| Age | Commit message (Collapse) | Author |
|---|
|
ok inoguchi@ tb@
|
|
ok inoguchi jmc kn
|
|
(audio.4 tweaked from that submitted)
|
|
and testing purposes.
ok beck inoguchi jsing
|
|
|
|
|
|
ok jmc@
|
|
ok jsing@ tb@
|
|
document it and deprecate "openssl s_server -named_curve".
While here, fix the error in the synopsis for "openssl s_client -groups"
and use unified argument naming and similar wording like
in SSL_CTX_set1_groups_list(3).
OK jsing@
|
|
Allow semantic lookup by manually tagging sections (.Sh) for which no
automatic tagging has been implemented; this thereby also eliminates false
positives such that ":tx509<Enter>" now jumps to the X509 section.
feedback remi inoguchi schwarze
OK tb
|
|
Also stop using version pinned methods, instead setting the min and max
protocol versions.
Requested by inoguchi@
ok inoguchi@ tb@
|
|
md, to hint that it might not always be the case (e.g. if dealing with
files from a different version of the tool). ok tb@
|
|
changed from md5 to sha256. Update manual to reflect that.
From Fabio Scotoni
ok jmc
|
|
ok and comments jmc@
|
|
ok jmc@
|
|
on html or groff. the solution, to replace the non-standard .nr macros
with a hang list, was provided by ingo - thanks!
ok schwarze
|
|
ok schwarze@
|
|
- s/outputed/outputted/
- s/trused/trusted/
- add der as argument and describe pem is the default
|
|
- Add undocumented options below.
-alpn, -cert2, -certform, -dcertform, -dkeyform, -dpass, -dtls1, -key2,
-keyform, -keymatexport, -keymatexportlen, -mtu, -named_curve, -no_cache,
-no_ecdhe, -no_ticket, -pass, -port, -servername, -servername_fatal,
-status, -status_timeout, -status_url, -status_verbose, -timeout,
-tlsextdebug, -use_srtp, -verify_return_error
- Remove -hack, -psk and -psk_hint since not exist in source code.
I didn't add these 5 options since these were no-op.
-chain, -legacy_renegotiation, -nextprotoneg, -no_comp, -no_ssl2
This option was removed from manual in the past.
-no_ssl3
ok and suggestions from jmc@
|
|
- Add undocumented options below.
-alpn, -certform, -dtls1, -host, -keyform, -keymatexport, -keymatexportlen,
-legacy_server_connect, -mtu, -no_ign_eof, -no_legacy_server_connect, -pass
-port, -serverpref, -sess_in, -sess_out, -status, -timeout, -use_srtp,
-verify_return_error
- Remove -psk and -psk_identity since not exist in source code.
I didn't add these 4 options since these were no-op.
-nextprotoneg, -legacy_renegotiation, -no_comp, -no_ssl2
This option was removed from manual in the past.
-no_ssl3
ok jmc@
|
|
Add missing -camellia*/-idea description to genrsa section.
ok jmc@
|
|
- dsa : add missing -pvk-none, -pvk-strong and -pvk-weak
add pvk format to -inform and -outform
- ocsp : add missing -header, -ignore_err, -no_explicit and -timeout
- rsa : add missing -pvk-none, -pvk-strong and -pvk-weak
add missing -RSAPublicKey_in and -RSAPublicKey_out
add pvk format to -inform and -outform
- smime : add missing -nosmimecap
- add pvk description at common format part
ok jmc@
|
|
- For pkcs12, add -camellia*/-idea, -LMK and -password
- For req, add -multivalue-rdn, -pkeyopt and -sigopt
- For verify, add -CRLfile and -trusted, and down -check_ss_sig description
- For x509, add -next_serial and -sigopt
- Remove the escape in -multivalue-rdn from ca section
ok jmc@
|
|
- For ec, add -param_out description
- For enc, add -v usage and description
- For pkcs7, add -print usage and description
ok jmc@
|
|
- Add undocumented option -r
ok jmc@
|
|
- Add undocumented options -crlnumber, -hash_old, -nameopt and -verify
ok jmc@
|
|
- Add undocumented options -crlsec and -sigopt
- Sync argument name between usage and options description
ok jmc@
|
|
|
|
- Adapt openssl(1) gendsa command to new option handling.
- Add lacking ciphers and passout description in openssl.1 manpage.
- Describe paramfile as argument in openssl.1 manpage.
ok bcook@
|
|
ok jsing, "looks good!" jmc
|
|
|
|
ok deraadt@
|
|
|
|
|
|
to uncompressed rather than compressed.
From Jacqueline Jolicoeur
|
|
are no longer supported. Remove their documentation.
ok jsing
|
|
because it was (1) woefully incomplete, (2) partially outdated
and wrong, (3) in parts imprecisely worded and hard to understand,
(4) excessively technical for a section 1 manual, (5) of excessive
size for this particular page, (6) and didn't belong here in the
first place because it essentially tried to document a C API -
SSL_CTX_set_cipher_list(3), which is now documented, so point to it.
|
|
* Remove -tls1 option which has no effect.
* For -V, sort the fields in the order they are printed, and do not
talk about key size restrictions, nothing like that is printed.
|
|
Some options were missing, some were in the wrong section (CRL-related
or not), and there were some minor errors, typos, and omissions.
|
|
resulting fixes: markup of "command" below SYNOPSIS and links to the
config file formats below SEE ALSO
|
|
from matt schwartz
|
|
are otherwise optional
diff from holger mikolon, tweaked a bit by me
|
|
|
|
|
|
from "fenderq" on freenode via tj
|
|
|
|
|
|
|
|
|
|
|
