in 7.21.4)
 .IP CURLOPT_PROXYAUTH
 Pass a long as parameter, which is set to a bitmask, to tell libcurl which
 authentication method(s) you want it to use for your proxy authentication.  If