[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Sat Feb 6 19:07:06 UTC 2016
The branch master has been updated
via 6755ff11286b8eb6fdfa17719af9e7bf606bb94b (commit)
from 0ca2e82ab1575f9c4eed259c4d66ca9372a45bf5 (commit)
- Log -----------------------------------------------------------------
commit 6755ff11286b8eb6fdfa17719af9e7bf606bb94b
Author: A J Mohan Rao <mohan at computer.com>
Date: Sat Feb 6 23:12:35 2016 +0530
commands help cleanup
opt_valtype 0 is same as '-' while printing cmd usage
asn1parse/ca/ciphers help cleanup
Signed-off-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/apps.h | 5 +++--
apps/asn1pars.c | 2 +-
apps/ca.c | 14 +++++++++-----
apps/opt.c | 1 +
doc/apps/ca.pod | 23 +++++++++++++++--------
doc/apps/ciphers.pod | 4 ----
6 files changed, 29 insertions(+), 20 deletions(-)
diff --git a/apps/apps.h b/apps/apps.h
index 15a044e..2951fb7 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -356,8 +356,9 @@ typedef struct options_st {
int retval;
/*
* value type: - no value (also the value zero), n number, p positive
- * number, u unsigned, s string, < input file, > output file, f der/pem
- * format, F any format identifier. n and u include zero; p does not.
+ * number, u unsigned, l long, s string, < input file, > output file,
+ * f any format, F der/pem format , E der/pem/engine format identifier.
+ * l, n and u include zero; p does not.
*/
int valtype;
const char *helpstr;
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 6f88a1d..f7fa8f3 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -81,7 +81,7 @@ OPTIONS asn1parse_options[] = {
{"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
{"in", OPT_IN, '<', "input file"},
{"out", OPT_OUT, '>', "output file (output format is always DER)"},
- {"i", OPT_INDENT, 0, "entries"},
+ {"i", OPT_INDENT, 0, "indents the output"},
{"noout", OPT_NOOUT, 0, "don't produce any output"},
{"offset", OPT_OFFSET, 'p', "offset into file"},
{"length", OPT_LENGTH, 'p', "length of section in file"},
diff --git a/apps/ca.c b/apps/ca.c
index 59fcea2..8658b2d 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -209,7 +209,8 @@ OPTIONS ca_options[] = {
{"name", OPT_NAME, 's', "The particular CA definition to use"},
{"subj", OPT_SUBJ, 's', "Use arg instead of request's subject"},
{"utf8", OPT_UTF8, '-', "Input characters are UTF8 (default ASCII)"},
- {"create_serial", OPT_CREATE_SERIAL, '-'},
+ {"create_serial", OPT_CREATE_SERIAL, '-',
+ "If reading serial fails, create a new random serial"},
{"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
"Enable support for multivalued RDNs"},
{"startdate", OPT_STARTDATE, 's', "Cert notBefore, YYMMDDHHMMSSZ"},
@@ -253,10 +254,13 @@ OPTIONS ca_options[] = {
{"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
{"crlexts", OPT_CRLEXTS, 's',
"CRL extension section (override value in config file)"},
- {"crl_reason", OPT_CRL_REASON, 's'},
- {"crl_hold", OPT_CRL_HOLD, 's'},
- {"crl_compromise", OPT_CRL_COMPROMISE, 's'},
- {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's'},
+ {"crl_reason", OPT_CRL_REASON, 's', "revocation reason"},
+ {"crl_hold", OPT_CRL_HOLD, 's',
+ "the hold instruction, an OID. Sets revocation reason to certificateHold"},
+ {"crl_compromise", OPT_CRL_COMPROMISE, 's',
+ "sets compromise time to val and the revocation reason to keyCompromise"},
+ {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's',
+ "sets compromise time to val and the revocation reason to CACompromise"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
diff --git a/apps/opt.c b/apps/opt.c
index badff26..49db5b6 100644
--- a/apps/opt.c
+++ b/apps/opt.c
@@ -815,6 +815,7 @@ int opt_num_rest(void)
static const char *valtype2param(const OPTIONS *o)
{
switch (o->valtype) {
+ case 0:
case '-':
return "";
case 's':
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 73b6d22..c2acd72 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -50,6 +50,7 @@ B<openssl> B<ca>
[B<-engine id>]
[B<-subj arg>]
[B<-utf8>]
+[B<-create_serial>]
[B<-multivalue-rdn>]
=head1 DESCRIPTION
@@ -65,6 +66,14 @@ The options descriptions will be divided into each purpose.
=over 4
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+this prints extra details about the operations being performed.
+
=item B<-config filename>
specifies the configuration file to use.
@@ -144,14 +153,6 @@ self-signed certificate.
the key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
=item B<-notext>
don't output the text form of a certificate to the output file.
@@ -249,6 +250,12 @@ default they are interpreted as ASCII. This means that the field
values, whether prompted from a terminal or obtained from a
configuration file, must be valid UTF8 strings.
+=item B<-create_serial>
+
+if reading serial from the text file as specified in the configuration
+fails, specifying this option creates a new random serial to be used as next
+serial number.
+
=item B<-multivalue-rdn>
This option causes the -subj argument to be interpreted with full
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 9029ada..066f1e6 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -74,10 +74,6 @@ List the ciphers which would be used if TLS v1.2 was negotiated.
precede each ciphersuite by its standard name: only available is OpenSSL
is built with tracing enabled (B<enable-ssl-trace> argument to Configure).
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
=item B<cipherlist>
a cipher list to convert to a cipher preference list. If it is not included
More information about the openssl-commits
mailing list