wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/doc
History
Benjamin Kaduk 21c6c50fc8 GH650: Minor tidying around the ocsp app 
The ocsp utility is something of a jack-of-all-trades; most anything
related to the OCSP can be done with it.  In particular, the manual
page calls out that it can be used as either a client or a server
of the protocol, but there are also a few things that it can do
which do not quite fit into either role, such as encoding an OCSP
request but not sending it, printing out a text form of an OCSP
response (or request) from a file akin to the asn1parse utility,
or performing a lookup into the server-side revocation database
without actually sending a request or response.  All three of these
are documented as examples in the manual page, but the documentation
prior to this commit is somewhat misleading, in that when printing
the text form of an OCSP response, the code also attempts to
verify the response, displaying an error message and returning
failure if the response does not verify.  (It is possible that
the response would be able to verify with the given example, since
the default trust roots are used for that verification, but OCSP
responses frequently have alternate certification authorities
that would require passing -CAfile or -CApath for verification.)

Tidy up the documentation by passing -noverify for the case of
converting from binary to textual representation, and also
change a few instances of -respin to -reqin as appropriate, note
that the -url option provides the same functionality as the -host
and -path options, clarify that the example that saves an OCSP
response to a file will also perform verification on that response,
and fix a couple grammar nits in the manual page.

Also remove an always-true conditional for rdb != NULL -- there
are no codepaths in which it could be initialized at the time of
this check.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-13 09:12:07 -05:00
..
apps GH650: Minor tidying around the ocsp app 2016-02-13 09:12:07 -05:00
crypto Hide OPENSSL_INIT_SETTINGS. 2016-02-11 08:43:46 -05:00
HOWTO Various doc fixes from GH pull requests 2015-07-31 12:27:27 -04:00
ssl Hide OPENSSL_INIT_SETTINGS. 2016-02-11 08:43:46 -05:00
dir-locals.example.el Adjust the general fill-column in doc/dir-locals.example.el 2015-09-08 00:59:50 +02:00
fingerprints.txt RT3802: Fixes typos in doc/crypto/ 2015-05-03 08:51:23 -04:00
openssl-c-indent.el GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
README RT3767: openssl_button.gif should be PNG 2015-09-01 11:56:14 -04:00
standards.txt Remove remaining Kerberos references 2015-05-13 15:08:10 +01:00

README 

README  This file

fingerprints.txt
        PGP fingerprints of authoried release signers

standards.txt
        Pointers to standards, RFC's and IETF Drafts that are
        related to OpenSSL.  Incomplete.

HOWTO/
        A few how-to documents; not necessarily up-to-date
apps/
        The openssl command-line tools; start with openssl.pod
ssl/
        The SSL library; start with ssl.pod
crypto/
        The cryptographic library; start with crypto.pod

Formatted versions of the manpages (apps,ssl,crypto) can be found at
        https://www.openssl.org/docs/manpages.html