wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/apps
History
Benjamin Kaduk 21c6c50fc8 GH650: Minor tidying around the ocsp app 
The ocsp utility is something of a jack-of-all-trades; most anything
related to the OCSP can be done with it.  In particular, the manual
page calls out that it can be used as either a client or a server
of the protocol, but there are also a few things that it can do
which do not quite fit into either role, such as encoding an OCSP
request but not sending it, printing out a text form of an OCSP
response (or request) from a file akin to the asn1parse utility,
or performing a lookup into the server-side revocation database
without actually sending a request or response.  All three of these
are documented as examples in the manual page, but the documentation
prior to this commit is somewhat misleading, in that when printing
the text form of an OCSP response, the code also attempts to
verify the response, displaying an error message and returning
failure if the response does not verify.  (It is possible that
the response would be able to verify with the given example, since
the default trust roots are used for that verification, but OCSP
responses frequently have alternate certification authorities
that would require passing -CAfile or -CApath for verification.)

Tidy up the documentation by passing -noverify for the case of
converting from binary to textual representation, and also
change a few instances of -respin to -reqin as appropriate, note
that the -url option provides the same functionality as the -host
and -path options, clarify that the example that saves an OCSP
response to a file will also perform verification on that response,
and fix a couple grammar nits in the manual page.

Also remove an always-true conditional for rdb != NULL -- there
are no codepaths in which it could be initialized at the time of
this check.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-13 09:12:07 -05:00
..
demoCA Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
demoSRP Missing SRP files. 2011-03-16 11:50:33 +00:00
app_rand.c Add a no-egd option to disable EGD-related code 2016-01-14 13:02:51 -05:00
apps.c Fix pkeyutl/rsautl empty encrypt-input/decrypt-output handling 2016-02-02 23:24:12 -05:00
apps.h Improve recent option help string additions 2016-02-10 12:34:39 -05:00
asn1pars.c commands help cleanup 2016-02-06 14:06:52 -05:00
build.info Generate progs.h from a bunch of files instead of internal knowledge 2016-02-12 04:42:22 +01:00
ca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
ca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca.c Fix engine key support in utilities. 2016-02-08 15:11:08 +00:00
CA.pl.in Fix some issues near recent chomp changes. 2016-02-13 02:54:48 -05:00
cert.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ciphers.c Support disabling any or all TLS or DTLS versions 2016-01-19 09:57:15 -05:00
client.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
cms.c Fix engine key support in cms and req utilities. 2016-02-11 16:03:52 +00:00
crl.c New function X509_get0_pubkey 2015-12-14 23:06:14 +00:00
crl2p7.c Fix option value parsing in crl2pkcs7 -certfile 2015-12-13 21:31:03 -05:00
dgst.c Fix engine key support in utilities. 2016-02-08 15:11:08 +00:00
dh1024.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dh2048.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dh4096.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dhparam.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
dsa-ca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa-pca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
dsa512.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsa1024.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsap.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
dsaparam.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
ec.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
ecparam.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
enc.c Adapt all EVP_CIPHER users for it becoming opaque 2016-01-12 13:52:22 +01:00
engine.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
errstr.c Fix errstr error code parsing 2016-02-11 08:53:11 +00:00
gendsa.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
genpkey.c Continue standardisation of malloc handling in apps 2015-11-09 22:48:41 +00:00
genrsa.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
Makefile.in Rename INSTALL_PREFIX to DESTDIR, remove option --install_prefix 2016-02-12 21:54:07 +01:00
nseq.c Continue standardisation of malloc handling in apps 2015-11-09 22:48:41 +00:00
ocsp.c GH650: Minor tidying around the ocsp app 2016-02-13 09:12:07 -05:00
openssl-vms.cnf Remove outdated legacy crypto options 2016-01-27 19:05:50 -05:00
openssl.c Remove TLS heartbeat, disable DTLS heartbeat 2016-02-11 12:57:26 -05:00
openssl.cnf Use better defaults for TSA. 2015-11-20 13:40:53 +00:00
opt.c Deprecate the -issuer_checks debugging option 2016-02-10 12:34:06 -05:00
passwd.c Rename some BUF_xxx to OPENSSL_xxx 2015-12-16 16:14:49 -05:00
pca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
pca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pkcs7.c Centralise loading default apps config file 2015-10-12 22:31:00 +01:00
pkcs8.c RT4227: Range-check in apps. 2016-01-12 01:00:31 -05:00
pkcs12.c fix various formatting issues 2016-02-08 18:43:49 +00:00
pkey.c Fix engine key support in utilities. 2016-02-08 15:11:08 +00:00
pkeyparam.c Centralise loading default apps config file 2015-10-12 22:31:00 +01:00
pkeyutl.c more doc fixes 2016-02-07 23:14:12 -05:00
prime.c Fix "primarility" typo 2015-11-21 14:37:24 +01:00
privkey.pem PR: 1644 2009-09-06 15:49:46 +00:00
progs.h make generate 2016-02-12 04:42:22 +01:00
progs.pl Generate progs.h from a bunch of files instead of internal knowledge 2016-02-12 04:42:22 +01:00
rand.c RT4227: Range-check in apps. 2016-01-12 01:00:31 -05:00
rehash.c Rename some BUF_xxx to OPENSSL_xxx 2015-12-16 16:14:49 -05:00
req.c RT 3854: Update apps/req 2016-02-12 14:09:26 +01:00
req.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
rsa.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
rsa8192.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
rsautl.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
s512-key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s512-req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s_apps.h Suppress DANE TLSA reflection when verification fails 2016-02-08 14:46:09 -05:00
s_cb.c Suppress DANE TLSA reflection when verification fails 2016-02-08 14:46:09 -05:00
s_client.c Auto init/deinit libcrypto 2016-02-09 15:11:38 +00:00
s_server.c GH646: Update help for s_server command. 2016-02-09 10:57:03 -05:00
s_socket.c The protocol variable has lost its use, remove it 2016-02-11 14:13:01 +01:00
s_time.c Address Windows warnings in apps/. 2015-10-05 09:25:06 +02:00
server.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
server.srl Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
server2.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
sess_id.c Fix NSS format session output 2016-01-11 10:03:27 +00:00
smime.c Refactor apps load_certs/load_crls to work incrementally 2016-01-20 19:04:26 -05:00
speed.c apps/speed.c: initialize c[D_GHASH][i]. 2016-02-13 11:43:02 +01:00
spkac.c Continue standardisation of malloc handling in apps 2015-11-09 22:48:41 +00:00
srp.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
testCA.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.h Big apps cleanup (option-parsing, etc) 2015-04-24 15:26:15 -04:00
testrsa.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
timeouts.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ts.c Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy) 2015-12-07 17:40:20 +01:00
tsget PR: 2031 2009-09-07 17:57:18 +00:00
verify.c Multiple -trusted/-untrusted/-CRLfile options in verify 2016-01-20 19:04:33 -05:00
version.c typo 2016-02-10 19:04:08 +00:00
vms_decc_init.c Fix some missing or faulty header file inclusions 2015-12-30 14:54:29 +01:00
winrand.c Big apps cleanup (option-parsing, etc) 2015-04-24 15:26:15 -04:00
x509.c Fix engine key support in utilities. 2016-02-08 15:11:08 +00:00