[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Feb 6 19:07:06 UTC 2016


The branch master has been updated
       via  6755ff11286b8eb6fdfa17719af9e7bf606bb94b (commit)
      from  0ca2e82ab1575f9c4eed259c4d66ca9372a45bf5 (commit)


- Log -----------------------------------------------------------------
commit 6755ff11286b8eb6fdfa17719af9e7bf606bb94b
Author: A J Mohan Rao <mohan at computer.com>
Date:   Sat Feb 6 23:12:35 2016 +0530

    commands help cleanup
    
    opt_valtype 0 is same as '-' while printing cmd usage
    asn1parse/ca/ciphers help cleanup
    
    Signed-off-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.h          |  5 +++--
 apps/asn1pars.c      |  2 +-
 apps/ca.c            | 14 +++++++++-----
 apps/opt.c           |  1 +
 doc/apps/ca.pod      | 23 +++++++++++++++--------
 doc/apps/ciphers.pod |  4 ----
 6 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/apps/apps.h b/apps/apps.h
index 15a044e..2951fb7 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -356,8 +356,9 @@ typedef struct options_st {
     int retval;
     /*
      * value type: - no value (also the value zero), n number, p positive
-     * number, u unsigned, s string, < input file, > output file, f der/pem
-     * format, F any format identifier.  n and u include zero; p does not.
+     * number, u unsigned, l long, s string, < input file, > output file,
+     * f any format, F der/pem format , E der/pem/engine format identifier.
+     * l, n and u include zero; p does not.
      */
     int valtype;
     const char *helpstr;
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 6f88a1d..f7fa8f3 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -81,7 +81,7 @@ OPTIONS asn1parse_options[] = {
     {"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
     {"in", OPT_IN, '<', "input file"},
     {"out", OPT_OUT, '>', "output file (output format is always DER)"},
-    {"i", OPT_INDENT, 0, "entries"},
+    {"i", OPT_INDENT, 0, "indents the output"},
     {"noout", OPT_NOOUT, 0, "don't produce any output"},
     {"offset", OPT_OFFSET, 'p', "offset into file"},
     {"length", OPT_LENGTH, 'p', "length of section in file"},
diff --git a/apps/ca.c b/apps/ca.c
index 59fcea2..8658b2d 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -209,7 +209,8 @@ OPTIONS ca_options[] = {
     {"name", OPT_NAME, 's', "The particular CA definition to use"},
     {"subj", OPT_SUBJ, 's', "Use arg instead of request's subject"},
     {"utf8", OPT_UTF8, '-', "Input characters are UTF8 (default ASCII)"},
-    {"create_serial", OPT_CREATE_SERIAL, '-'},
+    {"create_serial", OPT_CREATE_SERIAL, '-',
+    "If reading serial fails, create a new random serial"},
     {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
      "Enable support for multivalued RDNs"},
     {"startdate", OPT_STARTDATE, 's', "Cert notBefore, YYMMDDHHMMSSZ"},
@@ -253,10 +254,13 @@ OPTIONS ca_options[] = {
     {"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
     {"crlexts", OPT_CRLEXTS, 's',
      "CRL extension section (override value in config file)"},
-    {"crl_reason", OPT_CRL_REASON, 's'},
-    {"crl_hold", OPT_CRL_HOLD, 's'},
-    {"crl_compromise", OPT_CRL_COMPROMISE, 's'},
-    {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's'},
+    {"crl_reason", OPT_CRL_REASON, 's', "revocation reason"},
+    {"crl_hold", OPT_CRL_HOLD, 's',
+     "the hold instruction, an OID. Sets revocation reason to certificateHold"},
+    {"crl_compromise", OPT_CRL_COMPROMISE, 's',
+     "sets compromise time to val and the revocation reason to keyCompromise"},
+    {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's',
+     "sets compromise time to val and the revocation reason to CACompromise"},
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
diff --git a/apps/opt.c b/apps/opt.c
index badff26..49db5b6 100644
--- a/apps/opt.c
+++ b/apps/opt.c
@@ -815,6 +815,7 @@ int opt_num_rest(void)
 static const char *valtype2param(const OPTIONS *o)
 {
     switch (o->valtype) {
+    case 0:
     case '-':
         return "";
     case 's':
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 73b6d22..c2acd72 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -50,6 +50,7 @@ B<openssl> B<ca>
 [B<-engine id>]
 [B<-subj arg>]
 [B<-utf8>]
+[B<-create_serial>]
 [B<-multivalue-rdn>]
 
 =head1 DESCRIPTION
@@ -65,6 +66,14 @@ The options descriptions will be divided into each purpose.
 
 =over 4
 
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+this prints extra details about the operations being performed.
+
 =item B<-config filename>
 
 specifies the configuration file to use.
@@ -144,14 +153,6 @@ self-signed certificate.
 the key password source. For more information about the format of B<arg>
 see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
 =item B<-notext>
 
 don't output the text form of a certificate to the output file.
@@ -249,6 +250,12 @@ default they are interpreted as ASCII. This means that the field
 values, whether prompted from a terminal or obtained from a
 configuration file, must be valid UTF8 strings.
 
+=item B<-create_serial>
+
+if reading serial from the text file as specified in the configuration
+fails, specifying this option creates a new random serial to be used as next
+serial number.
+
 =item B<-multivalue-rdn>
 
 This option causes the -subj argument to be interpreted with full
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 9029ada..066f1e6 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -74,10 +74,6 @@ List the ciphers which would be used if TLS v1.2 was negotiated.
 precede each ciphersuite by its standard name: only available is OpenSSL
 is built with tracing enabled (B<enable-ssl-trace> argument to Configure).
 
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
 =item B<cipherlist>
 
 a cipher list to convert to a cipher preference list. If it is not included


More information about the openssl-commits mailing list