add references to verify(1) man page for args_verify() options

cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.

diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index 66be0bf2a57fbd083b8c6282509a49da2f0a4387..fb2dff463d5a3da033d2f90fd9bf149761e8bcad 100644 (file)
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -35,7 +35,32 @@ B<openssl> B<cms>
 [B<-print>]
 [B<-CAfile file>]
 [B<-CApath dir>]
 [B<-print>]
 [B<-CAfile file>]
 [B<-CApath dir>]

+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-ignore_critical>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
+[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]

 [B<-trusted_first>]
 [B<-trusted_first>]

+[B<-use_deltas>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]

 [B<-md digest>]
 [B<-[cipher]>]
 [B<-nointern>]
 [B<-md digest>]
 [B<-[cipher]>]
 [B<-nointern>]


@@ -430,7 +455,13 @@ portion of a message so they may be included manually. If signing
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 

-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first>
+=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
+B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
+B<-verify_name>, B<-x509_strict>

 
 Set various certificate chain valiadition options. See the
 L<B<verify>|verify(1)> manual page for details.
 
 Set various certificate chain valiadition options. See the
 L<B<verify>|verify(1)> manual page for details.

diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 6939e55a2a92d97374e5f4dba8737c00784023d9..9758474f1c3fe9c1d69a2cc8004056fde70ccc7a 100644 (file)
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -29,7 +29,32 @@ B<openssl> B<ocsp>
 [B<-path>]
 [B<-CApath dir>]
 [B<-CAfile file>]
 [B<-path>]
 [B<-CApath dir>]
 [B<-CAfile file>]

+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-ignore_critical>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
+[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]

 [B<-trusted_first>]
 [B<-trusted_first>]

+[B<-use_deltas>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]

 [B<-VAfile file>]
 [B<-validity_period n>]
 [B<-status_age n>]
 [B<-VAfile file>]
 [B<-validity_period n>]
 [B<-status_age n>]


@@ -139,9 +164,15 @@ or "/" by default.
 file or pathname containing trusted CA certificates. These are used to verify
 the signature on the OCSP response.
 
 file or pathname containing trusted CA certificates. These are used to verify
 the signature on the OCSP response.
 

-=item B<-trusted_first>
+=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
+B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
+B<-verify_name>, B<-x509_strict>

 
 

-Set certificate verification option.
+Set different certificate verification options.

 See L<B<verify>|verify(1)> manual page for details.
 
 =item B<-verify_other file>
 See L<B<verify>|verify(1)> manual page for details.
 
 =item B<-verify_other file>

diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index 55c501e29dccf53544bc32c2cd66f67b2263ad48..27764486d826acf7ad4b55446c524ccc1214a4a5 100644 (file)
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -19,6 +19,32 @@ B<openssl> B<s_client>
 [B<-CApath directory>]
 [B<-CAfile filename>]
 [B<-trusted_first>]
 [B<-CApath directory>]
 [B<-CAfile filename>]
 [B<-trusted_first>]

+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-ignore_critical>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
+[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]
+[B<-trusted_first>]
+[B<-use_deltas>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]

 [B<-reconnect>]
 [B<-pause>]
 [B<-showcerts>]
 [B<-reconnect>]
 [B<-pause>]
 [B<-showcerts>]


@@ -117,7 +143,13 @@ also used when building the client certificate chain.
 A file containing trusted certificates to use during server authentication
 and to use when attempting to build the client certificate chain.
 
 A file containing trusted certificates to use during server authentication
 and to use when attempting to build the client certificate chain.
 

-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first>
+=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
+B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
+B<-verify_name>, B<-x509_strict>

 
 Set various certificate chain valiadition options. See the
 L<B<verify>|verify(1)> manual page for details.
 
 Set various certificate chain valiadition options. See the
 L<B<verify>|verify(1)> manual page for details.

diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index 1de307a0ff4418294d6d4c80bb92cffd1ab1b6e7..1006b43f2ed0d654748e6f14ef1c0d2dfd32e7e2 100644 (file)
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -34,7 +34,30 @@ B<openssl> B<s_server>
 [B<-state>]
 [B<-CApath directory>]
 [B<-CAfile filename>]
 [B<-state>]
 [B<-CApath directory>]
 [B<-CAfile filename>]

+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-ignore_critical>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
+[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]

 [B<-trusted_first>]
 [B<-trusted_first>]

+[B<-use_deltas>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]

 [B<-nocert>]
 [B<-cipher cipherlist>]
 [B<-quiet>]
 [B<-nocert>]
 [B<-cipher cipherlist>]
 [B<-quiet>]


@@ -184,9 +207,14 @@ and to use when attempting to build the server certificate chain. The list
 is also used in the list of acceptable client CAs passed to the client when
 a certificate is requested.
 
 is also used in the list of acceptable client CAs passed to the client when
 a certificate is requested.
 

-=item B<-trusted_first>
+=item B<-attime>, B<-check_ss_sig>, B<explicit_policy>, B<-extended_crl>,
+B<-ignore_critical>, B<-inhibit_any>, B<-inhibit_map>, B<-issuer_checks>,
+B<-partial_chain>, B<-policy>, B<-policy_check>, B<-policy_print>, B<-purpose>,
+B<-suiteB_128>, B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>,
+B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
+B<-verify_ip>, B<-verify_name>, B<-x509_strict>

 
 

-Set certificate verification option.
+Set different peer certificate verification options.

 See the L<B<verify>|verify(1)> manual page for details.
 
 =item B<-state>
 See the L<B<verify>|verify(1)> manual page for details.
 
 =item B<-state>

diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
index 8b483e3f081c056b0fc186e9c50c29a14924c3f1..c85a44b923df0e8176d713e98a46c54ea7fe8848 100644 (file)
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@@ -17,7 +17,32 @@ B<openssl> B<smime>
 [B<-in file>]
 [B<-CAfile file>]
 [B<-CApath dir>]
 [B<-in file>]
 [B<-CAfile file>]
 [B<-CApath dir>]

+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-ignore_critical>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
+[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]

 [B<-trusted_first>]
 [B<-trusted_first>]

+[B<-use_deltas>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]

 [B<-certfile file>]
 [B<-signer file>]
 [B<-recip  file>]
 [B<-certfile file>]
 [B<-signer file>]
 [B<-recip  file>]


@@ -262,7 +287,13 @@ portion of a message so they may be included manually. If signing
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 

-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first>
+=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,
+B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,
+B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,
+B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,
+B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,
+B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>,
+B<-verify_name>, B<-x509_strict>

 
 Set various options of certificate chain verification. See
 L<B<verify>|verify(1)> manual page for details.
 
 Set various options of certificate chain verification. See
 L<B<verify>|verify(1)> manual page for details.