generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add references to verify(1) man page for args_verify() options

Browse Source 
cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.
This commit is contained in:
Hubert Kario 2014-06-19 15:34:49 +02:00 committed by Matt Caswell
parent 2866441a90
commit e42d84be33
5 changed files with 160 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
doc/apps/cms.pod
View File

@ -35,7 +35,32 @@ B<openssl> B<cms>
[B<-print>] [B<-print>]
[B<-CAfile file>] [B<-CAfile file>]
[B<-CApath dir>] [B<-CApath dir>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-crl_check>]
[B<-crl_check_all>]
[B<-explicit_policy>]
[B<-extended_crl>]
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
[B<-issuer_checks>]
[B<-partial_chain>]
[B<-policy arg>]
[B<-policy_check>]
[B<-policy_print>]
[B<-purpose purpose>]
[B<-suiteB_128>]
[B<-suiteB_128_only>]
[B<-suiteB_192>]
[B<-trusted_first>] [B<-trusted_first>]
[B<-use_deltas>]
[B<-verify_depth num>]
[B<-verify_email email>]
[B<-verify_hostname hostname>]
[B<-verify_ip ip>]
[B<-verify_name name>]
[B<-x509_strict>]
[B<-md digest>] [B<-md digest>]
[B<-[cipher]>] [B<-[cipher]>]
[B<-nointern>] [B<-nointern>]
@ -430,7 +455,13 @@ portion of a message so they may be included manually. If signing
then many S/MIME mail clients check the signers certificate's email then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address. address matches that specified in the From: address.
=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
B<-verify_name>, B<-x509_strict>
Set various certificate chain valiadition options. See the Set various certificate chain valiadition options. See the
L<B<verify>|verify(1)> manual page for details. L<B<verify>|verify(1)> manual page for details.

35
doc/apps/ocsp.pod
View File

@ -29,7 +29,32 @@ B<openssl> B<ocsp>
[B<-path>] [B<-path>]
[B<-CApath dir>] [B<-CApath dir>]
[B<-CAfile file>] [B<-CAfile file>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-crl_check>]
[B<-crl_check_all>]
[B<-explicit_policy>]
[B<-extended_crl>]
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
[B<-issuer_checks>]
[B<-partial_chain>]
[B<-policy arg>]
[B<-policy_check>]
[B<-policy_print>]
[B<-purpose purpose>]
[B<-suiteB_128>]
[B<-suiteB_128_only>]
[B<-suiteB_192>]
[B<-trusted_first>] [B<-trusted_first>]
[B<-use_deltas>]
[B<-verify_depth num>]
[B<-verify_email email>]
[B<-verify_hostname hostname>]
[B<-verify_ip ip>]
[B<-verify_name name>]
[B<-x509_strict>]
[B<-VAfile file>] [B<-VAfile file>]
[B<-validity_period n>] [B<-validity_period n>]
[B<-status_age n>] [B<-status_age n>]
@ -139,9 +164,15 @@ or "/" by default.
file or pathname containing trusted CA certificates. These are used to verify file or pathname containing trusted CA certificates. These are used to verify
the signature on the OCSP response. the signature on the OCSP response.
=item B<-trusted_first> =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
B<-verify_name>, B<-x509_strict>
Set certificate verification option. Set different certificate verification options.
See L<B<verify>|verify(1)> manual page for details. See L<B<verify>|verify(1)> manual page for details.
=item B<-verify_other file> =item B<-verify_other file>

34
doc/apps/s_client.pod
View File

@ -19,6 +19,32 @@ B<openssl> B<s_client>
[B<-CApath directory>] [B<-CApath directory>]
[B<-CAfile filename>] [B<-CAfile filename>]
[B<-trusted_first>] [B<-trusted_first>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-crl_check>]
[B<-crl_check_all>]
[B<-explicit_policy>]
[B<-extended_crl>]
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
[B<-issuer_checks>]
[B<-partial_chain>]
[B<-policy arg>]
[B<-policy_check>]
[B<-policy_print>]
[B<-purpose purpose>]
[B<-suiteB_128>]
[B<-suiteB_128_only>]
[B<-suiteB_192>]
[B<-trusted_first>]
[B<-use_deltas>]
[B<-verify_depth num>]
[B<-verify_email email>]
[B<-verify_hostname hostname>]
[B<-verify_ip ip>]
[B<-verify_name name>]
[B<-x509_strict>]
[B<-reconnect>] [B<-reconnect>]
[B<-pause>] [B<-pause>]
[B<-showcerts>] [B<-showcerts>]
@ -117,7 +143,13 @@ also used when building the client certificate chain.
A file containing trusted certificates to use during server authentication A file containing trusted certificates to use during server authentication
and to use when attempting to build the client certificate chain. and to use when attempting to build the client certificate chain.
=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
B<-verify_name>, B<-x509_strict>
Set various certificate chain valiadition options. See the Set various certificate chain valiadition options. See the
L<B<verify>|verify(1)> manual page for details. L<B<verify>|verify(1)> manual page for details.

32
doc/apps/s_server.pod
View File

@ -34,7 +34,30 @@ B<openssl> B<s_server>
[B<-state>] [B<-state>]
[B<-CApath directory>] [B<-CApath directory>]
[B<-CAfile filename>] [B<-CAfile filename>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-explicit_policy>]
[B<-extended_crl>]
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
[B<-issuer_checks>]
[B<-partial_chain>]
[B<-policy arg>]
[B<-policy_check>]
[B<-policy_print>]
[B<-purpose purpose>]
[B<-suiteB_128>]
[B<-suiteB_128_only>]
[B<-suiteB_192>]
[B<-trusted_first>] [B<-trusted_first>]
[B<-use_deltas>]
[B<-verify_depth num>]
[B<-verify_email email>]
[B<-verify_hostname hostname>]
[B<-verify_ip ip>]
[B<-verify_name name>]
[B<-x509_strict>]
[B<-nocert>] [B<-nocert>]
[B<-cipher cipherlist>] [B<-cipher cipherlist>]
[B<-quiet>] [B<-quiet>]
@ -184,9 +207,14 @@ and to use when attempting to build the server certificate chain. The list
is also used in the list of acceptable client CAs passed to the client when is also used in the list of acceptable client CAs passed to the client when
a certificate is requested. a certificate is requested.
=item B<-trusted_first> =item B<-attime>, B<-check_ss_sig>, B<explicit_policy>, B<-extended_crl>,
B<-ignore_critical>, B<-inhibit_any>, B<-inhibit_map>, B<-issuer_checks>,
B<-partial_chain>, B<-policy>, B<-policy_check>, B<-policy_print>, B<-purpose>,
B<-suiteB_128>, B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>,
B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
B<-verify_ip>, B<-verify_name>, B<-x509_strict>
Set certificate verification option. Set different peer certificate verification options.
See the L<B<verify>|verify(1)> manual page for details. See the L<B<verify>|verify(1)> manual page for details.
=item B<-state> =item B<-state>

33
doc/apps/smime.pod
View File

@ -17,7 +17,32 @@ B<openssl> B<smime>
[B<-in file>] [B<-in file>]
[B<-CAfile file>] [B<-CAfile file>]
[B<-CApath dir>] [B<-CApath dir>]
[B<-attime timestamp>]
[B<-check_ss_sig>]
[B<-crl_check>]
[B<-crl_check_all>]
[B<-explicit_policy>]
[B<-extended_crl>]
[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
[B<-issuer_checks>]
[B<-partial_chain>]
[B<-policy arg>]
[B<-policy_check>]
[B<-policy_print>]
[B<-purpose purpose>]
[B<-suiteB_128>]
[B<-suiteB_128_only>]
[B<-suiteB_192>]
[B<-trusted_first>] [B<-trusted_first>]
[B<-use_deltas>]
[B<-verify_depth num>]
[B<-verify_email email>]
[B<-verify_hostname hostname>]
[B<-verify_ip ip>]
[B<-verify_name name>]
[B<-x509_strict>]
[B<-certfile file>] [B<-certfile file>]
[B<-signer file>] [B<-signer file>]
[B<-recip file>] [B<-recip file>]
@ -262,7 +287,13 @@ portion of a message so they may be included manually. If signing
then many S/MIME mail clients check the signers certificate's email then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address. address matches that specified in the From: address.
=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
B<-verify_name>, B<-x509_strict>
Set various options of certificate chain verification. See Set various options of certificate chain verification. See
L<B<verify>|verify(1)> manual page for details. L<B<verify>|verify(1)> manual page for details.