Commit graph

242 commits

Author SHA1 Message Date
Dr. Stephen Henson
1a09816435 additional configuration documentation
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 3d764db7a2)
2015-03-12 13:45:52 +00:00
Kurt Roeckx
bc2e18a3c8 Remove export ciphers from the DEFAULT cipher list
They are moved to the COMPLEMENTOFDEFAULT instead.
This also fixes SSLv2 to be part of COMPLEMENTOFDEFAULT.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit f417997a32)

Conflicts:
	ssl/ssl_ciph.c
2015-03-07 23:08:12 +01:00
Dr. Stephen Henson
9cd061725b Document -no_explicit
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 384dee5124)
2015-02-24 15:28:56 +00:00
Thorsten Glaser
cdf42d7b43 Document openssl dgst -hmac option
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-30 17:00:23 +01:00
André Guerreiro
6c3d948723 Add documentation on -timeout option in the ocsp utility
PR#3612

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit de87dd46c1)
(cherry picked from commit 4d3df37bc7)
2014-11-27 14:18:45 +00:00
Rich Salz
c2119214c2 RT2119,3407: Updated to dgst.pod
Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 6aa9dbab0f)
2014-08-30 10:06:07 -04:00
James Westby
22387f00b6 RT1941: c_rehash.pod is missing
Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit cf2239b3b3)
2014-08-30 09:51:56 -04:00
Dr. Stephen Henson
2316286c0e Clarify -Verify and PSK.
PR#3452
(cherry picked from commit ca2015a617)
2014-07-15 20:23:35 +01:00
Hubert Kario
00579b98c4 document -nextprotoneg option in man pages
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.

PR#3444
(cherry picked from commit 7efd0e777e)

Conflicts:

	doc/apps/s_server.pod
2014-07-14 23:43:58 +01:00
Dr. Stephen Henson
b197c770a6 Document certificate status request options.
(cherry picked from commit cba3f1c739)

Conflicts:

	doc/apps/s_client.pod
	doc/apps/s_server.pod
2014-07-06 22:48:52 +01:00
Dr. Stephen Henson
1864e3bed3 typo
(cherry picked from commit 2cfbec1cae)
(cherry picked from commit a9661e45ac)
2014-07-04 18:43:55 +01:00
Rich Salz
3fa2fff86f Merge branch 'rsalz-docfixes' 2014-07-03 12:53:36 -04:00
Hubert Kario
87887a7a65 backport changes to ciphers(1) man page
Backport of the patch:
add ECC strings to ciphers(1), point out difference between DH and ECDH
and few other changes applicable to the 1.0.1 code base.

 * Make a clear distinction between DH and ECDH key exchange.
 * Group all key exchange cipher suite identifiers, first DH then ECDH
 * add descriptions for all supported *DH* identifiers
 * add ECDSA authentication descriptions
 * add example showing how to disable all suites that offer no
   authentication or encryption
 * backport listing of elliptic curve cipher suites.
 * backport listing of TLS 1.2 cipher suites, add note that DH_RSA
   and DH_DSS is not implemented in this version
 * backport of description of PSK and listing of PSK cipher suites
 * backport description of AES128, AES256 and AESGCM options
 * backport description of CAMELLIA128, CAMELLIA256 options
2014-06-10 20:56:39 +01:00
Hubert Kario
427a37ca3f add description of -attime to man page
the verify app man page didn't describe the usage of attime option
even though it was listed as a valid option in the -help message.

This patch fixes this omission.
2014-05-30 23:33:10 +01:00
Hubert Kario
39ae3b338f add description of -no_ecdhe option to s_server man page
While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.
2014-05-30 23:32:54 +01:00
Matt Caswell
0a084f7b3a Fixed minor copy&paste error, and stray space causing rendering problem 2014-05-22 00:12:14 +01:00
Dr. Stephen Henson
599fe418a1 Change default cipher in smime app to des3.
PR#3357
(cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
2014-05-21 11:14:33 +01:00
Matt Caswell
d6934a02b5 Moved note about lack of support for AEAD modes out of BUGS section to SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD) 2014-05-15 21:17:19 +01:00
Jeffrey Walton
1f5e321ec1 Fix grammar error in verify pod. PR#3355 2014-05-14 22:59:48 +01:00
Jeffrey Walton
b6adb6ef58 Add information to BUGS section of enc documentation. PR#3354 2014-05-14 22:59:48 +01:00
Lubomir Rintel
23f5908ac7 POD: Fix item numbering
Newer pod2man considers =item [1-9] part of a numbered list, while =item
0 starts an unnumbered list. Add a zero effect formatting mark to override
this.

doc/apps/smime.pod around line 315: Expected text after =item, not a
number
...

PR#3146
2014-04-30 23:47:29 +01:00
mancha
e622237d12 Fix version documentation.
Specify -f is for compilation flags. Add -d to synopsis section.

(cherry picked from commit 006397ea62bbcae22c8664d53c2222b808c4bdd1)

Closes #79.
2014-04-26 11:21:34 +01:00
Dr. Stephen Henson
e3899ababb Document -debug_decrypt option.
(cherry picked from commit 0dd5b94aeb)
2014-04-16 12:36:06 +01:00
Dr. Stephen Henson
0d7717fc9c Document -verify_return_error option.
(cherry picked from commit 4e6c12f308)
2014-04-07 13:04:21 +01:00
Dr. Stephen Henson
6042582b62 Document new crl option.
(cherry picked from commit dbb7654dc1)
2014-04-03 13:37:11 +01:00
Scott Schaefer
040ed7b4d0 Fix various spelling errors
(cherry picked from commit 2b4ffc659e)
2014-02-14 22:35:39 +00:00
Scott Schaefer
c76e5b08a1 Document pkcs12 -password behavior
apps/pkcs12.c accepts -password as an argument.  The document author
almost certainly meant to write "-password, -passin".

However, that is not correct, either.  Actually the code treats
-password as equivalent to -passin, EXCEPT when -export is also
specified, in which case -password as equivalent to -passout.
(cherry picked from commit 856c6dfb09)
2014-02-14 22:35:39 +00:00
Dr. Stephen Henson
62c2b6d944 Document RSAPublicKey_{in,out} options.
(cherry picked from commit 7040d73d22987532faa503630d6616cf2788c975)
2013-11-09 15:09:21 +00:00
Ben Laurie
bee0550397 Documentation improvements by Chris Palmer (Google). 2012-12-14 13:29:51 +00:00
Ben Laurie
fc57c58c81 Document -pubkey option. 2012-12-13 16:08:17 +00:00
Dr. Stephen Henson
d6342aab08 correct docs 2012-11-19 20:07:05 +00:00
Andy Polyakov
1fb07a7de8 doc/apps: formatting fixes [from HEAD].
PR: 2683
Submitted by: Annie Yousar
2012-01-11 21:58:42 +00:00
Dr. Stephen Henson
0172ad2902 Minor documentation fixes, PR#2345 2010-10-04 13:28:27 +00:00
Dr. Stephen Henson
d9aa352ff0 Minor documentation fixes, PR#2344 2010-10-04 13:24:07 +00:00
Dr. Stephen Henson
6507653e72 The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in
the verify application documentation.
2010-02-23 14:09:22 +00:00
Dr. Stephen Henson
39f0a4d8e9 typo 2010-01-21 18:46:28 +00:00
Dr. Stephen Henson
93fac08ec3 PR: 2136
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:27:11 +00:00
Dr. Stephen Henson
6e94156199 Remove tabs on blank lines: they produce warnings in pod2man 2010-01-05 17:17:20 +00:00
Dr. Stephen Henson
50425bc137 Change version from 0.9.9 to 1.0.0 in docs 2009-09-30 23:40:52 +00:00
Dr. Stephen Henson
7483896e15 Correction: salt is now default 2009-09-04 12:27:01 +00:00
Dr. Stephen Henson
710c1c34d1 Allow checking of self-signed certifictes if a flag is set. 2009-06-26 11:28:52 +00:00
Dr. Stephen Henson
6fda4d7e5d PR: 1887
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Approved by: steve@openssl.org

Document/clarify use of some options and include details of GOST algorihthm
usage.
2009-04-10 16:42:28 +00:00
Dr. Stephen Henson
36a252ea46 Typo. 2009-04-10 11:35:31 +00:00
Dr. Stephen Henson
a31a195246 PR: 1887 (part, modified)
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Approved by: steve@openssl.org

Use correct command names in -engine description and fix typo.
2009-04-10 11:25:54 +00:00
Dr. Stephen Henson
fab4447179 PR: 1880
Document -ocsp_uri command line switch to x509 utility.
2009-04-01 15:06:28 +00:00
Dr. Stephen Henson
c28a9165f2 PR: 1862
Typo.
2009-03-12 17:13:15 +00:00
Bodo Möller
7ca1cfbac3 -hex option for openssl rand
PR: 1831
Submitted by: Damien Miller
2009-02-02 00:01:28 +00:00
Dr. Stephen Henson
db50661fce X509 verification fixes.
Ignore self issued certificates when checking path length constraints.

Duplicate OIDs in policy tree in case they are allocated.

Use anyPolicy from certificate cache and not current tree level.
2008-07-13 14:25:36 +00:00
Lutz Jänicke
51e00db226 Document "openssl s_server" -crl_check* options
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:15 +00:00
Lutz Jänicke
a92ebf2290 Provide information about "openssl dgst" -hmac option. 2008-05-19 07:43:34 +00:00