diff options
Diffstat (limited to 'doc/apps')
48 files changed, 84 insertions, 183 deletions
diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod index a84083af0b..ed30d6a2d1 100644 --- a/doc/apps/CA.pl.pod +++ b/doc/apps/CA.pl.pod @@ -186,8 +186,6 @@ configuration file, not just its directory. L<x509(1)>, L<ca(1)>, L<req(1)>, L<pkcs12(1)>, L<config(5)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod index e231a93548..6679108cfa 100644 --- a/doc/apps/asn1parse.pod +++ b/doc/apps/asn1parse.pod @@ -104,7 +104,7 @@ END marker in a PEM file. =back -=head2 OUTPUT +=head2 Output The output will typically contain lines like this: @@ -196,8 +196,6 @@ ASN.1 types is not well handled (if at all). L<ASN1_generate_nconf(3)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod index de3744e302..cd7eda314c 100644 --- a/doc/apps/ca.pod +++ b/doc/apps/ca.pod @@ -705,8 +705,6 @@ then even if a certificate is issued with CA:TRUE it will not be valid. L<req(1)>, L<spkac(1)>, L<x509(1)>, L<CA.pl(1)>, L<config(5)>, L<x509v3_config(5)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 7941cb31a8..a8a7c8736a 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -394,7 +394,7 @@ relevant specification and their OpenSSL equivalents. It should be noted, that several cipher suite names do not include the authentication used, e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. -=head2 SSL v3.0 cipher suites. +=head2 SSL v3.0 cipher suites SSL_RSA_WITH_NULL_MD5 NULL-MD5 SSL_RSA_WITH_NULL_SHA NULL-SHA @@ -415,7 +415,7 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented. SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented. -=head2 TLS v1.0 cipher suites. +=head2 TLS v1.0 cipher suites TLS_RSA_WITH_NULL_MD5 NULL-MD5 TLS_RSA_WITH_NULL_SHA NULL-SHA @@ -580,7 +580,7 @@ Note: these ciphers can also be used in SSL v3. TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-RSA-CAMELLIA128-SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-RSA-CAMELLIA256-SHA384 -=head2 Pre shared keying (PSK) ciphersuites +=head2 Pre-shared keying (PSK) ciphersuites PSK_WITH_NULL_SHA PSK-NULL-SHA DHE_PSK_WITH_NULL_SHA DHE-PSK-NULL-SHA @@ -654,7 +654,7 @@ Note: these ciphers can also be used in SSL v3. DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8 DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8 -=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2 +=head2 ChaCha20-Poly1305 cipher suites, extending TLS v1.2 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-RSA-CHACHA20-POLY1305 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-CHACHA20-POLY1305 @@ -710,8 +710,6 @@ L<s_client(1)>, L<s_server(1)>, L<ssl(3)> The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod index 2552f220ba..4a2b604a83 100644 --- a/doc/apps/cms.pod +++ b/doc/apps/cms.pod @@ -722,8 +722,6 @@ to OpenSSL 1.1.0. The -no_alt_chains options was first added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/config.pod b/doc/apps/config.pod index 499bc9e11a..a9cde8952a 100644 --- a/doc/apps/config.pod +++ b/doc/apps/config.pod @@ -90,7 +90,7 @@ section containing configuration module specific information. E.g. The features of each configuration module are described below. -=head2 ASN1 OBJECT CONFIGURATION MODULE +=head2 ASN1 Object Configuration Module This module has the name B<oid_section>. The value of this variable points to a section containing name value pairs of OIDs: the name is the OID short @@ -110,7 +110,7 @@ by a comma and the numerical OID form. For example: shortName = some object long name, 1.2.3.4 -=head2 ENGINE CONFIGURATION MODULE +=head2 Engine Configuration Module This ENGINE configuration module has the name B<engines>. The value of this variable points to a section containing further ENGINE configuration @@ -189,7 +189,7 @@ For example: # Supply all default algorithms default_algorithms = ALL -=head2 EVP CONFIGURATION MODULE +=head2 EVP Configuration Module This modules has the name B<alg_section> which points to a section containing algorithm commands. @@ -207,7 +207,7 @@ For example: fips_mode = on -=head2 SSL CONFIGURATION MODULE +=head2 SSL Configuration Module This module has the name B<ssl_conf> which points to a section containing SSL configurations. @@ -374,8 +374,6 @@ file. L<x509(1)>, L<req(1)>, L<ca(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod index cb5969ad83..0edff8d0f2 100644 --- a/doc/apps/crl.pod +++ b/doc/apps/crl.pod @@ -130,8 +130,6 @@ and files too. L<crl2pkcs7(1)>, L<ca(1)>, L<x509(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/crl2pkcs7.pod b/doc/apps/crl2pkcs7.pod index 26ec889549..a96699b6f8 100644 --- a/doc/apps/crl2pkcs7.pod +++ b/doc/apps/crl2pkcs7.pod @@ -93,8 +93,6 @@ install user certificates and CAs in MSIE using the Xenroll control. L<pkcs7(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod index 75b8ad9b1e..f0f984416b 100644 --- a/doc/apps/dgst.pod +++ b/doc/apps/dgst.pod @@ -228,8 +228,6 @@ prior to verification. The default digest was changed from MD5 to SHA256 in Openssl 1.1. The FIPS-related options were removed in OpenSSL 1.1 -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod index 771ef1b0ad..63cc0d372b 100644 --- a/doc/apps/dhparam.pod +++ b/doc/apps/dhparam.pod @@ -146,8 +146,6 @@ There should be a way to generate and manipulate DH keys. L<dsaparam(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod index 3a244cf3b0..caa06966e5 100644 --- a/doc/apps/dsa.pod +++ b/doc/apps/dsa.pod @@ -166,8 +166,6 @@ To just output the public part of a private key: L<dsaparam(1)>, L<gendsa(1)>, L<rsa(1)>, L<genrsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/dsaparam.pod b/doc/apps/dsaparam.pod index 753f3b19d5..08ad47faa6 100644 --- a/doc/apps/dsaparam.pod +++ b/doc/apps/dsaparam.pod @@ -112,8 +112,6 @@ DSA parameters is often used to generate several distinct keys. L<gendsa(1)>, L<dsa(1)>, L<genrsa(1)>, L<rsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ec.pod b/doc/apps/ec.pod index c1b6bb0714..10c5e859aa 100644 --- a/doc/apps/ec.pod +++ b/doc/apps/ec.pod @@ -194,8 +194,6 @@ To change the point conversion form to B<compressed>: L<ecparam(1)>, L<dsa(1)>, L<rsa(1)> -=cut - =head1 COPYRIGHT Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod index a41e005625..e55322c9b5 100644 --- a/doc/apps/ecparam.pod +++ b/doc/apps/ecparam.pod @@ -173,8 +173,6 @@ To print out the EC parameters to standard output: L<ec(1)>, L<dsaparam(1)> -=cut - =head1 COPYRIGHT Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod index 7abd980065..d790992189 100644 --- a/doc/apps/enc.pod +++ b/doc/apps/enc.pod @@ -336,8 +336,6 @@ certain parameters. So if, for example, you want to use RC2 with a The default digest was changed from MD5 to SHA256 in Openssl 1.1. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/engine.pod b/doc/apps/engine.pod index 32274df4cb..674ab565d2 100644 --- a/doc/apps/engine.pod +++ b/doc/apps/engine.pod @@ -92,8 +92,6 @@ To list the capabilities of the I<rsax> engine: [RSA] (dynamic) Dynamic engine loading support -=cut - =head1 COPYRIGHT Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/errstr.pod b/doc/apps/errstr.pod index fea95f85ba..5c6ecd3366 100644 --- a/doc/apps/errstr.pod +++ b/doc/apps/errstr.pod @@ -33,8 +33,6 @@ to produce the error message: L<err(3)> -=cut - =head1 COPYRIGHT Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/gendsa.pod b/doc/apps/gendsa.pod index 1e8387b20d..4fd1714792 100644 --- a/doc/apps/gendsa.pod +++ b/doc/apps/gendsa.pod @@ -79,8 +79,6 @@ much quicker that RSA key generation for example. L<dsaparam(1)>, L<dsa(1)>, L<genrsa(1)>, L<rsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/genpkey.pod b/doc/apps/genpkey.pod index 5d61b73d53..a916e76464 100644 --- a/doc/apps/genpkey.pod +++ b/doc/apps/genpkey.pod @@ -258,8 +258,6 @@ Generate EC key directly: The ability to use NIST curve names, and to generate an EC key directly, were added in OpenSSL 1.0.2. -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod index 9f0b8a433d..38e83f7261 100644 --- a/doc/apps/genrsa.pod +++ b/doc/apps/genrsa.pod @@ -103,8 +103,6 @@ be much larger (typically 1024 bits). L<gendsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/nseq.pod b/doc/apps/nseq.pod index a38d83f937..695496598e 100644 --- a/doc/apps/nseq.pod +++ b/doc/apps/nseq.pod @@ -72,8 +72,6 @@ It is used by Netscape certificate server for example. This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod index 60047947a1..50fb4fa410 100644 --- a/doc/apps/ocsp.pod +++ b/doc/apps/ocsp.pod @@ -449,8 +449,6 @@ to a second file. The -no_alt_chains options was first added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod index 46d0bb108d..b63754b9c9 100644 --- a/doc/apps/openssl.pod +++ b/doc/apps/openssl.pod @@ -64,7 +64,7 @@ availability of ciphers in the B<openssl> program. (B<no->I<XXX> is not able to detect pseudo-commands such as B<quit>, B<list>, or B<no->I<XXX> itself.) -=head2 STANDARD COMMANDS +=head2 Standard Commands =over 10 @@ -258,7 +258,7 @@ X.509 Certificate Data Management. =back -=head2 MESSAGE DIGEST COMMANDS +=head2 Message Digest Commands =over 10 @@ -304,7 +304,7 @@ SHA-512 Digest =back -=head2 ENCODING AND CIPHER COMMANDS +=head2 Encoding and Cipher Commands =over 10 @@ -415,8 +415,6 @@ The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0; For notes on the availability of other commands, see their individual manual pages. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod index a48b682c61..87dd8d868c 100644 --- a/doc/apps/passwd.pod +++ b/doc/apps/passwd.pod @@ -84,8 +84,6 @@ B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXj B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod index 012d09c72a..2f2c4d143d 100644 --- a/doc/apps/pkcs12.pod +++ b/doc/apps/pkcs12.pod @@ -356,8 +356,6 @@ Include some extra certificates: L<pkcs8(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod index abbcab2bef..8c3c11f88b 100644 --- a/doc/apps/pkcs7.pod +++ b/doc/apps/pkcs7.pod @@ -107,8 +107,6 @@ cannot currently parse, for example, the new CMS as described in RFC2630. L<crl2pkcs7(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod index a8892c66e2..d8522b2e04 100644 --- a/doc/apps/pkcs8.pod +++ b/doc/apps/pkcs8.pod @@ -263,8 +263,6 @@ L<gendsa(1)> The B<-iter> option was added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkey.pod b/doc/apps/pkey.pod index fd564c443f..2848502535 100644 --- a/doc/apps/pkey.pod +++ b/doc/apps/pkey.pod @@ -136,8 +136,6 @@ To just output the public part of a private key: L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>, L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)> -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkeyparam.pod b/doc/apps/pkeyparam.pod index 7472de03ce..6a8c4a806b 100644 --- a/doc/apps/pkeyparam.pod +++ b/doc/apps/pkeyparam.pod @@ -70,8 +70,6 @@ PEM format is supported because the key type is determined by the PEM headers. L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>, L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)> -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod index 73818db278..6b8e2bc277 100644 --- a/doc/apps/pkeyutl.pod +++ b/doc/apps/pkeyutl.pod @@ -274,8 +274,6 @@ L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)> L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>, L<EVP_PKEY_HKDF(3)>, L<EVP_PKEY_TLS1_PRF(3)> -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/rand.pod b/doc/apps/rand.pod index 9fd971809e..0faf6872a2 100644 --- a/doc/apps/rand.pod +++ b/doc/apps/rand.pod @@ -57,8 +57,6 @@ Show the output as a hex string. L<RAND_bytes(3)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/rehash.pod b/doc/apps/rehash.pod index 13cf44983a..62e39cf9e2 100644 --- a/doc/apps/rehash.pod +++ b/doc/apps/rehash.pod @@ -126,8 +126,6 @@ L<openssl(1)>, L<crl(1)>. L<x509(1)>. -=cut - =head1 COPYRIGHT Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/req.pod b/doc/apps/req.pod index e98d3a40b5..5440de5270 100644 --- a/doc/apps/req.pod +++ b/doc/apps/req.pod @@ -653,8 +653,6 @@ L<x509(1)>, L<ca(1)>, L<genrsa(1)>, L<gendsa(1)>, L<config(5)>, L<x509v3_config(5)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/rsa.pod b/doc/apps/rsa.pod index 9be51f9c8d..c3178ab398 100644 --- a/doc/apps/rsa.pod +++ b/doc/apps/rsa.pod @@ -204,8 +204,6 @@ without having to manually edit them. L<pkcs8(1)>, L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod index 3fb2e402c7..325c6911d6 100644 --- a/doc/apps/rsautl.pod +++ b/doc/apps/rsautl.pod @@ -192,8 +192,6 @@ which it can be seen agrees with the recovered value above. L<dgst(1)>, L<rsa(1)>, L<genrsa(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 0021983c7a..f5e3b63ccf 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -549,8 +549,6 @@ L<sess_id(1)>, L<s_server(1)>, L<ciphers(1)> The -no_alt_chains options was first added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index d7ddb748c1..f887cc668a 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -559,8 +559,6 @@ L<sess_id(1)>, L<s_client(1)>, L<ciphers(1)> The -no_alt_chains options was first added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/s_time.pod b/doc/apps/s_time.pod index 5a4381e305..acadd30025 100644 --- a/doc/apps/s_time.pod +++ b/doc/apps/s_time.pod @@ -182,8 +182,6 @@ fails. L<s_client(1)>, L<s_server(1)>, L<ciphers(1)> -=cut - =head1 COPYRIGHT Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod index 3eed13fd18..b3b77b7dcd 100644 --- a/doc/apps/sess_id.pod +++ b/doc/apps/sess_id.pod @@ -149,8 +149,6 @@ The cipher and start time should be printed out in human readable form. L<ciphers(1)>, L<s_server(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod index 1d25a411ce..05cefea7e2 100644 --- a/doc/apps/smime.pod +++ b/doc/apps/smime.pod @@ -500,8 +500,6 @@ added in OpenSSL 1.0.0 The -no_alt_chains options was first added to OpenSSL 1.1.0. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/speed.pod b/doc/apps/speed.pod index d6b333bba6..ab2c7d76ac 100644 --- a/doc/apps/speed.pod +++ b/doc/apps/speed.pod @@ -77,8 +77,6 @@ the above are tested. =back -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/spkac.pod b/doc/apps/spkac.pod index 3e637f5fa6..35c6a128d8 100644 --- a/doc/apps/spkac.pod +++ b/doc/apps/spkac.pod @@ -135,8 +135,6 @@ to be used in a "replay attack". L<ca(1)> -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod index 0f41a15bf2..02b2adaa2f 100644 --- a/doc/apps/ts.pod +++ b/doc/apps/ts.pod @@ -634,16 +634,12 @@ test/testtsa). =back -=cut - =head1 SEE ALSO L<tsget(1)>, L<openssl(1)>, L<req(1)>, L<x509(1)>, L<ca(1)>, L<genrsa(1)>, L<config(5)> -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/tsget.pod b/doc/apps/tsget.pod index e325697384..cf7817a0e7 100644 --- a/doc/apps/tsget.pod +++ b/doc/apps/tsget.pod @@ -187,8 +187,6 @@ example: L<openssl(1)>, L<ts(1)>, L<curl(1)>, B<RFC 3161> -=cut - =head1 COPYRIGHT Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod index f42b80646c..5d3467ee4c 100644 --- a/doc/apps/verify.pod +++ b/doc/apps/verify.pod @@ -540,135 +540,135 @@ B<-issuer_checks> option. Not used as of OpenSSL 1.1.0 as a result of the deprecation of the B<-issuer_checks> option. -=item B<33 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: unable to get CRL issuer certificate> +=item B<X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER> -TBA +Unable to get CRL issuer certificate. -=item B<34 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: unhandled critical extension> +=item B<X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION> -TBA +Unhandled critical extension. -=item B<35 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: key usage does not include CRL signing> +=item B<X509_V_ERR_KEYUSAGE_NO_CRL_SIGN> -TBA +Key usage does not include CRL signing. -=item B<36 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: unhandled critical CRL extension> +=item B<X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION> -TBA +Unhandled critical CRL extension. -=item B<37 X509_V_ERR_INVALID_NON_CA: invalid non-CA certificate has CA markings> +=item B<X509_V_ERR_INVALID_NON_CA> -TBA +Invalid non-CA certificate has CA markings. -=item B<38 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: proxy path length constraint exceeded> +=item B<X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED> -TBA +Proxy path length constraint exceeded. -=item B<39 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: key usage does not include digital signature> +=item B<X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE> -TBA +Key usage does not include digital signature. -=item B<40 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: proxy certificates not allowed, please set the appropriate flag> +=item B<X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED> -TBA +Proxy certificates not allowed, please set the appropriate flag. -=item B<41 X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension> +=item B<X509_V_ERR_INVALID_EXTENSION> -TBA +Invalid or inconsistent certificate extension. -=item B<42 X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension> +=item B<X509_V_ERR_INVALID_POLICY_EXTENSION> -TBA +Invalid or inconsistent certificate policy extension. -=item B<43 X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy> +=item B<X509_V_ERR_NO_EXPLICIT_POLICY> -TBA +No explicit policy. -=item B<44 X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope> +=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE> -TBA +Different CRL scope. -=item B<45 X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature> +=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE> -TBA +Unsupported extension feature. -=item B<46 X509_V_ERR_UNNESTED_RESOURCE: RFC 3779 resource not subset of parent's resources> +=item B<X509_V_ERR_UNNESTED_RESOURCE> -TBA +RFC 3779 resource not subset of parent's resources. -=item B<47 X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation> +=item B<X509_V_ERR_PERMITTED_VIOLATION> -TBA +Permitted subtree violation. -=item B<48 X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation> +=item B<X509_V_ERR_EXCLUDED_VIOLATION> -TBA +Excluded subtree violation. -=item B<49 X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported> +=item B<X509_V_ERR_SUBTREE_MINMAX> -TBA +Name constraints minimum and maximum not supported. -=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure> +=item B<X509_V_ERR_APPLICATION_VERIFICATION> -an application specific error. Unused. +Application verification failure. Unused. -=item B<51 X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type> +=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE> -TBA +Unsupported name constraint type. -=item B<52 X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax> +=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX> -TBA +Unsupported or invalid name constraint syntax. -=item B<53 X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: unsupported or invalid name syntax> +=item B<X509_V_ERR_UNSUPPORTED_NAME_SYNTAX> -TBA +Unsupported or invalid name syntax. -=item B<54 X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error> +=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR> -TBA +CRL path validation error. -=item B<55 X509_V_ERR_PATH_LOOP: Path Loop> +=item B<X509_V_ERR_PATH_LOOP> -TBA +Path loop. -=item B<56 X509_V_ERR_SUITE_B_INVALID_VERSION: Suite B: certificate version invalid> +=item B<X509_V_ERR_SUITE_B_INVALID_VERSION> -TBA +Suite B: certificate version invalid. -=item B<57 X509_V_ERR_SUITE_B_INVALID_ALGORITHM: Suite B: invalid public key algorithm> +=item B<X509_V_ERR_SUITE_B_INVALID_ALGORITHM> -TBA +Suite B: invalid public key algorithm. -=item B<58 X509_V_ERR_SUITE_B_INVALID_CURVE: Suite B: invalid ECC curve> +=item B<X509_V_ERR_SUITE_B_INVALID_CURVE> -TBA +Suite B: invalid ECC curve. -=item B<59 X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: Suite B: invalid signature algorithm> +=item B<X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM> -TBA +Suite B: invalid signature algorithm. -=item B<60 X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: Suite B: curve not allowed for this LOS> +=item B<X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED> -TBA +Suite B: curve not allowed for this LOS. -=item B<61 X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: Suite B: cannot sign P-384 with P-256> +=item B<X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256> -TBA +Suite B: cannot sign P-384 with P-256. -=item B<62 X509_V_ERR_HOSTNAME_MISMATCH: Hostname mismatch> +=item B<X509_V_ERR_HOSTNAME_MISMATCH> -TBA +Hostname mismatch. -=item B<63 X509_V_ERR_EMAIL_MISMATCH: Email address mismatch> +=item B<X509_V_ERR_EMAIL_MISMATCH> -TBA +Email address mismatch. -=item B<64 X509_V_ERR_IP_ADDRESS_MISMATCH: IP address mismatch> +=item B<X509_V_ERR_IP_ADDRESS_MISMATCH> -TBA +IP address mismatch. -=item B<65 X509_V_ERR_DANE_NO_MATCH: No matching DANE TLSA records> +=item B<X509_V_ERR_DANE_NO_MATCH> DANE TLSA authentication is enabled, but no TLSA records matched the certificate chain. @@ -702,8 +702,6 @@ The B<-show_chain> option was first added to OpenSSL 1.1.0. The B<-issuer_checks> option is deprecated as of OpenSSL 1.1.0 and is silently ignored. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/version.pod b/doc/apps/version.pod index 0bbfd6a642..a97ed20445 100644 --- a/doc/apps/version.pod +++ b/doc/apps/version.pod @@ -68,8 +68,6 @@ ENGINESDIR setting. The output of B<openssl version -a> would typically be used when sending in a bug report. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod index eb6d06d7b7..72ed6cff9c 100644 --- a/doc/apps/x509.pod +++ b/doc/apps/x509.pod @@ -73,7 +73,7 @@ various sections. =head1 OPTIONS -=head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS +=head2 Input, Output, and General Purpose Options =over 4 @@ -123,7 +123,7 @@ for all available algorithms. =back -=head2 DISPLAY OPTIONS +=head2 Display Options Note: the B<-alias> and B<-purpose> options are also display options but are described in the B<TRUST SETTINGS> section. @@ -239,7 +239,7 @@ this outputs the certificate in the form of a C source file. =back -=head2 TRUST SETTINGS +=head2 Trust Settings A B<trusted certificate> is an ordinary certificate which has several additional pieces of information attached to it such as the permitted @@ -311,7 +311,7 @@ EXTENSIONS> section. =back -=head2 SIGNING OPTIONS +=head2 Signing Options The B<x509> utility can be used to sign certificates and requests: it can thus behave like a "mini CA". @@ -438,7 +438,7 @@ The format or B<key> can be specified using the B<-keyform> option. =back -=head2 NAME OPTIONS +=head2 Name Options The B<nameopt> command line switch determines how the subject and issuer names are displayed. If no B<nameopt> switch is present the default "oneline" @@ -581,7 +581,7 @@ name. =back -=head2 TEXT OPTIONS +=head2 Text Options As well as customising the name output format, it is also possible to customise the actual fields printed using the B<certopt> options when @@ -893,8 +893,6 @@ of the distinguished name. In OpenSSL 1.0.0 and later it is based on a canonical version of the DN using SHA1. This means that any directories using the old form must have their links rebuilt using B<c_rehash> or similar. -=cut - =head1 COPYRIGHT Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod index 10967b9cbc..6e90b350b6 100644 --- a/doc/apps/x509v3_config.pod +++ b/doc/apps/x509v3_config.pod @@ -224,7 +224,7 @@ Example: authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html -=head2 CRL distribution points. +=head2 CRL distribution points This is a multi-valued extension whose options can be either in name:value pair using the same form as subject alternative name or a single value representing @@ -529,9 +529,6 @@ will only recognize the last value. This can be worked around by using the form: L<req(1)>, L<ca(1)>, L<x509(1)>, L<ASN1_generate_nconf(3)> - -=cut - =head1 COPYRIGHT Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. |