Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1752658139, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"b50cdd4d5394dd6bcb643e382b968293", "commit": {"type":"commit", "time": 1502717527, "time_ofs": 18446744073709551376, "oid_tree": { "oid": "6386dba01100f9ecde3541db8613d5fa82e26b15", "alias": []}, "oid":{ "oid": "e75138abea25659d304feb880cf54d760245e2f3", "alias": []}, "msg": "Doc fixes", "sig_commit": { "git_time": { "time": 1502717527, "offset": -240 }, "name": "Rich Salz", "email": "rsalz@openssl.org", "md5": "3ed6b9cf7bbe83902a044f6590346d26" }, "sig_author": { "git_time": { "time": 1502717527, "offset": -240 }, "name": "Rich Salz", "email": "rsalz@openssl.org", "md5": "3ed6b9cf7bbe83902a044f6590346d26" }}, "body": "Doc fixes\n\nWrite missing prime.pod and srp.pod\nImplement -c in find-doc-nits (for command options)\nOther fixes to some manpages\nUse B\u003c-I\u003cdigest|cipher\u003e\u003e notation\nSplit up multiple flags into a single entry in the synopsis.\nAdd -1 and missing-help to list command.\n\nReviewed-by: Andy Polyakov \u003cappro@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/4144)\n" , "diff": "diff --git a/apps/openssl.c b/apps/openssl.c\nindex 0518ee6..6f8179d 100644\n--- a/apps/openssl.c\n+++ b/apps/openssl.c\n@@ -52,7 +52,7 @@ static LHASH_OF(FUNCTION) *prog_init(void);\n static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);\n static void list_pkey(void);\n static void list_pkey_meth(void);\n-static void list_type(FUNC_TYPE ft);\n+static void list_type(FUNC_TYPE ft, int one);\n static void list_disabled(void);\n char *default_config_file \u003d NULL;\n \n@@ -292,28 +292,57 @@ static void list_missing_help(void)\n const OPTIONS *o;\n \n for (fp \u003d functions; fp-\u003ename !\u003d NULL; fp++) {\n- if ((o \u003d fp-\u003ehelp) \u003d\u003d NULL) {\n+ if ((o \u003d fp-\u003ehelp) !\u003d NULL) {\n+ /* If there is help, list what flags are not documented. */\n+ for ( ; o-\u003ename !\u003d NULL; o++) {\n+ if (o-\u003ehelpstr \u003d\u003d NULL)\n+ BIO_printf(bio_out, \u0022%s %s\u005cn\u0022, fp-\u003ename, o-\u003ename);\n+ }\n+ } else if (fp-\u003efunc !\u003d dgst_main) {\n+ /* If not aliased to the dgst command, */\n BIO_printf(bio_out, \u0022%s *\u005cn\u0022, fp-\u003ename);\n- continue;\n- }\n- for ( ; o-\u003ename !\u003d NULL; o++) {\n- if (o-\u003ehelpstr \u003d\u003d NULL)\n- BIO_printf(bio_out, \u0022%s %s\u005cn\u0022, fp-\u003ename, o-\u003ename);\n }\n }\n }\n \n+static void list_options_for_command(const char *command)\n+{\n+ const FUNCTION *fp;\n+ const OPTIONS *o;\n+\n+ for (fp \u003d functions; fp-\u003ename !\u003d NULL; fp++)\n+ if (strcmp(fp-\u003ename, command) \u003d\u003d 0)\n+ break;\n+ if (fp-\u003ename \u003d\u003d NULL) {\n+ BIO_printf(bio_err, \u0022Invalid command '%s'; type \u005c\u0022help\u005c\u0022 for a list.\u005cn\u0022,\n+ command);\n+ return;\n+ }\n+\n+ if ((o \u003d fp-\u003ehelp) \u003d\u003d NULL)\n+ return;\n+\n+ for ( ; o-\u003ename !\u003d NULL; o++) {\n+ if (o-\u003ename \u003d\u003d OPT_HELP_STR\n+ || o-\u003ename \u003d\u003d OPT_MORE_STR\n+ || o-\u003ename[0] \u003d\u003d '\u005c0')\n+ continue;\n+ BIO_printf(bio_out, \u0022%s %c\u005cn\u0022, o-\u003ename, o-\u003evaltype);\n+ }\n+}\n+\n \n /* Unified enum for help and list commands. */\n typedef enum HELPLIST_CHOICE {\n- OPT_ERR \u003d -1, OPT_EOF \u003d 0, OPT_HELP,\n- OPT_COMMANDS, OPT_DIGEST_COMMANDS,\n+ OPT_ERR \u003d -1, OPT_EOF \u003d 0, OPT_HELP, OPT_ONE,\n+ OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_OPTIONS,\n OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS,\n OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_MISSING_HELP\n } HELPLIST_CHOICE;\n \n const OPTIONS list_options[] \u003d {\n {\u0022help\u0022, OPT_HELP, '-', \u0022Display this summary\u0022},\n+ {\u00221\u0022, OPT_ONE, '-', \u0022List in one column\u0022},\n {\u0022commands\u0022, OPT_COMMANDS, '-', \u0022List of standard commands\u0022},\n {\u0022digest-commands\u0022, OPT_DIGEST_COMMANDS, '-',\n \u0022List of message digest commands\u0022},\n@@ -330,6 +359,8 @@ const OPTIONS list_options[] \u003d {\n \u0022List of disabled features\u0022},\n {\u0022missing-help\u0022, OPT_MISSING_HELP, '-',\n \u0022List missing detailed help strings\u0022},\n+ {\u0022options\u0022, OPT_OPTIONS, 's',\n+ \u0022List options for specified command\u0022},\n {NULL}\n };\n \n@@ -337,7 +368,7 @@ int list_main(int argc, char **argv)\n {\n char *prog;\n HELPLIST_CHOICE o;\n- int done \u003d 0;\n+ int one \u003d 0, done \u003d 0;\n \n prog \u003d opt_init(argc, argv, list_options);\n while ((o \u003d opt_next()) !\u003d OPT_EOF) {\n@@ -349,17 +380,20 @@ int list_main(int argc, char **argv)\n case OPT_HELP:\n opt_help(list_options);\n break;\n+ case OPT_ONE:\n+ one \u003d 1;\n+ break;\n case OPT_COMMANDS:\n- list_type(FT_general);\n+ list_type(FT_general, one);\n break;\n case OPT_DIGEST_COMMANDS:\n- list_type(FT_md);\n+ list_type(FT_md, one);\n break;\n case OPT_DIGEST_ALGORITHMS:\n EVP_MD_do_all_sorted(list_md_fn, bio_out);\n break;\n case OPT_CIPHER_COMMANDS:\n- list_type(FT_cipher);\n+ list_type(FT_cipher, one);\n break;\n case OPT_CIPHER_ALGORITHMS:\n EVP_CIPHER_do_all_sorted(list_cipher_fn, bio_out);\n@@ -376,6 +410,9 @@ int list_main(int argc, char **argv)\n case OPT_MISSING_HELP:\n list_missing_help();\n break;\n+ case OPT_OPTIONS:\n+ list_options_for_command(opt_arg());\n+ break;\n }\n done \u003d 1;\n }\n@@ -458,18 +495,24 @@ int exit_main(int argc, char **argv)\n return EXIT_THE_PROGRAM;\n }\n \n-static void list_type(FUNC_TYPE ft)\n+static void list_type(FUNC_TYPE ft, int one)\n {\n FUNCTION *fp;\n int i \u003d 0;\n \n- for (fp \u003d functions; fp-\u003ename !\u003d NULL; fp++)\n- if (fp-\u003etype \u003d\u003d ft) {\n- if ((i++ % COLUMNS) \u003d\u003d 0)\n+ for (fp \u003d functions; fp-\u003ename !\u003d NULL; fp++) {\n+ if (fp-\u003etype !\u003d ft)\n+ continue;\n+ if (one) {\n+ BIO_printf(bio_out, \u0022%s\u005cn\u0022, fp-\u003ename);\n+ } else {\n+ if ((i++ % COLUMNS) \u003d\u003d 0 \u0026\u0026 fp !\u003d functions)\n BIO_printf(bio_out, \u0022\u005cn\u0022);\n BIO_printf(bio_out, FORMAT, fp-\u003ename);\n }\n- BIO_printf(bio_out, \u0022\u005cn\u0022);\n+ }\n+ if (!one)\n+ BIO_printf(bio_out, \u0022\u005cn\u0022);\n }\n \n static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])\ndiff --git a/doc/man1/cms.pod b/doc/man1/cms.pod\nindex 33549d4..01e93ac 100644\n--- a/doc/man1/cms.pod\n+++ b/doc/man1/cms.pod\n@@ -67,9 +67,9 @@ B\u003copenssl\u003e B\u003ccms\u003e\n [B\u003c-verify_name name\u003e]\n [B\u003c-x509_strict\u003e]\n [B\u003c-md digest\u003e]\n-[B\u003c-[cipher]\u003e]\n+[B\u003c-I\u003ccipher\u003e\u003e]\n [B\u003c-nointern\u003e]\n-[B\u003c-no_signer_cert_verify\u003e]\n+[B\u003c-noverify\u003e]\n [B\u003c-nocerts\u003e]\n [B\u003c-noattr\u003e]\n [B\u003c-nosmimecap\u003e]\n@@ -298,7 +298,7 @@ Do not load the trusted CA certificates from the default directory location\n Digest algorithm to use when signing or resigning. If not present then the\n default digest algorithm for the signing key will be used (usually SHA1).\n \n-\u003ditem B\u003c-[cipher]\u003e\n+\u003ditem B\u003c-I\u003ccipher\u003e\u003e\n \n The encryption algorithm to use. For example triple DES (168 bits) - B\u003c-des3\u003e\n or 256 bit AES - B\u003c-aes256\u003e. Any standard algorithm name (as used by the\n@@ -316,7 +316,7 @@ the message are searched for the signing certificate. With this option\n only the certificates specified in the B\u003c-certfile\u003e option are used.\n The supplied certificates can still be used as untrusted CAs however.\n \n-\u003ditem B\u003c-no_signer_cert_verify\u003e\n+\u003ditem B\u003c-noverify\u003e\n \n Do not verify the signers certificate of a signed message.\n \ndiff --git a/doc/man1/dgst.pod b/doc/man1/dgst.pod\nindex 0cbcf85..cde3bb1 100644\n--- a/doc/man1/dgst.pod\n+++ b/doc/man1/dgst.pod\n@@ -2,13 +2,14 @@\n \n \u003dhead1 NAME\n \n-dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5, blake2b, blake2s - message digests\n+dgst\n+- perform digest operations\n \n \u003dhead1 SYNOPSIS\n \n-B\u003copenssl\u003e B\u003cdgst\u003e\n-[B\u003c-help\u003e]\n+B\u003copenssl dgst\u003e\n [B\u003c-I\u003cdigest\u003e\u003e]\n+[B\u003c-help\u003e]\n [B\u003c-c\u003e]\n [B\u003c-d\u003e]\n [B\u003c-hex\u003e]\n@@ -28,9 +29,7 @@ B\u003copenssl\u003e B\u003cdgst\u003e\n [B\u003c-engine_impl\u003e]\n [B\u003cfile...\u003e]\n \n-B\u003copenssl\u003e\n-[I\u003cdigest\u003e]\n-[B\u003c...\u003e]\n+B\u003copenssl\u003e I\u003cdigest\u003e [B\u003c...\u003e]\n \n \u003dhead1 DESCRIPTION\n \ndiff --git a/doc/man1/enc.pod b/doc/man1/enc.pod\nindex ad76be0..f7d5e36 100644\n--- a/doc/man1/enc.pod\n+++ b/doc/man1/enc.pod\n@@ -6,7 +6,7 @@ enc - symmetric cipher routines\n \n \u003dhead1 SYNOPSIS\n \n-B\u003copenssl enc -ciphername\u003e\n+B\u003copenssl enc -I\u003ccipher\u003e\u003e\n [B\u003c-help\u003e]\n [B\u003c-ciphers\u003e]\n [B\u003c-in filename\u003e]\n@@ -14,7 +14,8 @@ B\u003copenssl enc -ciphername\u003e\n [B\u003c-pass arg\u003e]\n [B\u003c-e\u003e]\n [B\u003c-d\u003e]\n-[B\u003c-a/-base64\u003e]\n+[B\u003c-a\u003e]\n+[B\u003c-base64\u003e]\n [B\u003c-A\u003e]\n [B\u003c-k password\u003e]\n [B\u003c-kfile filename\u003e]\n@@ -35,6 +36,8 @@ B\u003copenssl enc -ciphername\u003e\n [B\u003c-writerand file\u003e]\n [B\u003c-engine id\u003e]\n \n+B\u003copenssl\u003e I\u003c[cipher]\u003e [B\u003c...\u003e]\n+\n \u003dhead1 DESCRIPTION\n \n The symmetric cipher commands allow data to be encrypted or decrypted\n@@ -184,10 +187,11 @@ This can be used with a subsequent B\u003c-rand\u003e flag.\n \n \u003dhead1 NOTES\n \n-The program can be called either as B\u003copenssl ciphername\u003e or\n-B\u003copenssl enc -ciphername\u003e. The first form doesn't work with\n+The program can be called either as B\u003copenssl cipher\u003e or\n+B\u003copenssl enc -cipher\u003e. The first form doesn't work with\n engine-provided ciphers, because this form is processed before the\n configuration file is read and any ENGINEs loaded.\n+Use the B\u003clist\u003e command to get a list of supported ciphers.\n \n Engines which provide entirely new encryption algorithms (such as the ccgost\n engine which provides gost89 algorithm) should be configured in the\ndiff --git a/doc/man1/genpkey.pod b/doc/man1/genpkey.pod\nindex 8e22ab2..66541d9 100644\n--- a/doc/man1/genpkey.pod\n+++ b/doc/man1/genpkey.pod\n@@ -11,7 +11,7 @@ B\u003copenssl\u003e B\u003cgenpkey\u003e\n [B\u003c-out filename\u003e]\n [B\u003c-outform PEM|DER\u003e]\n [B\u003c-pass arg\u003e]\n-[B\u003c-cipher\u003e]\n+[B\u003c-I\u003ccipher\u003e\u003e]\n [B\u003c-engine id\u003e]\n [B\u003c-paramfile file\u003e]\n [B\u003c-algorithm alg\u003e]\n@@ -45,7 +45,7 @@ This specifies the output format DER or PEM. The default format is PEM.\n The output file password source. For more information about the format of B\u003carg\u003e\n see the B\u003cPASS PHRASE ARGUMENTS\u003e section in L\u003copenssl(1)\u003e.\n \n-\u003ditem B\u003c-cipher\u003e\n+\u003ditem B\u003c-I\u003ccipher\u003e\u003e\n \n This option encrypts the private key with the supplied cipher. Any algorithm\n name accepted by EVP_get_cipherbyname() is acceptable such as B\u003cdes3\u003e.\ndiff --git a/doc/man1/list.pod b/doc/man1/list.pod\nindex 3a40b4d..976be97 100644\n--- a/doc/man1/list.pod\n+++ b/doc/man1/list.pod\n@@ -8,6 +8,7 @@ list - list algorithms and features\n \n B\u003copenssl list\u003e\n [B\u003c-help\u003e]\n+[B\u003c-1\u003e]\n [B\u003c-commands\u003e]\n [B\u003c-digest-commands\u003e]\n [B\u003c-digest-algorithms\u003e]\n@@ -30,6 +31,11 @@ features.\n \n Display a usage message.\n \n+\u003ditem B\u003c-1\u003e\n+\n+List the commands, digest-commands, or cipher-commands in a single column.\n+If used, this option must be given first.\n+\n \u003ditem B\u003c-commands\u003e\n \n Display a list of standard commands.\ndiff --git a/doc/man1/ocsp.pod b/doc/man1/ocsp.pod\nindex 42621df..281518b 100644\n--- a/doc/man1/ocsp.pod\n+++ b/doc/man1/ocsp.pod\n@@ -85,7 +85,7 @@ B\u003copenssl\u003e B\u003cocsp\u003e\n [B\u003c-ndays n\u003e]\n [B\u003c-resp_key_id\u003e]\n [B\u003c-nrequest n\u003e]\n-[B\u003c-md5|-sha1|...\u003e]\n+[B\u003c-I\u003cdigest\u003e\u003e]\n \n \u003dhead1 DESCRIPTION\n \n@@ -286,7 +286,7 @@ status information is immediately available. In this case the age of the\n B\u003cnotBefore\u003e field is checked to see it is not older than B\u003cage\u003e seconds old.\n By default this additional check is not performed.\n \n-\u003ditem B\u003c-[digest]\u003e\n+\u003ditem B\u003c-I\u003cdigest\u003e\u003e\n \n This option sets digest algorithm to use for certificate identification in the\n OCSP request. Any digest supported by the OpenSSL B\u003cdgst\u003e command can be used.\ndiff --git a/doc/man1/pkey.pod b/doc/man1/pkey.pod\nindex 4d37c92..3c277a5 100644\n--- a/doc/man1/pkey.pod\n+++ b/doc/man1/pkey.pod\n@@ -15,7 +15,7 @@ B\u003copenssl\u003e B\u003cpkey\u003e\n [B\u003c-out filename\u003e]\n [B\u003c-passout arg\u003e]\n [B\u003c-traditional\u003e]\n-[B\u003c-cipher\u003e]\n+[B\u003c-I\u003ccipher\u003e\u003e]\n [B\u003c-text\u003e]\n [B\u003c-text_pub\u003e]\n [B\u003c-noout\u003e]\n@@ -74,7 +74,7 @@ Normally a private key is written using standard format: this is PKCS#8 form\n with the appropriate encryption algorithm (if any). If the B\u003c-traditional\u003e\n option is specified then the older \u0022traditional\u0022 format is used instead.\n \n-\u003ditem B\u003c-cipher\u003e\n+\u003ditem B\u003c-I\u003ccipher\u003e\u003e\n \n These options encrypt the private key with the supplied cipher. Any algorithm\n name accepted by EVP_get_cipherbyname() is acceptable such as B\u003cdes3\u003e.\ndiff --git a/doc/man1/prime.pod b/doc/man1/prime.pod\nnew file mode 100644\nindex 0000000..f6f6158\n--- /dev/null\n+++ b/doc/man1/prime.pod\n@@ -0,0 +1,67 @@\n+\u003dpod\n+\n+\u003dhead1 NAME\n+\n+prime - compute prime numbers\n+\n+\u003dhead1 SYNOPSIS\n+\n+B\u003copenssl prime\u003e\n+[B\u003c-help\u003e]\n+[B\u003c-hex\u003e]\n+[B\u003c-generate\u003e]\n+[B\u003c-bits\u003e]\n+[B\u003c-safe\u003e]\n+[B\u003c-checks\u003e]\n+[I\u003cnumber...\u003e]\n+\n+\u003dhead1 DESCRIPTION\n+\n+The B\u003cprime\u003e command checks if the specified numbers are prime.\n+\n+If no numbers are given on the command line, the B\u003c-generate\u003e flag should\n+be used to generate primes according to the requirements specified by the\n+rest of the flags.\n+\n+\u003dhead1 OPTIONS\n+\n+\u003dover 4\n+\n+\u003ditem [B\u003c-help\u003e]\n+\n+Display an option summary.\n+\n+\u003ditem [B\u003c-hex\u003e]\n+\n+Generate hex output.\n+\n+\u003ditem [B\u003c-generate\u003e]\n+\n+Generate a prime number.\n+\n+\u003ditem [B\u003c-bits num\u003e]\n+\n+Generate a prime with B\u003cnum\u003e bits.\n+\n+\u003ditem [B\u003c-safe\u003e]\n+\n+When used with B\u003c-generate\u003e, generates a \u0022safe\u0022 prime. If the number\n+generated is B\u003cn\u003e, then check that B\u003c(n-1)/2\u003e is also prime.\n+\n+\u003ditem [B\u003c-checks num\u003e]\n+\n+Perform the checks B\u003cnum\u003e times to see that the generated number\n+is prime. The default is 20.\n+\n+\u003dback\n+\n+\u003dhead1 COPYRIGHT\n+\n+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.\n+\n+Licensed under the OpenSSL license (the \u0022License\u0022). You may not use\n+this file except in compliance with the License. You can obtain a copy\n+in the file LICENSE in the source distribution or at\n+L\u003chttps://www.openssl.org/source/license.html\u003e.\n+\n+\u003dcut\ndiff --git a/doc/man1/req.pod b/doc/man1/req.pod\nindex aec2ada..1930088 100644\n--- a/doc/man1/req.pod\n+++ b/doc/man1/req.pod\n@@ -29,7 +29,7 @@ B\u003copenssl\u003e B\u003creq\u003e\n [B\u003c-keyform PEM|DER\u003e]\n [B\u003c-keyout filename\u003e]\n [B\u003c-keygen_engine id\u003e]\n-[B\u003c-[digest]\u003e]\n+[B\u003c-I\u003cdigest\u003e\u003e]\n [B\u003c-config filename\u003e]\n [B\u003c-multivalue-rdn\u003e]\n [B\u003c-x509\u003e]\n@@ -198,7 +198,7 @@ configuration file is used.\n If this option is specified then if a private key is created it\n will not be encrypted.\n \n-\u003ditem B\u003c-[digest]\u003e\n+\u003ditem B\u003c-I\u003cdigest\u003e\u003e\n \n This specifies the message digest to sign the request.\n Any digest supported by the OpenSSL B\u003cdgst\u003e command can be used.\ndiff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod\nindex 7f2fd7b..50f6b9c 100644\n--- a/doc/man1/s_client.pod\n+++ b/doc/man1/s_client.pod\n@@ -111,7 +111,8 @@ B\u003copenssl\u003e B\u003cs_client\u003e\n [B\u003c-status\u003e]\n [B\u003c-alpn protocols\u003e]\n [B\u003c-nextprotoneg protocols\u003e]\n-[B\u003c-ct|noct\u003e]\n+[B\u003c-ct\u003e]\n+[B\u003c-noct\u003e]\n [B\u003c-ctlogfile\u003e]\n [B\u003c-keylogfile file\u003e]\n [B\u003c-early_data file\u003e]\n@@ -576,7 +577,7 @@ client to advertise support for the TLS extension but disconnect just\n after receiving ServerHello with a list of server supported protocols.\n The flag B\u003c-nextprotoneg\u003e cannot be specified if B\u003c-tls1_3\u003e is used.\n \n-\u003ditem B\u003c-ct|noct\u003e\n+\u003ditem B\u003c-ct\u003e, B\u003c-noct\u003e\n \n Use one of these two options to control whether Certificate Transparency (CT)\n is enabled (B\u003c-ct\u003e) or disabled (B\u003c-noct\u003e).\ndiff --git a/doc/man1/s_time.pod b/doc/man1/s_time.pod\nindex 8661a00..b926b6e 100644\n--- a/doc/man1/s_time.pod\n+++ b/doc/man1/s_time.pod\n@@ -13,14 +13,13 @@ B\u003copenssl\u003e B\u003cs_time\u003e\n [B\u003c-cert filename\u003e]\n [B\u003c-key filename\u003e]\n [B\u003c-CApath directory\u003e]\n-[B\u003c-CAfile filename\u003e]\n+[B\u003c-cafile filename\u003e]\n [B\u003c-no-CAfile\u003e]\n [B\u003c-no-CApath\u003e]\n [B\u003c-reuse\u003e]\n [B\u003c-new\u003e]\n [B\u003c-verify depth\u003e]\n [B\u003c-nameopt option\u003e]\n-[B\u003c-nbio\u003e]\n [B\u003c-time seconds\u003e]\n [B\u003c-ssl3\u003e]\n [B\u003c-bugs\u003e]\n@@ -109,10 +108,6 @@ Performs the timing test using the same session ID; this can be used as a test\n that session caching is working. If neither B\u003c-new\u003e nor B\u003c-reuse\u003e are\n specified, they are both on by default and executed in sequence.\n \n-\u003ditem B\u003c-nbio\u003e\n-\n-Turns on non-blocking I/O.\n-\n \u003ditem B\u003c-ssl3\u003e\n \n These options disable the use of certain SSL or TLS protocols. By default\ndiff --git a/doc/man1/smime.pod b/doc/man1/smime.pod\nindex 5b13fda..4d8cf7a 100644\n--- a/doc/man1/smime.pod\n+++ b/doc/man1/smime.pod\n@@ -16,7 +16,7 @@ B\u003copenssl\u003e B\u003csmime\u003e\n [B\u003c-pk7out\u003e]\n [B\u003c-binary\u003e]\n [B\u003c-crlfeol\u003e]\n-[B\u003c-[cipher]\u003e]\n+[B\u003c-I\u003ccipher\u003e\u003e]\n [B\u003c-in file\u003e]\n [B\u003c-CAfile file\u003e]\n [B\u003c-CApath dir\u003e]\n@@ -201,7 +201,7 @@ Do not load the trusted CA certificates from the default directory location.\n Digest algorithm to use when signing or resigning. If not present then the\n default digest algorithm for the signing key will be used (usually SHA1).\n \n-\u003ditem B\u003c-[cipher]\u003e\n+\u003ditem B\u003c-I\u003ccipher\u003e\u003e\n \n The encryption algorithm to use. For example DES (56 bits) - B\u003c-des\u003e,\n triple DES (168 bits) - B\u003c-des3\u003e,\ndiff --git a/doc/man1/srp.pod b/doc/man1/srp.pod\nnew file mode 100644\nindex 0000000..a5dcf2e\n--- /dev/null\n+++ b/doc/man1/srp.pod\n@@ -0,0 +1,72 @@\n+\u003dpod\n+\n+\u003dhead1 NAME\n+\n+srp - maintain SRP password file\n+\n+\u003dhead1 SYNOPSIS\n+\n+B\u003copenssl srp\u003e\n+[B\u003c-help\u003e]\n+[B\u003c-verbose\u003e]\n+[B\u003c-add\u003e]\n+[B\u003c-modify\u003e]\n+[B\u003c-delete\u003e]\n+[B\u003c-list\u003e]\n+[B\u003c-name section\u003e]\n+[B\u003c-config file\u003e]\n+[B\u003c-srpvfile file\u003e]\n+[B\u003c-gn identifier\u003e]\n+[B\u003c-userinfo text...\u003e]\n+[B\u003c-passin arg\u003e]\n+[B\u003c-passout arg\u003e]\n+[I\u003cuser...\u003e]\n+\n+\u003dhead1 DESCRIPTION\n+\n+The B\u003csrp\u003e command is user to maintain an SRP (secure remote password)\n+file.\n+At most one of the B\u003c-add\u003e, B\u003c-modify\u003e, B\u003c-delete\u003e, and B\u003c-list\u003e options\n+can be specified.\n+These options take zero or more usernames as parameters and perform the\n+appropriate operation on the SRP file.\n+For B\u003c-list\u003e, if no B\u003cuser\u003e is given then all users are displayed.\n+\n+The configuration file to use, and the section within the file, can be\n+specified with the B\u003c-config\u003e and B\u003c-name\u003e flags, respectively.\n+If the config file is not specified, the B\u003c-srpvfile\u003e can be used to\n+just specify the file to operate on.\n+\n+The B\u003c-userinfo\u003e option specifies additional information to add when\n+adding or modifying a user.\n+\n+The B\u003c-gn\u003e flag specifies the B\u003cg\u003e and B\u003cN\u003e values, using one of\n+the strengths defined in IETF RFC 5054.\n+\n+The B\u003c-passin\u003e and B\u003c-passout\u003e arguments are parsed as described in\n+the L\u003copenssl(1)\u003e command.\n+\n+\u003dhead1 OPTIONS\n+\n+\u003dover 4\n+\n+\u003ditem [B\u003c-help\u003e]\n+\n+Display an option summary.\n+\n+\u003ditem [B\u003c-verbose\u003e]\n+\n+Generate verbose output while processing.\n+\n+\u003dback\n+\n+\u003dhead1 COPYRIGHT\n+\n+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.\n+\n+Licensed under the OpenSSL license (the \u0022License\u0022). You may not use\n+this file except in compliance with the License. You can obtain a copy\n+in the file LICENSE in the source distribution or at\n+L\u003chttps://www.openssl.org/source/license.html\u003e.\n+\n+\u003dcut\ndiff --git a/doc/man1/ts.pod b/doc/man1/ts.pod\nindex 56ace24..8886cd6 100644\n--- a/doc/man1/ts.pod\n+++ b/doc/man1/ts.pod\n@@ -13,7 +13,7 @@ B\u003c-query\u003e\n [B\u003c-config\u003e configfile]\n [B\u003c-data\u003e file_to_hash]\n [B\u003c-digest\u003e digest_bytes]\n-[B\u003c-[digest]\u003e]\n+[B\u003c-I\u003cdigest\u003e\u003e]\n [B\u003c-tspolicy\u003e object_id]\n [B\u003c-no_nonce\u003e]\n [B\u003c-cert\u003e]\n@@ -29,7 +29,7 @@ B\u003c-reply\u003e\n [B\u003c-passin\u003e password_src]\n [B\u003c-signer\u003e tsa_cert.pem]\n [B\u003c-inkey\u003e file_or_id]\n-[B\u003c-sha1|-sha224|-sha256|-sha384|-sha512\u003e]\n+[B\u003c-I\u003cdigest\u003e\u003e]\n [B\u003c-chain\u003e certs_file.pem]\n [B\u003c-tspolicy\u003e object_id]\n [B\u003c-in\u003e response.tsr]\n@@ -165,7 +165,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or\n 1AF601...). The number of bytes must match the message digest algorithm\n in use. (Optional)\n \n-\u003ditem B\u003c-[digest]\u003e\n+\u003ditem B\u003c-I\u003cdigest\u003e\u003e\n \n The message digest to apply to the data file.\n Any digest supported by the OpenSSL B\u003cdgst\u003e command can be used.\n@@ -258,7 +258,7 @@ B\u003csigner_key\u003e config file option. (Optional)\n If no engine is used, the argument is taken as a file; if an engine is\n specified, the argument is given to the engine as a key identifier.\n \n-\u003ditem B\u003c-sha1|-sha224|-sha256|-sha384|-sha512\u003e\n+\u003ditem B\u003c-I\u003cdigest\u003e\u003e\n \n Signing digest to use. Overrides the B\u003csigner_digest\u003e config file\n option. (Optional)\n@@ -459,7 +459,7 @@ command line option. (Optional)\n \u003ditem B\u003csigner_digest\u003e\n \n Signing digest to use. The same as the\n-B\u003c-sha1|-sha224|-sha256|-sha384|-sha512\u003e command line option. (Optional)\n+B\u003c-I\u003cdigest\u003e\u003e command line option. (Optional)\n \n \u003ditem B\u003cdefault_policy\u003e\n \ndiff --git a/doc/man1/x509.pod b/doc/man1/x509.pod\nindex d31460b..a2cbd0d 100644\n--- a/doc/man1/x509.pod\n+++ b/doc/man1/x509.pod\n@@ -56,7 +56,7 @@ B\u003copenssl\u003e B\u003cx509\u003e\n [B\u003c-ext extensions\u003e]\n [B\u003c-certopt option\u003e]\n [B\u003c-C\u003e]\n-[B\u003c-[digest]\u003e]\n+[B\u003c-I\u003cdigest\u003e\u003e]\n [B\u003c-clrext\u003e]\n [B\u003c-extfile filename\u003e]\n [B\u003c-extensions section\u003e]\n@@ -109,7 +109,7 @@ if this option is not specified.\n This specifies the output filename to write to or standard output by\n default.\n \n-\u003ditem B\u003c-[digest]\u003e\n+\u003ditem B\u003c-I\u003cdigest\u003e\u003e\n \n The digest to use.\n This affects any signing or display option that uses a message\ndiff --git a/util/find-doc-nits b/util/find-doc-nits\nindex 7f5f1eb..a5fc62f 100755\n--- a/util/find-doc-nits\n+++ b/util/find-doc-nits\n@@ -26,6 +26,7 @@ our($opt_n);\n our($opt_p);\n our($opt_s);\n our($opt_u);\n+our($opt_c);\n \n sub help()\n {\n@@ -38,6 +39,7 @@ Find small errors (nits) in documentation. Options:\n -p Warn if non-public name documented (implies -n)\n -u List undocumented functions\n -h Print this help message\n+ -c List undocumented commands and options\n EOF\n exit;\n }\n@@ -397,21 +399,123 @@ sub publicize() {\n }\n }\n \n-getopts('dlnsphu');\n+my %skips \u003d (\n+ 'aes128' \u003d\u003e 1,\n+ 'aes192' \u003d\u003e 1,\n+ 'aes256' \u003d\u003e 1,\n+ 'aria128' \u003d\u003e 1,\n+ 'aria192' \u003d\u003e 1,\n+ 'aria256' \u003d\u003e 1,\n+ 'camellia128' \u003d\u003e 1,\n+ 'camellia192' \u003d\u003e 1,\n+ 'camellia256' \u003d\u003e 1,\n+ 'des' \u003d\u003e 1,\n+ 'des3' \u003d\u003e 1,\n+ 'idea' \u003d\u003e 1,\n+ '[cipher]' \u003d\u003e 1,\n+ '[digest]' \u003d\u003e 1,\n+);\n+\n+sub checkflags() {\n+ my $cmd \u003d shift;\n+ my %cmdopts;\n+ my %docopts;\n+ my $ok \u003d 1;\n+\n+ # Get the list of options in the command.\n+ open CFH, \u0022./apps/openssl list --options $cmd|\u0022\n+ || die \u0022Can list options for $cmd, $!\u0022;\n+ while ( \u003cCFH\u003e ) {\n+ chop;\n+ s/ .$//;\n+ $cmdopts{$_} \u003d 1;\n+ }\n+ close CFH;\n+\n+ # Get the list of flags from the synopsis\n+ open CFH, \u0022\u003cdoc/man1/$cmd.pod\u0022\n+ || die \u0022Can't open $cmd.pod, $!\u0022;\n+ while ( \u003cCFH\u003e ) {\n+ chop;\n+ last if /DESCRIPTION/;\n+ next unless /\u005c[B\u003c-([^ \u003e]+)/;\n+ $docopts{$1} \u003d 1;\n+ }\n+ close CFH;\n+\n+ # See what's in the command not the manpage.\n+ my @undocced \u003d ();\n+ foreach my $k ( keys %cmdopts ) {\n+ push @undocced, $k unless $docopts{$k};\n+ }\n+ if ( scalar @undocced \u003e 0 ) {\n+ $ok \u003d 0;\n+ foreach ( @undocced ) {\n+ print \u0022doc/man1/$cmd.pod: Missing -$_\u005cn\u0022;\n+ }\n+ }\n+\n+ # See what's in the command not the manpage.\n+ my @unimpl \u003d ();\n+ foreach my $k ( keys %docopts ) {\n+ push @unimpl, $k unless $cmdopts{$k};\n+ }\n+ if ( scalar @unimpl \u003e 0 ) {\n+ $ok \u003d 0;\n+ foreach ( @unimpl ) {\n+ next if defined $skips{$_};\n+ print \u0022doc/man1/$cmd.pod: Not implemented -$_\u005cn\u0022;\n+ }\n+ }\n+\n+ return $ok;\n+}\n+\n+getopts('cdlnsphu');\n \n \u0026help() if $opt_h;\n $opt_n \u003d 1 if $opt_s or $opt_p;\n $opt_u \u003d 1 if $opt_d;\n \n-die \u0022Need one of -[dlnspu] flags.\u005cn\u0022\n- unless $opt_l or $opt_n or $opt_u;\n+die \u0022Need one of -[cdlnspu] flags.\u005cn\u0022\n+ unless $opt_c or $opt_l or $opt_n or $opt_u;\n \n+if ( $opt_c ) {\n+ my $ok \u003d 1;\n+ my @commands \u003d ();\n \n-if ( $opt_n ) {\n- \u0026publicize() if $opt_p;\n- foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {\n- \u0026check($_);\n+ # Get list of commands.\n+ open FH, \u0022./apps/openssl list -1 -commands|\u0022\n+ || die \u0022Can't list commands, $!\u0022;\n+ while ( \u003cFH\u003e ) {\n+ chop;\n+ push @commands, $_;\n+ }\n+ close FH;\n+\n+ # See if each has a manpage.\n+ foreach ( @commands ) {\n+ next if $_ eq 'help' || $_ eq 'exit';\n+ if ( ! -f \u0022doc/man1/$_.pod\u0022 ) {\n+ print \u0022doc/man1/$_.pod does not exist\u005cn\u0022;\n+ $ok \u003d 0;\n+ } else {\n+ $ok \u003d 0 if not \u0026checkflags($_);\n+ }\n }\n+\n+ # See what help is missing.\n+ open FH, \u0022./apps/openssl list --missing-help |\u0022\n+ || die \u0022Can't list missing help, $!\u0022;\n+ while ( \u003cFH\u003e ) {\n+ chop;\n+ my ($cmd, $flag) \u003d split;\n+ print \u0022$cmd has no help for -$flag\u005cn\u0022;\n+ $ok \u003d 0;\n+ }\n+ close FH;\n+\n+ exit 1 if not $ok;\n }\n \n if ( $opt_l ) {\n@@ -421,6 +525,13 @@ if ( $opt_l ) {\n checklinks();\n }\n \n+if ( $opt_n ) {\n+ \u0026publicize() if $opt_p;\n+ foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {\n+ \u0026check($_);\n+ }\n+}\n+\n if ( $opt_u ) {\n my %temp \u003d \u0026getdocced('doc/man3');\n foreach ( keys %temp ) {\n","s":{"c":1752658139,"u": 74401}} ],"g": 76996,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}