From 3a4e43de473ee80347036d78163889b6b1221210 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Tue, 8 Oct 2019 13:10:04 -0400 Subject: [PATCH] Refactor -passin/-passout documentation Always refer to openssl.pod instead of repeating the same description everywhere. Reviewed-by: Tomas Mraz Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10126) --- apps/list.c | 3 +++ doc/man1/openssl-ca.pod | 2 +- doc/man1/openssl-cms.pod | 2 +- doc/man1/openssl-dgst.pod | 2 +- doc/man1/openssl-dsa.pod | 12 ++++-------- doc/man1/openssl-ec.pod | 12 ++++-------- doc/man1/openssl-enc.pod | 2 +- doc/man1/openssl-genpkey.pod | 2 +- doc/man1/openssl-genrsa.pod | 2 +- doc/man1/openssl-pkcs12.pod | 31 ++++++++----------------------- doc/man1/openssl-pkcs8.pod | 12 ++++-------- doc/man1/openssl-pkey.pod | 12 ++++-------- doc/man1/openssl-pkeyutl.pod | 2 +- doc/man1/openssl-req.pod | 12 ++++-------- doc/man1/openssl-rsa.pod | 12 ++++-------- doc/man1/openssl-s_client.pod | 2 +- doc/man1/openssl-s_server.pod | 2 +- doc/man1/openssl-smime.pod | 2 +- doc/man1/openssl-spkac.pod | 2 +- doc/man1/openssl-srp.pod | 32 +++++++++++++++++++++----------- doc/man1/openssl-storeutl.pod | 2 +- doc/man1/openssl-x509.pod | 2 +- 22 files changed, 69 insertions(+), 95 deletions(-) diff --git a/apps/list.c b/apps/list.c index 77fd20e1e1..8c0d9c9b44 100644 --- a/apps/list.c +++ b/apps/list.c @@ -331,11 +331,14 @@ static void list_options_for_command(const char *command) return; for ( ; o->name != NULL; o++) { + char c = o->valtype; + if (o->name == OPT_HELP_STR || o->name == OPT_MORE_STR || o->name[0] == '\0') continue; BIO_printf(bio_out, "%s %c\n", o->name, o->valtype); + BIO_printf(bio_out, "%s %c\n", o->name, c == '\0' ? '-' : c); } /* Always output the -- marker since it is sometimes documented. */ BIO_printf(bio_out, "- -\n"); diff --git a/doc/man1/openssl-ca.pod b/doc/man1/openssl-ca.pod index a939f4d6e3..6f6580cb54 100644 --- a/doc/man1/openssl-ca.pod +++ b/doc/man1/openssl-ca.pod @@ -166,7 +166,7 @@ self-signed certificate. =item B<-passin> I The key password source. For more information about the format of B -see L. +see L. =item B<-notext> diff --git a/doc/man1/openssl-cms.pod b/doc/man1/openssl-cms.pod index 0468fdbd9e..40ffd0fdde 100644 --- a/doc/man1/openssl-cms.pod +++ b/doc/man1/openssl-cms.pod @@ -474,7 +474,7 @@ or to modify default parameters for ECDH. =item B<-passin> I The private key password source. For more information about the format of B -see L. +see L. =item B<-rand> I diff --git a/doc/man1/openssl-dgst.pod b/doc/man1/openssl-dgst.pod index 5f836f9cb5..b2da9229cf 100644 --- a/doc/man1/openssl-dgst.pod +++ b/doc/man1/openssl-dgst.pod @@ -101,7 +101,7 @@ Names and values of these options are algorithm-specific. =item B<-passin> I The private key password source. For more information about the format of I -see L. +see L. =item B<-verify> I diff --git a/doc/man1/openssl-dsa.pod b/doc/man1/openssl-dsa.pod index 3e3a114252..14a95284f1 100644 --- a/doc/man1/openssl-dsa.pod +++ b/doc/man1/openssl-dsa.pod @@ -73,11 +73,6 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin> I - -The input file password source. For more information about the format of I -see L. - =item B<-out> I This specifies the output filename to write a key to or standard output by @@ -85,10 +80,11 @@ is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout> I +=item B<-passin> I, B<-passout> I -The output file password source. For more information about the format of I -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> diff --git a/doc/man1/openssl-ec.pod b/doc/man1/openssl-ec.pod index 8f09692007..82a33bbe24 100644 --- a/doc/man1/openssl-ec.pod +++ b/doc/man1/openssl-ec.pod @@ -66,11 +66,6 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin> I - -The input file password source. For more information about the format of I -see L. - =item B<-out> I This specifies the output filename to write a key to or standard output by @@ -78,10 +73,11 @@ is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout> I +=item B<-passin> I, B<-passout> I -The output file password source. For more information about the format of I -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-des>|B<-des3>|B<-idea> diff --git a/doc/man1/openssl-enc.pod b/doc/man1/openssl-enc.pod index f2608a59f7..327356da1c 100644 --- a/doc/man1/openssl-enc.pod +++ b/doc/man1/openssl-enc.pod @@ -73,7 +73,7 @@ The output filename, standard output by default. =item B<-pass> I The password source. For more information about the format of I -see L. +see L. =item B<-e> diff --git a/doc/man1/openssl-genpkey.pod b/doc/man1/openssl-genpkey.pod index bace33a38a..3fd6bef091 100644 --- a/doc/man1/openssl-genpkey.pod +++ b/doc/man1/openssl-genpkey.pod @@ -45,7 +45,7 @@ This specifies the output format DER or PEM. The default format is PEM. =item B<-pass> I The output file password source. For more information about the format of I -see L. +see L. =item B<-I> diff --git a/doc/man1/openssl-genrsa.pod b/doc/man1/openssl-genrsa.pod index 39e221c9a9..27ca9f7402 100644 --- a/doc/man1/openssl-genrsa.pod +++ b/doc/man1/openssl-genrsa.pod @@ -52,7 +52,7 @@ standard output is used. =item B<-passout> I The output file password source. For more information about the format -see L. +see L. =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> diff --git a/doc/man1/openssl-pkcs12.pod b/doc/man1/openssl-pkcs12.pod index 4ea722b6e0..af044d5da1 100644 --- a/doc/man1/openssl-pkcs12.pod +++ b/doc/man1/openssl-pkcs12.pod @@ -76,22 +76,10 @@ by default. The filename to write certificates and private keys to, standard output by default. They are all written in PEM format. -=item B<-passin> I - -The PKCS#12 file (i.e. input file) password source. For more information about -the format of I -see L. - -=item B<-passout> I - -Pass phrase source to encrypt any outputted private keys with. For more -information about the format of I -see L. - =item B<-password> I -With -export, -password is equivalent to -passout. -Otherwise, -password is equivalent to -passin. +With B<-export>, B<-password> is equivalent to B<-passout>, +otherwise it is equivalent to B<-passin>. =item B<-noout> @@ -156,7 +144,7 @@ Don't attempt to verify the integrity MAC before reading the file. Prompt for separate integrity and encryption passwords: most software always assumes these are the same so this option will render such PKCS#12 files unreadable. Cannot be used in combination with the options --password, -passin (if importing) or -passout (if exporting). +B<-password>, B<-passin> if importing, or B<-passout> if exporting. =back @@ -204,15 +192,12 @@ used multiple times to specify names for all certificates in the order they appear. Netscape ignores friendly names on other certificates whereas MSIE displays them. -=item B<-pass> I, B<-passout> I - -The PKCS#12 file (i.e. output file) password source. For more information about -the format of I see L. - -=item B<-passin> I +=item B<-passin> I, B<-passout> I -Pass phrase source to decrypt any input private keys with. For more information -about the format of I see L. +The password source for the input, and for encrypting any private keys that +are output. +For more information about the format of B +see L. =item B<-chain> diff --git a/doc/man1/openssl-pkcs8.pod b/doc/man1/openssl-pkcs8.pod index a3b6b7b762..7015ab9fa3 100644 --- a/doc/man1/openssl-pkcs8.pod +++ b/doc/man1/openssl-pkcs8.pod @@ -73,10 +73,11 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin> I +=item B<-passin> I, B<-passout> I -The input file password source. For more information about the format of I -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-out> I @@ -85,11 +86,6 @@ default. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout> I - -The output file password source. For more information about the format of I -see L. - =item B<-iter> I When creating new PKCS#8 containers, use a given number of iterations on diff --git a/doc/man1/openssl-pkey.pod b/doc/man1/openssl-pkey.pod index 4177a6fedf..66ec9d17c3 100644 --- a/doc/man1/openssl-pkey.pod +++ b/doc/man1/openssl-pkey.pod @@ -55,10 +55,11 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin> I +=item B<-passin> I, B<-passout> I -The input file password source. For more information about the format of I -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-out> I @@ -67,11 +68,6 @@ option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout> I - -The output file password source. For more information about the format of I -see L. - =item B<-traditional> Normally a private key is written using standard format: this is PKCS#8 form diff --git a/doc/man1/openssl-pkeyutl.pod b/doc/man1/openssl-pkeyutl.pod index 1f231ba325..b614b4af37 100644 --- a/doc/man1/openssl-pkeyutl.pod +++ b/doc/man1/openssl-pkeyutl.pod @@ -95,7 +95,7 @@ The key format PEM, DER or ENGINE. Default is PEM. =item B<-passin> I The input key password source. For more information about the format of I -see L. +see L. =item B<-peerkey> I diff --git a/doc/man1/openssl-req.pod b/doc/man1/openssl-req.pod index d0d1700ef8..13126734a4 100644 --- a/doc/man1/openssl-req.pod +++ b/doc/man1/openssl-req.pod @@ -90,21 +90,17 @@ options (B<-new> and B<-newkey>) are not specified. Pass options to the signature algorithm during sign or verify operations. Names and values of these options are algorithm-specific. -=item B<-passin> I +=item B<-passin> I, B<-passout> I -The input file password source. For more information about the format of B -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-out> I This specifies the output filename to write to or standard output by default. -=item B<-passout> I - -The output file password source. For more information about the format of B -see L. - =item B<-text> Prints out the certificate request in text form. diff --git a/doc/man1/openssl-rsa.pod b/doc/man1/openssl-rsa.pod index 7c2fd9effa..61a3f267e5 100644 --- a/doc/man1/openssl-rsa.pod +++ b/doc/man1/openssl-rsa.pod @@ -73,10 +73,11 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin> I +=item B<-passin> I, B<-passout> I -The input file password source. For more information about the format of I -see L. +The password source for the input and output file. +For more information about the format of B +see L. =item B<-out> I @@ -85,11 +86,6 @@ option is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout> I - -The output file password source. For more information about the format of I -see L. - =item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> These options encrypt the private key with the specified diff --git a/doc/man1/openssl-s_client.pod b/doc/man1/openssl-s_client.pod index 8ad2679b63..598e6836bc 100644 --- a/doc/man1/openssl-s_client.pod +++ b/doc/man1/openssl-s_client.pod @@ -200,7 +200,7 @@ the network. Use with caution. The proxy password source, used with the B<-proxy_user> flag. For more information about the format of B -see L. +see L. =item B<-unix> I diff --git a/doc/man1/openssl-s_server.pod b/doc/man1/openssl-s_server.pod index e99d3b6a66..4c44db820a 100644 --- a/doc/man1/openssl-s_server.pod +++ b/doc/man1/openssl-s_server.pod @@ -306,7 +306,7 @@ The private format to use: DER or PEM. PEM is the default. =item B<-pass> I The private key password source. For more information about the format of B -see L. +see L. =item B<-dcert> I, B<-dkey> I diff --git a/doc/man1/openssl-smime.pod b/doc/man1/openssl-smime.pod index 4faf37868d..50fabe3fb1 100644 --- a/doc/man1/openssl-smime.pod +++ b/doc/man1/openssl-smime.pod @@ -296,7 +296,7 @@ specified, the argument is given to the engine as a key identifier. =item B<-passin> I The private key password source. For more information about the format of I -see L. +see L. =item B<-rand> I diff --git a/doc/man1/openssl-spkac.pod b/doc/man1/openssl-spkac.pod index fb64a6793c..0f26986f92 100644 --- a/doc/man1/openssl-spkac.pod +++ b/doc/man1/openssl-spkac.pod @@ -61,7 +61,7 @@ The default is PEM. =item B<-passin> I The input file password source. For more information about the format of I -see L. +see L. =item B<-challenge> I diff --git a/doc/man1/openssl-srp.pod b/doc/man1/openssl-srp.pod index 8890e00e94..d25867a36b 100644 --- a/doc/man1/openssl-srp.pod +++ b/doc/man1/openssl-srp.pod @@ -35,17 +35,6 @@ For B<-list>, if no I is given then all users are displayed. The configuration file to use, and the section within the file, can be specified with the B<-config> and B<-name> flags, respectively. -If the config file is not specified, the B<-srpvfile> can be used to -just specify the file to operate on. - -The B<-userinfo> option specifies additional information to add when -adding or modifying a user. - -The B<-gn> flag specifies the I and I values, using one of -the strengths defined in IETF RFC 5054. - -The B<-passin> and B<-passout> arguments are parsed as described in -the L command. =head1 OPTIONS @@ -59,6 +48,27 @@ Display an option summary. Generate verbose output while processing. +=item B<-srpvfile> I + +If the config file is not specified, +B<-srpvfile> can be used to specify the file to operate on. + +=item B<-gn> + +Specifies the B and B values, using one of +the strengths defined in IETF RFC 5054. + +=item B<-userinfo> + +specifies additional information to add when +adding or modifying a user. + +=item B<-passin> I, B<-passout> I + +The password source for the input and output file. +For more information about the format of B +see L. + =back =head1 COPYRIGHT diff --git a/doc/man1/openssl-storeutl.pod b/doc/man1/openssl-storeutl.pod index dbe0d9f844..0ceb1cea97 100644 --- a/doc/man1/openssl-storeutl.pod +++ b/doc/man1/openssl-storeutl.pod @@ -50,7 +50,7 @@ this option prevents output of the PEM data. =item B<-passin> I the key password source. For more information about the format of I -see L. +see L. =item B<-text> diff --git a/doc/man1/openssl-x509.pod b/doc/man1/openssl-x509.pod index f7e56abf22..b4d41df3b2 100644 --- a/doc/man1/openssl-x509.pod +++ b/doc/man1/openssl-x509.pod @@ -373,7 +373,7 @@ Names and values of these options are algorithm-specific. =item B<-passin> I The key password source. For more information about the format of I -see L. +see L. =item B<-clrext> -- 2.25.1