#! /usr/bin/env perl
-# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# Set some Perl variables for use by util/dofile.pl when processing
# POD files (mainly man1).
+use configdata;
+
# Verify options
$OpenSSL::safe::opt_v_synopsis = ""
. "[B<-allow_proxy_certs>]\n"
. "[B<-verify_ip> I<ip>]\n"
. "[B<-verify_name> I<name>]\n"
. "[B<-x509_strict>]\n"
-. "[B<-issuer_checks>]\n";
+. "[B<-issuer_checks>]";
$OpenSSL::safe::opt_v_item = ""
. "=item B<-allow_proxy_certs>, B<-attime>, B<-no_check_time>,\n"
. "B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,\n"
. "B<-verify_ip>, B<-verify_name>, B<-x509_strict> B<-issuer_checks>\n"
. "\n"
. "Set various options of certificate chain verification.\n"
-. "See L<openssl(1)/Verification Options> for details.";
+. "See L<openssl-verification-options(1)/Verification Options> for details.";
# Extended validation options.
$OpenSSL::safe::opt_x_synopsis = ""
-. "[B<-xkey>] I<infile>\n"
+. "[B<-xkey> I<infile>]\n"
. "[B<-xcert> I<file>]\n"
-. "[B<-xchain>] I<file>\n"
-. "[B<-xchain_build>] I<file>\n"
+. "[B<-xchain> I<file>]\n"
+. "[B<-xchain_build> I<file>]\n"
. "[B<-xcertform> B<DER>|B<PEM>]>\n"
. "[B<-xkeyform> B<DER>|B<PEM>]>";
$OpenSSL::safe::opt_x_item = ""
-. "=item B<xkey> I<infile>, B<-xcert> I<file>, B<-xchain> I<file>,\n"
+. "=item B<-xkey> I<infile>, B<-xcert> I<file>, B<-xchain> I<file>,\n"
. "B<-xchain_build> I<file>, B<-xcertform> B<DER>|B<PEM>,\n"
-. "B<-xkeyform> B<DER>|B<PEM>>\n"
+. "B<-xkeyform> B<DER>|B<PEM>\n"
. "\n"
. "Set extended certificate verification options.\n"
-. "See L<openssl(1)/Extended Verification Options> for details.";
+. "See L<openssl-verification-options(1)/Extended Verification Options> for details.";
# Name output options
$OpenSSL::safe::opt_name_synopsis = ""
. "=item B<-nameopt> I<option>\n"
. "\n"
. "This specifies how the subject or issuer names are displayed.\n"
-. "See L<openssl(1)/Name Format Options> for details.";
+. "See L<openssl-namedisplay-options(1)> for details.";
# Random State Options
$OpenSSL::safe::opt_r_synopsis = ""
. "\n"
. "See L<openssl(1)/Random State Options> for details.";
-# Engine option
-$OpenSSL::safe::opt_engine_synopsis = ""
-. "[B<-engine> I<id>]";
-$OpenSSL::safe::opt_engine_item = ""
-. "=item B<-engine> I<id>\n"
+# Provider options
+$OpenSSL::safe::opt_provider_synopsis = ""
+. "[B<-provider> I<name>]\n"
+. "[B<-provider-path> I<path>]\n"
+. "[B<-propquery> I<propq>]";
+$OpenSSL::safe::opt_provider_item = ""
+. "=item B<-provider> I<name>\n"
+. "\n"
+. "=item B<-provider-path> I<path>\n"
+. "\n"
+. "=item B<-propquery> I<propq>\n"
+. "\n"
+. "See L<openssl(1)/Provider Options>, L<provider(7)>, and L<property(7)>.";
+
+# Configuration option
+$OpenSSL::safe::opt_config_synopsis = ""
+. "[B<-config> I<configfile>]";
+$OpenSSL::safe::opt_config_item = ""
+. "=item B<-config> I<configfile>\n"
. "\n"
-. "See L<openssl(1)/Engine Options>.";
+. "See L<openssl(1)/Configuration Option>.";
+
+# Engine option
+$OpenSSL::safe::opt_engine_synopsis = "";
+$OpenSSL::safe::opt_engine_item = "";
+if (!$disabled{"deprecated-3.0"}) {
+ $OpenSSL::safe::opt_engine_synopsis = ""
+ . "[B<-engine> I<id>]\n";
+ $OpenSSL::safe::opt_engine_item = ""
+ . "=item B<-engine> I<id>\n"
+ . "\n"
+ . "See L<openssl(1)/Engine Options>.\n"
+ . "This option is deprecated.";
+}
# Trusted certs options
$OpenSSL::safe::opt_trust_synopsis = ""
. "=item B<-CAfile> I<file>, B<-no-CAfile>, B<-CApath> I<dir>, B<-no-CApath>,\n"
. "B<-CAstore> I<uri>, B<-no-CAstore>\n"
. "\n"
-. "See L<openssl(1)/Trusted Certificate Options> for details.";
+. "See L<openssl-verification-options(1)/Trusted Certificate Options> for details.";
# TLS Version Options
$OpenSSL::safe::opt_versiontls_synopsis = ""
. "See L<openssl(1)/TLS Version Options>.";
# SSL connection options.
-# TODO options will probably be re-ordered.
+# TODO # options will probably be re-ordered.
$OpenSSL::safe::opt_s_synopsis = ""
. "[B<-bugs>]\n"
. "[B<-no_comp>]\n"
+. "[B<-comp>]\n"
. "[B<-no_ticket>]\n"
. "[B<-serverpref>]\n"
+. "[B<-client_renegotiation>]\n"
. "[B<-legacy_renegotiation>]\n"
. "[B<-no_renegotiation>]\n"
-. "[B<-legacy_server_connect>]\n"
. "[B<-no_resumption_on_reneg>]\n"
+. "[B<-legacy_server_connect>]\n"
. "[B<-no_legacy_server_connect>]\n"
+. "[B<-no_etm>]\n"
. "[B<-allow_no_dhe_kex>]\n"
+. "[B<-prefer_no_dhe_kex>]\n"
. "[B<-prioritize_chacha>]\n"
. "[B<-strict>]\n"
. "[B<-sigalgs> I<algs>]\n"
. "[B<-client_sigalgs> I<algs>]\n"
. "[B<-groups> I<groups>]\n"
. "[B<-curves> I<curves>]\n"
-. "[B<-named_curve> I<curves>]\n"
+. "[B<-named_curve> I<curve>]\n"
. "[B<-cipher> I<ciphers>]\n"
. "[B<-ciphersuites> I<1.3ciphers>]\n"
. "[B<-min_protocol> I<minprot>]\n"
. "[B<-debug_broken_protocol>]\n"
. "[B<-no_middlebox>]";
$OpenSSL::safe::opt_s_item = ""
-. "=item B<-bugs>, B<-no_comp>, B<-no_ticket>, B<-serverpref>,"
-. "B<-legacy_renegotiation>, B<-no_renegotiation>, B<-legacy_server_connect>,\n"
-. "B<-no_resumption_on_reneg>, B<-no_legacy_server_connect>,\n"
-. "B<-allow_no_dhe_kex>, B<-prioritize_chacha>, B<-strict>, B<-sigalgs>\n"
+. "=item B<-bugs>, B<-comp>, B<-no_comp>, B<-no_ticket>, B<-serverpref>,\n"
+. "B<-client_renegotiation>,\n"
+. "B<-legacy_renegotiation>, B<-no_renegotiation>,\n"
+. "B<-no_resumption_on_reneg>,\n"
+. "B<-legacy_server_connect>, B<-no_legacy_server_connect>, B<-no_etm>\n"
+. "B<-allow_no_dhe_kex>, B<-prefer_no_dhe_kex>,\n"
+. "B<-prioritize_chacha>, B<-strict>, B<-sigalgs>\n"
. "I<algs>, B<-client_sigalgs> I<algs>, B<-groups> I<groups>, B<-curves>\n"
-. "I<curves>, B<-named_curve> I<curves>, B<-cipher> I<ciphers>, B<-ciphersuites>\n"
+. "I<curves>, B<-named_curve> I<curve>, B<-cipher> I<ciphers>, B<-ciphersuites>\n"
. "I<1.3ciphers>, B<-min_protocol> I<minprot>, B<-max_protocol> I<maxprot>,\n"
. "B<-record_padding> I<padding>, B<-debug_broken_protocol>, B<-no_middlebox>\n"
. "\n"