projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 5c4b8c6)
GH875: Document -no_check_time
authorRich Salz <rsalz@openssl.org>
Mon, 2 May 2016 21:03:55 +0000 (17:03 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 2 May 2016 21:03:55 +0000 (17:03 -0400)
Date:   Tue Mar 15 15:19:44 2016 +0100

This commit updates the documentation of cms, ocsp, s_client,
s_server, and verify to reflect the new "-no_check_time"
option introduced in commit d35ff2c0ade0a12e84aaa2e9841b4983a2f3cf45
on 2015-07-31.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
doc/apps/cms.pod patch | blob | history
doc/apps/ocsp.pod patch | blob | history
doc/apps/s_client.pod patch | blob | history
doc/apps/s_server.pod patch | blob | history
doc/apps/verify.pod patch | blob | history

diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index 42c351489cd402c7164f4d550f352c48a0f8585e..e0e8e7d18ef64739c7b4dfe6965b204b189e3906 100644 (file)
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -47,6 +47,7 @@ B<openssl> B<cms>
 [B<-ignore_critical>]
 [B<-inhibit_any>]
 [B<-inhibit_map>]
+[B<-no_check_time>]
 [B<-partial_chain>]
 [B<-policy arg>]
 [B<-policy_check>]
@@ -473,7 +474,7 @@ address matches that specified in the From: address.
 
 =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
 B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
+B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
 B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
 B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
 B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index c796fd5966d86983cfa0a1b6f778f58009e99448..3e667e678ecdf459d962743d3f0bfead1588c68b 100644 (file)
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -42,6 +42,7 @@ B<openssl> B<ocsp>
 [B<-ignore_critical>]
 [B<-inhibit_any>]
 [B<-inhibit_map>]
+[B<-no_check_time>]
 [B<-partial_chain>]
 [B<-policy arg>]
 [B<-policy_check>]
@@ -195,7 +196,7 @@ Do not load the trusted CA certificates from the default directory location
 
 =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
 B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
+B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
 B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
 B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
 B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index e06af14ec95f3e22800e7d6d2b2e406536a16312..2a62656c41672a6634e1624fe32178220295a5e2 100644 (file)
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -34,6 +34,7 @@ B<openssl> B<s_client>
 [B<-ignore_critical>]
 [B<-inhibit_any>]
 [B<-inhibit_map>]
+[B<-no_check_time>]
 [B<-partial_chain>]
 [B<-policy arg>]
 [B<-policy_check>]
@@ -227,7 +228,7 @@ whitespace is ignored in the associated data field.  For example:
 
 =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
 B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
+B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
 B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
 B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
 B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index 08554f453046affdeac486b03fe8c867e19ed79d..ef2786756e3e2e6dcfadbbad74e1953ee6878c81 100644 (file)
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -44,6 +44,7 @@ B<openssl> B<s_server>
 [B<-ignore_critical>]
 [B<-inhibit_any>]
 [B<-inhibit_map>]
+[B<-no_check_time>]
 [B<-partial_chain>]
 [B<-policy arg>]
 [B<-policy_check>]
@@ -232,7 +233,7 @@ anonymous ciphersuite or PSK) this option has no effect.
 
 =item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
 B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
-B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,
+B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,
 B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
 B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
 B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
index 96d6be4a4db992a160f731e4ec9d726f5333af9d..673a05a34a5ac6fcaa0705ca738b99024f59df0c 100644 (file)
--- a/doc/apps/verify.pod
+++ b/doc/apps/verify.pod
@@ -24,6 +24,7 @@ B<openssl> B<verify>
 [B<-ignore_critical>]
 [B<-inhibit_any>]
 [B<-inhibit_map>]
+[B<-no_check_time>]
 [B<-partial_chain>]
 [B<-policy arg>]
 [B<-policy_check>]
@@ -145,6 +146,12 @@ Set policy variable inhibit-any-policy (see RFC5280).
 
 Set policy variable inhibit-policy-mapping (see RFC5280).
 
+=item B<-no_check_time>
+
+This option suppresses checking the validity period of certificates and CRLs 
+against the current time. If option B<-attime timestamp> is used to specify 
+a verification time, the check is not suppressed.
+
 =item B<-partial_chain>
 
 Allow verification to succeed even if a I<complete> chain cannot be built to a
Unnamed repository; edit this file 'description' to name the repository.