aboutsummaryrefslogtreecommitdiffstats
path: root/secure/usr.bin/openssl
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2014-04-08 21:06:58 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2014-04-08 21:06:58 +0000
commit560ede85d466823fc0d14b5bf4ec3dca5f755463 (patch)
tree782ade2dc94388e4ddc56b20d9c7ccf578d61077 /secure/usr.bin/openssl
parent2cf4f7ef79ce94cef95c119e6641636940bac0da (diff)
parent06369e3974fbc83d3778807c090fbe69f20a27d4 (diff)
downloadsrc-560ede85d466823fc0d14b5bf4ec3dca5f755463.tar.gz
src-560ede85d466823fc0d14b5bf4ec3dca5f755463.zip
Merge OpenSSL 1.0.1g.
Approved by: benl (maintainer)
Notes
Notes: svn path=/head/; revision=264278
Diffstat (limited to 'secure/usr.bin/openssl')
-rw-r--r--secure/usr.bin/openssl/man/CA.pl.12
-rw-r--r--secure/usr.bin/openssl/man/asn1parse.12
-rw-r--r--secure/usr.bin/openssl/man/ca.12
-rw-r--r--secure/usr.bin/openssl/man/ciphers.12
-rw-r--r--secure/usr.bin/openssl/man/cms.12
-rw-r--r--secure/usr.bin/openssl/man/crl.16
-rw-r--r--secure/usr.bin/openssl/man/crl2pkcs7.12
-rw-r--r--secure/usr.bin/openssl/man/dgst.12
-rw-r--r--secure/usr.bin/openssl/man/dhparam.12
-rw-r--r--secure/usr.bin/openssl/man/dsa.12
-rw-r--r--secure/usr.bin/openssl/man/dsaparam.12
-rw-r--r--secure/usr.bin/openssl/man/ec.14
-rw-r--r--secure/usr.bin/openssl/man/ecparam.12
-rw-r--r--secure/usr.bin/openssl/man/enc.12
-rw-r--r--secure/usr.bin/openssl/man/errstr.12
-rw-r--r--secure/usr.bin/openssl/man/gendsa.12
-rw-r--r--secure/usr.bin/openssl/man/genpkey.12
-rw-r--r--secure/usr.bin/openssl/man/genrsa.12
-rw-r--r--secure/usr.bin/openssl/man/nseq.12
-rw-r--r--secure/usr.bin/openssl/man/ocsp.12
-rw-r--r--secure/usr.bin/openssl/man/openssl.12
-rw-r--r--secure/usr.bin/openssl/man/passwd.12
-rw-r--r--secure/usr.bin/openssl/man/pkcs12.112
-rw-r--r--secure/usr.bin/openssl/man/pkcs7.12
-rw-r--r--secure/usr.bin/openssl/man/pkcs8.12
-rw-r--r--secure/usr.bin/openssl/man/pkey.12
-rw-r--r--secure/usr.bin/openssl/man/pkeyparam.12
-rw-r--r--secure/usr.bin/openssl/man/pkeyutl.12
-rw-r--r--secure/usr.bin/openssl/man/rand.12
-rw-r--r--secure/usr.bin/openssl/man/req.14
-rw-r--r--secure/usr.bin/openssl/man/rsa.12
-rw-r--r--secure/usr.bin/openssl/man/rsautl.12
-rw-r--r--secure/usr.bin/openssl/man/s_client.117
-rw-r--r--secure/usr.bin/openssl/man/s_server.14
-rw-r--r--secure/usr.bin/openssl/man/s_time.12
-rw-r--r--secure/usr.bin/openssl/man/sess_id.12
-rw-r--r--secure/usr.bin/openssl/man/smime.12
-rw-r--r--secure/usr.bin/openssl/man/speed.12
-rw-r--r--secure/usr.bin/openssl/man/spkac.12
-rw-r--r--secure/usr.bin/openssl/man/ts.16
-rw-r--r--secure/usr.bin/openssl/man/tsget.14
-rw-r--r--secure/usr.bin/openssl/man/verify.12
-rw-r--r--secure/usr.bin/openssl/man/version.12
-rw-r--r--secure/usr.bin/openssl/man/x509.12
-rw-r--r--secure/usr.bin/openssl/man/x509v3_config.12
45 files changed, 74 insertions, 57 deletions
diff --git a/secure/usr.bin/openssl/man/CA.pl.1 b/secure/usr.bin/openssl/man/CA.pl.1
index 5aa1439e9b0f..943abf39f6d3 100644
--- a/secure/usr.bin/openssl/man/CA.pl.1
+++ b/secure/usr.bin/openssl/man/CA.pl.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CA.PL 1"
-.TH CA.PL 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CA.PL 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/asn1parse.1 b/secure/usr.bin/openssl/man/asn1parse.1
index 3e218d6e70ac..913dcd743a6d 100644
--- a/secure/usr.bin/openssl/man/asn1parse.1
+++ b/secure/usr.bin/openssl/man/asn1parse.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1PARSE 1"
-.TH ASN1PARSE 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH ASN1PARSE 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/ca.1 b/secure/usr.bin/openssl/man/ca.1
index 385e2f0cdae0..623f976695b0 100644
--- a/secure/usr.bin/openssl/man/ca.1
+++ b/secure/usr.bin/openssl/man/ca.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CA 1"
-.TH CA 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CA 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/ciphers.1 b/secure/usr.bin/openssl/man/ciphers.1
index 5cd5bc07f5ff..ae4d2fc3ebe1 100644
--- a/secure/usr.bin/openssl/man/ciphers.1
+++ b/secure/usr.bin/openssl/man/ciphers.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CIPHERS 1"
-.TH CIPHERS 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CIPHERS 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/cms.1 b/secure/usr.bin/openssl/man/cms.1
index b63d06577cc0..0e3c654929de 100644
--- a/secure/usr.bin/openssl/man/cms.1
+++ b/secure/usr.bin/openssl/man/cms.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CMS 1"
-.TH CMS 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CMS 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/crl.1 b/secure/usr.bin/openssl/man/crl.1
index 11b91ef0be7a..44b444d141f4 100644
--- a/secure/usr.bin/openssl/man/crl.1
+++ b/secure/usr.bin/openssl/man/crl.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CRL 1"
-.TH CRL 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CRL 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -178,6 +178,10 @@ don't output the encoded version of the \s-1CRL\s0.
.IX Item "-hash"
output a hash of the issuer name. This can be use to lookup CRLs in
a directory by issuer name.
+.IP "\fB\-hash_old\fR" 4
+.IX Item "-hash_old"
+outputs the \*(L"hash\*(R" of the \s-1CRL\s0 issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
.IP "\fB\-issuer\fR" 4
.IX Item "-issuer"
output the issuer name.
diff --git a/secure/usr.bin/openssl/man/crl2pkcs7.1 b/secure/usr.bin/openssl/man/crl2pkcs7.1
index 42b3a7a2efe4..546923621bfb 100644
--- a/secure/usr.bin/openssl/man/crl2pkcs7.1
+++ b/secure/usr.bin/openssl/man/crl2pkcs7.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "CRL2PKCS7 1"
-.TH CRL2PKCS7 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH CRL2PKCS7 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/dgst.1 b/secure/usr.bin/openssl/man/dgst.1
index 06df2588dcb1..64f91e991211 100644
--- a/secure/usr.bin/openssl/man/dgst.1
+++ b/secure/usr.bin/openssl/man/dgst.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "DGST 1"
-.TH DGST 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH DGST 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/dhparam.1 b/secure/usr.bin/openssl/man/dhparam.1
index d046511b1695..ca841e61e5d7 100644
--- a/secure/usr.bin/openssl/man/dhparam.1
+++ b/secure/usr.bin/openssl/man/dhparam.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "DHPARAM 1"
-.TH DHPARAM 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH DHPARAM 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/dsa.1 b/secure/usr.bin/openssl/man/dsa.1
index 3177369f8486..caa015b61e27 100644
--- a/secure/usr.bin/openssl/man/dsa.1
+++ b/secure/usr.bin/openssl/man/dsa.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "DSA 1"
-.TH DSA 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH DSA 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/dsaparam.1 b/secure/usr.bin/openssl/man/dsaparam.1
index 06b1774fd964..a4e9f500ec74 100644
--- a/secure/usr.bin/openssl/man/dsaparam.1
+++ b/secure/usr.bin/openssl/man/dsaparam.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "DSAPARAM 1"
-.TH DSAPARAM 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH DSAPARAM 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/ec.1 b/secure/usr.bin/openssl/man/ec.1
index 0fdc3de69d2f..22bf1212308c 100644
--- a/secure/usr.bin/openssl/man/ec.1
+++ b/secure/usr.bin/openssl/man/ec.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "EC 1"
-.TH EC 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH EC 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -164,7 +164,7 @@ PKCS#8 private key format use the \fBpkcs8\fR command.
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option with a private key uses
an \s-1ASN\s0.1 \s-1DER\s0 encoded \s-1SEC1\s0 private key. When used with a public key it
-uses the SubjectPublicKeyInfo structur as specified in \s-1RFC\s0 3280.
+uses the SubjectPublicKeyInfo structure as specified in \s-1RFC\s0 3280.
The \fB\s-1PEM\s0\fR form is the default format: it consists of the \fB\s-1DER\s0\fR format base64
encoded with additional header and footer lines. In the case of a private key
PKCS#8 format is also accepted.
diff --git a/secure/usr.bin/openssl/man/ecparam.1 b/secure/usr.bin/openssl/man/ecparam.1
index dfc36208da9d..f9bdf1bcd44b 100644
--- a/secure/usr.bin/openssl/man/ecparam.1
+++ b/secure/usr.bin/openssl/man/ecparam.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "ECPARAM 1"
-.TH ECPARAM 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH ECPARAM 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/enc.1 b/secure/usr.bin/openssl/man/enc.1
index 99c16cd2189b..fcb69aa1d68f 100644
--- a/secure/usr.bin/openssl/man/enc.1
+++ b/secure/usr.bin/openssl/man/enc.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "ENC 1"
-.TH ENC 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH ENC 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/errstr.1 b/secure/usr.bin/openssl/man/errstr.1
index 14bf86893ebd..fc69b8e2d8df 100644
--- a/secure/usr.bin/openssl/man/errstr.1
+++ b/secure/usr.bin/openssl/man/errstr.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "ERRSTR 1"
-.TH ERRSTR 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH ERRSTR 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/gendsa.1 b/secure/usr.bin/openssl/man/gendsa.1
index f826d08f271b..7a70b6c972cc 100644
--- a/secure/usr.bin/openssl/man/gendsa.1
+++ b/secure/usr.bin/openssl/man/gendsa.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "GENDSA 1"
-.TH GENDSA 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH GENDSA 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/genpkey.1 b/secure/usr.bin/openssl/man/genpkey.1
index d02c3fd5b403..7fbe3aa540e6 100644
--- a/secure/usr.bin/openssl/man/genpkey.1
+++ b/secure/usr.bin/openssl/man/genpkey.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "GENPKEY 1"
-.TH GENPKEY 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH GENPKEY 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/genrsa.1 b/secure/usr.bin/openssl/man/genrsa.1
index 0105a4c35df8..940b191ee1d7 100644
--- a/secure/usr.bin/openssl/man/genrsa.1
+++ b/secure/usr.bin/openssl/man/genrsa.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "GENRSA 1"
-.TH GENRSA 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH GENRSA 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/nseq.1 b/secure/usr.bin/openssl/man/nseq.1
index 7c19a2669033..101fc5eb41e3 100644
--- a/secure/usr.bin/openssl/man/nseq.1
+++ b/secure/usr.bin/openssl/man/nseq.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "NSEQ 1"
-.TH NSEQ 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH NSEQ 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/ocsp.1 b/secure/usr.bin/openssl/man/ocsp.1
index 79b40875bd07..ed0429b451d3 100644
--- a/secure/usr.bin/openssl/man/ocsp.1
+++ b/secure/usr.bin/openssl/man/ocsp.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "OCSP 1"
-.TH OCSP 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH OCSP 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/openssl.1 b/secure/usr.bin/openssl/man/openssl.1
index 34883f741b06..3d79f80e4e6a 100644
--- a/secure/usr.bin/openssl/man/openssl.1
+++ b/secure/usr.bin/openssl/man/openssl.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "OPENSSL 1"
-.TH OPENSSL 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH OPENSSL 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/passwd.1 b/secure/usr.bin/openssl/man/passwd.1
index f10ad84d7cd2..b7abfddc6a20 100644
--- a/secure/usr.bin/openssl/man/passwd.1
+++ b/secure/usr.bin/openssl/man/passwd.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PASSWD 1"
-.TH PASSWD 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PASSWD 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/pkcs12.1 b/secure/usr.bin/openssl/man/pkcs12.1
index 07828ec32419..96d664a98b10 100644
--- a/secure/usr.bin/openssl/man/pkcs12.1
+++ b/secure/usr.bin/openssl/man/pkcs12.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKCS12 1"
-.TH PKCS12 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKCS12 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -186,16 +186,20 @@ by default.
.IX Item "-out filename"
The filename to write certificates and private keys to, standard output by
default. They are all written in \s-1PEM\s0 format.
-.IP "\fB\-pass arg\fR, \fB\-passin arg\fR" 4
-.IX Item "-pass arg, -passin arg"
+.IP "\fB\-passin arg\fR" 4
+.IX Item "-passin arg"
the PKCS#12 file (i.e. input file) password source. For more information about
the format of \fBarg\fR see the \fB\s-1PASS\s0 \s-1PHRASE\s0 \s-1ARGUMENTS\s0\fR section in
\&\fIopenssl\fR\|(1).
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-pass phrase source to encrypt any outputed private keys with. For more
+pass phrase source to encrypt any outputted private keys with. For more
information about the format of \fBarg\fR see the \fB\s-1PASS\s0 \s-1PHRASE\s0 \s-1ARGUMENTS\s0\fR section
in \fIopenssl\fR\|(1).
+.IP "\fB\-password arg\fR" 4
+.IX Item "-password arg"
+With \-export, \-password is equivalent to \-passout.
+Otherwise, \-password is equivalent to \-passin.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
this option inhibits output of the keys and certificates to the output file
diff --git a/secure/usr.bin/openssl/man/pkcs7.1 b/secure/usr.bin/openssl/man/pkcs7.1
index 12f5ad5bcf19..b23d1866b2b6 100644
--- a/secure/usr.bin/openssl/man/pkcs7.1
+++ b/secure/usr.bin/openssl/man/pkcs7.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKCS7 1"
-.TH PKCS7 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKCS7 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/pkcs8.1 b/secure/usr.bin/openssl/man/pkcs8.1
index 1dbe94657e99..2204b8d4a5ee 100644
--- a/secure/usr.bin/openssl/man/pkcs8.1
+++ b/secure/usr.bin/openssl/man/pkcs8.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKCS8 1"
-.TH PKCS8 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKCS8 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/pkey.1 b/secure/usr.bin/openssl/man/pkey.1
index b3429e2b8fcb..d5a0b99a485e 100644
--- a/secure/usr.bin/openssl/man/pkey.1
+++ b/secure/usr.bin/openssl/man/pkey.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKEY 1"
-.TH PKEY 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKEY 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/pkeyparam.1 b/secure/usr.bin/openssl/man/pkeyparam.1
index f47be71674ba..cf29b1efa175 100644
--- a/secure/usr.bin/openssl/man/pkeyparam.1
+++ b/secure/usr.bin/openssl/man/pkeyparam.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKEYPARAM 1"
-.TH PKEYPARAM 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKEYPARAM 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/pkeyutl.1 b/secure/usr.bin/openssl/man/pkeyutl.1
index 4300c38d2339..7f1142dc6550 100644
--- a/secure/usr.bin/openssl/man/pkeyutl.1
+++ b/secure/usr.bin/openssl/man/pkeyutl.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "PKEYUTL 1"
-.TH PKEYUTL 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH PKEYUTL 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/rand.1 b/secure/usr.bin/openssl/man/rand.1
index edf058549996..cd5975ef649a 100644
--- a/secure/usr.bin/openssl/man/rand.1
+++ b/secure/usr.bin/openssl/man/rand.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "RAND 1"
-.TH RAND 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH RAND 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/req.1 b/secure/usr.bin/openssl/man/req.1
index 1e22dae2cf29..f5fca096b33e 100644
--- a/secure/usr.bin/openssl/man/req.1
+++ b/secure/usr.bin/openssl/man/req.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "REQ 1"
-.TH REQ 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH REQ 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -391,7 +391,7 @@ It should be noted that very few CAs still require the use of this option.
Reverses effect of \fB\-asn1\-kludge\fR
.IP "\fB\-newhdr\fR" 4
.IX Item "-newhdr"
-Adds the word \fB\s-1NEW\s0\fR to the \s-1PEM\s0 file header and footer lines on the outputed
+Adds the word \fB\s-1NEW\s0\fR to the \s-1PEM\s0 file header and footer lines on the outputted
request. Some software (Netscape certificate server) and some CAs need this.
.IP "\fB\-batch\fR" 4
.IX Item "-batch"
diff --git a/secure/usr.bin/openssl/man/rsa.1 b/secure/usr.bin/openssl/man/rsa.1
index c29a0f58297e..d38f61bf0248 100644
--- a/secure/usr.bin/openssl/man/rsa.1
+++ b/secure/usr.bin/openssl/man/rsa.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "RSA 1"
-.TH RSA 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH RSA 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/rsautl.1 b/secure/usr.bin/openssl/man/rsautl.1
index 1ed270f92638..8b62ce8f1a7a 100644
--- a/secure/usr.bin/openssl/man/rsautl.1
+++ b/secure/usr.bin/openssl/man/rsautl.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "RSAUTL 1"
-.TH RSAUTL 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH RSAUTL 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/s_client.1 b/secure/usr.bin/openssl/man/s_client.1
index 6f424fdde4cc..a190b4983233 100644
--- a/secure/usr.bin/openssl/man/s_client.1
+++ b/secure/usr.bin/openssl/man/s_client.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "S_CLIENT 1"
-.TH S_CLIENT 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH S_CLIENT 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -136,6 +136,7 @@ s_client \- SSL/TLS client program
\&\fBopenssl\fR \fBs_client\fR
[\fB\-connect host:port\fR]
[\fB\-verify depth\fR]
+[\fB\-verify_return_error\fR]
[\fB\-cert filename\fR]
[\fB\-certform DER|PEM\fR]
[\fB\-key filename\fR]
@@ -205,6 +206,10 @@ server certificate chain and turns on server certificate verification.
Currently the verify operation continues after errors so all the problems
with a certificate chain can be seen. As a side effect the connection
will never fail due to a server certificate verify failure.
+.IP "\fB\-verify_return_error\fR" 4
+.IX Item "-verify_return_error"
+Return verification errors instead of continuing. This will typically
+abort the handshake with a fatal error.
.IP "\fB\-CApath directory\fR" 4
.IX Item "-CApath directory"
The directory to use for server certificate verification. This directory
@@ -372,6 +377,13 @@ If there are problems verifying a server certificate then the
Since the SSLv23 client hello cannot include compression methods or extensions
these will only be supported if its use is disabled, for example by using the
\&\fB\-no_sslv2\fR option.
+.PP
+The \fBs_client\fR utility is a test tool and is designed to continue the
+handshake after any certificate verification errors. As a result it will
+accept any certificate chain (trusted or not) sent by the peer. None test
+applications should \fBnot\fR do this as it makes them vulnerable to a \s-1MITM\s0
+attack. This behaviour can be changed by with the \fB\-verify_return_error\fR
+option: any verify errors are then returned aborting the handshake.
.SH "BUGS"
.IX Header "BUGS"
Because this program has a lot of options and also because some of
@@ -379,9 +391,6 @@ the techniques used are rather old, the C source of s_client is rather
hard to read and not a model of how things should be done. A typical
\&\s-1SSL\s0 client program would be much simpler.
.PP
-The \fB\-verify\fR option should really exit if the server verification
-fails.
-.PP
The \fB\-prexit\fR option is a bit of a hack. We should really report
information whenever a session is renegotiated.
.SH "SEE ALSO"
diff --git a/secure/usr.bin/openssl/man/s_server.1 b/secure/usr.bin/openssl/man/s_server.1
index 0904bba2f13e..9928407a8613 100644
--- a/secure/usr.bin/openssl/man/s_server.1
+++ b/secure/usr.bin/openssl/man/s_server.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "S_SERVER 1"
-.TH S_SERVER 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH S_SERVER 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -225,7 +225,7 @@ a server can support clients which only support \s-1RSA\s0 or \s-1DSS\s0 cipher
by using an appropriate certificate.
.IP "\fB\-dcertform format\fR, \fB\-dkeyform format\fR, \fB\-dpass arg\fR" 4
.IX Item "-dcertform format, -dkeyform format, -dpass arg"
-addtional certificate and private key format and passphrase respectively.
+additional certificate and private key format and passphrase respectively.
.IP "\fB\-nocert\fR" 4
.IX Item "-nocert"
if this option is set then no certificate is used. This restricts the
diff --git a/secure/usr.bin/openssl/man/s_time.1 b/secure/usr.bin/openssl/man/s_time.1
index 4faffa67109b..9b1c5444fe6b 100644
--- a/secure/usr.bin/openssl/man/s_time.1
+++ b/secure/usr.bin/openssl/man/s_time.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "S_TIME 1"
-.TH S_TIME 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH S_TIME 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/sess_id.1 b/secure/usr.bin/openssl/man/sess_id.1
index 0daf1b574306..d36aaf2427c8 100644
--- a/secure/usr.bin/openssl/man/sess_id.1
+++ b/secure/usr.bin/openssl/man/sess_id.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "SESS_ID 1"
-.TH SESS_ID 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH SESS_ID 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/smime.1 b/secure/usr.bin/openssl/man/smime.1
index f4c7aa15aebd..c686dfbe5358 100644
--- a/secure/usr.bin/openssl/man/smime.1
+++ b/secure/usr.bin/openssl/man/smime.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "SMIME 1"
-.TH SMIME 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH SMIME 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/speed.1 b/secure/usr.bin/openssl/man/speed.1
index e52e72807ae3..33eaded438eb 100644
--- a/secure/usr.bin/openssl/man/speed.1
+++ b/secure/usr.bin/openssl/man/speed.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "SPEED 1"
-.TH SPEED 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH SPEED 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/spkac.1 b/secure/usr.bin/openssl/man/spkac.1
index 38924bebc129..7c33ec546325 100644
--- a/secure/usr.bin/openssl/man/spkac.1
+++ b/secure/usr.bin/openssl/man/spkac.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "SPKAC 1"
-.TH SPKAC 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH SPKAC 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/ts.1 b/secure/usr.bin/openssl/man/ts.1
index b24322907f1f..c8e72e0173ed 100644
--- a/secure/usr.bin/openssl/man/ts.1
+++ b/secure/usr.bin/openssl/man/ts.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "TS 1"
-.TH TS 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH TS 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -415,7 +415,7 @@ switch always overrides the settings in the config file.
.IX Item "tsa section, default_tsa"
This is the main section and it specifies the name of another section
that contains all the options for the \fB\-reply\fR command. This default
-section can be overriden with the \fB\-section\fR command line switch. (Optional)
+section can be overridden with the \fB\-section\fR command line switch. (Optional)
.IP "\fBoid_file\fR" 4
.IX Item "oid_file"
See \fIca\fR\|(1) for description. (Optional)
@@ -497,7 +497,7 @@ included. Default is no. (Optional)
.SH "ENVIRONMENT VARIABLES"
.IX Header "ENVIRONMENT VARIABLES"
\&\fB\s-1OPENSSL_CONF\s0\fR contains the path of the configuration file and can be
-overriden by the \fB\-config\fR command line option.
+overridden by the \fB\-config\fR command line option.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
All the examples below presume that \fB\s-1OPENSSL_CONF\s0\fR is set to a proper
diff --git a/secure/usr.bin/openssl/man/tsget.1 b/secure/usr.bin/openssl/man/tsget.1
index 2df050e7d52f..77f548b353f6 100644
--- a/secure/usr.bin/openssl/man/tsget.1
+++ b/secure/usr.bin/openssl/man/tsget.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "TSGET 1"
-.TH TSGET 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH TSGET 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -237,7 +237,7 @@ The name of an \s-1EGD\s0 socket to get random data from. (Optional)
.IP "[request]..." 4
.IX Item "[request]..."
List of files containing \fB\s-1RFC\s0 3161\fR DER-encoded time stamp requests. If no
-requests are specifed only one request will be sent to the server and it will be
+requests are specified only one request will be sent to the server and it will be
read from the standard input. (Optional)
.SH "ENVIRONMENT VARIABLES"
.IX Header "ENVIRONMENT VARIABLES"
diff --git a/secure/usr.bin/openssl/man/verify.1 b/secure/usr.bin/openssl/man/verify.1
index c663949e292b..890c35e0c7fd 100644
--- a/secure/usr.bin/openssl/man/verify.1
+++ b/secure/usr.bin/openssl/man/verify.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "VERIFY 1"
-.TH VERIFY 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH VERIFY 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/version.1 b/secure/usr.bin/openssl/man/version.1
index cb4ea8ea94c6..6757ca3b0e27 100644
--- a/secure/usr.bin/openssl/man/version.1
+++ b/secure/usr.bin/openssl/man/version.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "VERSION 1"
-.TH VERSION 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH VERSION 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/x509.1 b/secure/usr.bin/openssl/man/x509.1
index 8583cdd888ce..14cc7f428274 100644
--- a/secure/usr.bin/openssl/man/x509.1
+++ b/secure/usr.bin/openssl/man/x509.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "X509 1"
-.TH X509 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH X509 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
diff --git a/secure/usr.bin/openssl/man/x509v3_config.1 b/secure/usr.bin/openssl/man/x509v3_config.1
index 5ef5f2048571..e1f37c6408d7 100644
--- a/secure/usr.bin/openssl/man/x509v3_config.1
+++ b/secure/usr.bin/openssl/man/x509v3_config.1
@@ -124,7 +124,7 @@
.\" ========================================================================
.\"
.IX Title "X509V3_CONFIG 1"
-.TH X509V3_CONFIG 1 "2014-01-06" "1.0.1f" "OpenSSL"
+.TH X509V3_CONFIG 1 "2014-04-07" "1.0.1g" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l