]>
Commit | Line | Data |
---|---|---|
9fcb9702 | 1 | #! /usr/bin/env perl |
a28d06f3 | 2 | # Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. |
9fcb9702 RS |
3 | # |
4 | # Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | # this file except in compliance with the License. You can obtain a copy | |
6 | # in the file LICENSE in the source distribution or at | |
7 | ||
8 | # Set some Perl variables for use by util/dofile.pl when processing | |
9 | # POD files (mainly man1). | |
10 | ||
0f221d9c P |
11 | use configdata; |
12 | ||
9fcb9702 RS |
13 | # Verify options |
14 | $OpenSSL::safe::opt_v_synopsis = "" | |
21d08b9e | 15 | . "[B<-allow_proxy_certs>]\n" |
9fcb9702 | 16 | . "[B<-attime> I<timestamp>]\n" |
21d08b9e | 17 | . "[B<-no_check_time>]\n" |
9fcb9702 RS |
18 | . "[B<-check_ss_sig>]\n" |
19 | . "[B<-crl_check>]\n" | |
20 | . "[B<-crl_check_all>]\n" | |
21 | . "[B<-explicit_policy>]\n" | |
22 | . "[B<-extended_crl>]\n" | |
23 | . "[B<-ignore_critical>]\n" | |
24 | . "[B<-inhibit_any>]\n" | |
25 | . "[B<-inhibit_map>]\n" | |
26 | . "[B<-partial_chain>]\n" | |
27 | . "[B<-policy> I<arg>]\n" | |
28 | . "[B<-policy_check>]\n" | |
29 | . "[B<-policy_print>]\n" | |
30 | . "[B<-purpose> I<purpose>]\n" | |
31 | . "[B<-suiteB_128>]\n" | |
32 | . "[B<-suiteB_128_only>]\n" | |
33 | . "[B<-suiteB_192>]\n" | |
34 | . "[B<-trusted_first>]\n" | |
35 | . "[B<-no_alt_chains>]\n" | |
36 | . "[B<-use_deltas>]\n" | |
37 | . "[B<-auth_level> I<num>]\n" | |
38 | . "[B<-verify_depth> I<num>]\n" | |
39 | . "[B<-verify_email> I<email>]\n" | |
40 | . "[B<-verify_hostname> I<hostname>]\n" | |
41 | . "[B<-verify_ip> I<ip>]\n" | |
42 | . "[B<-verify_name> I<name>]\n" | |
68581885 | 43 | . "[B<-x509_strict>]\n" |
d55e4487 | 44 | . "[B<-issuer_checks>]"; |
9fcb9702 | 45 | $OpenSSL::safe::opt_v_item = "" |
21d08b9e RS |
46 | . "=item B<-allow_proxy_certs>, B<-attime>, B<-no_check_time>,\n" |
47 | . "B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,\n" | |
9fcb9702 RS |
48 | . "B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,\n" |
49 | . "B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,\n" | |
50 | . "B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,\n" | |
51 | . "B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,\n" | |
52 | . "B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,\n" | |
68581885 | 53 | . "B<-verify_ip>, B<-verify_name>, B<-x509_strict> B<-issuer_checks>\n" |
9fcb9702 RS |
54 | . "\n" |
55 | . "Set various options of certificate chain verification.\n" | |
b6f18ed2 | 56 | . "See L<openssl-verification-options(1)/Verification Options> for details."; |
9fcb9702 RS |
57 | |
58 | ||
59 | # Extended validation options. | |
60 | $OpenSSL::safe::opt_x_synopsis = "" | |
61 | . "[B<-xkey>] I<infile>\n" | |
62 | . "[B<-xcert> I<file>]\n" | |
63 | . "[B<-xchain>] I<file>\n" | |
64 | . "[B<-xchain_build>] I<file>\n" | |
65 | . "[B<-xcertform> B<DER>|B<PEM>]>\n" | |
66 | . "[B<-xkeyform> B<DER>|B<PEM>]>"; | |
67 | $OpenSSL::safe::opt_x_item = "" | |
68 | . "=item B<xkey> I<infile>, B<-xcert> I<file>, B<-xchain> I<file>,\n" | |
69 | . "B<-xchain_build> I<file>, B<-xcertform> B<DER>|B<PEM>,\n" | |
8b3efb53 | 70 | . "B<-xkeyform> B<DER>|B<PEM>\n" |
9fcb9702 RS |
71 | . "\n" |
72 | . "Set extended certificate verification options.\n" | |
b6f18ed2 | 73 | . "See L<openssl-verification-options(1)/Extended Verification Options> for details."; |
9fcb9702 | 74 | |
bc24e3ee RS |
75 | # Name output options |
76 | $OpenSSL::safe::opt_name_synopsis = "" | |
77 | . "[B<-nameopt> I<option>]"; | |
78 | $OpenSSL::safe::opt_name_item = "" | |
79 | . "=item B<-nameopt> I<option>\n" | |
80 | . "\n" | |
81 | . "This specifies how the subject or issuer names are displayed.\n" | |
46949153 | 82 | . "See L<openssl-namedisplay-options(1)> for details."; |
9fcb9702 RS |
83 | |
84 | # Random State Options | |
85 | $OpenSSL::safe::opt_r_synopsis = "" | |
86 | . "[B<-rand> I<files>]\n" | |
87 | . "[B<-writerand> I<file>]"; | |
88 | $OpenSSL::safe::opt_r_item = "" | |
89 | . "=item B<-rand> I<files>, B<-writerand> I<file>\n" | |
90 | . "\n" | |
91 | . "See L<openssl(1)/Random State Options> for details."; | |
92 | ||
6bd4e3f2 P |
93 | # Provider options |
94 | $OpenSSL::safe::opt_provider_synopsis = "" | |
95 | . "[B<-provider> I<name>]\n" | |
7dc67708 PG |
96 | . "[B<-provider-path> I<path>]\n" |
97 | . "[B<-propquery> I<propq>]"; | |
6bd4e3f2 P |
98 | $OpenSSL::safe::opt_provider_item = "" |
99 | . "=item B<-provider> I<name>\n" | |
100 | . "\n" | |
c9dcbc07 | 101 | . "=item B<-provider-path> I<path>\n" |
6bd4e3f2 | 102 | . "\n" |
7dc67708 PG |
103 | . "=item B<-propquery> I<propq>\n" |
104 | . "\n" | |
16b8862d | 105 | . "See L<openssl(1)/Provider Options>, L<provider(7)>, and L<property(7)>."; |
6bd4e3f2 | 106 | |
ae89578b SL |
107 | # Configuration option |
108 | $OpenSSL::safe::opt_config_synopsis = "" | |
d55e4487 | 109 | . "[B<-config> I<configfile>]"; |
ae89578b SL |
110 | $OpenSSL::safe::opt_config_item = "" |
111 | . "=item B<-config> I<configfile>\n" | |
112 | . "\n" | |
113 | . "See L<openssl(1)/Configuration Option>."; | |
114 | ||
018aaeb4 | 115 | # Engine option |
0f221d9c P |
116 | $OpenSSL::safe::opt_engine_synopsis = ""; |
117 | $OpenSSL::safe::opt_engine_item = ""; | |
118 | if (!$disabled{"deprecated-3.0"}) { | |
119 | $OpenSSL::safe::opt_engine_synopsis = "" | |
d55e4487 | 120 | . "[B<-engine> I<id>]\n"; |
0f221d9c P |
121 | $OpenSSL::safe::opt_engine_item = "" |
122 | . "=item B<-engine> I<id>\n" | |
123 | . "\n" | |
124 | . "See L<openssl(1)/Engine Options>.\n" | |
125 | . "This option is deprecated."; | |
126 | } | |
018aaeb4 | 127 | |
9fcb9702 RS |
128 | # Trusted certs options |
129 | $OpenSSL::safe::opt_trust_synopsis = "" | |
130 | . "[B<-CAfile> I<file>]\n" | |
131 | . "[B<-no-CAfile>]\n" | |
132 | . "[B<-CApath> I<dir>]\n" | |
fd3397fc RL |
133 | . "[B<-no-CApath>]\n" |
134 | . "[B<-CAstore> I<uri>]\n" | |
135 | . "[B<-no-CAstore>]"; | |
9fcb9702 | 136 | $OpenSSL::safe::opt_trust_item = "" |
fd3397fc RL |
137 | . "=item B<-CAfile> I<file>, B<-no-CAfile>, B<-CApath> I<dir>, B<-no-CApath>,\n" |
138 | . "B<-CAstore> I<uri>, B<-no-CAstore>\n" | |
9fcb9702 | 139 | . "\n" |
ac093b3f | 140 | . "See L<openssl-verification-options(1)/Trusted Certificate Options> for details."; |
9fcb9702 | 141 | |
d4bff20d RS |
142 | # TLS Version Options |
143 | $OpenSSL::safe::opt_versiontls_synopsis = "" | |
144 | . "[B<-no_ssl3>]\n" | |
145 | . "[B<-no_tls1>]\n" | |
146 | . "[B<-no_tls1_1>]\n" | |
147 | . "[B<-no_tls1_2>]\n" | |
148 | . "[B<-no_tls1_3>]\n" | |
149 | . "[B<-ssl3>]\n" | |
150 | . "[B<-tls1>]\n" | |
151 | . "[B<-tls1_1>]\n" | |
152 | . "[B<-tls1_2>]\n" | |
153 | . "[B<-tls1_3>]"; | |
154 | $OpenSSL::safe::opt_versiontls_item = "" | |
155 | . "=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3>,\n" | |
156 | . "B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>\n" | |
157 | . "\n" | |
158 | . "See L<openssl(1)/TLS Version Options>."; | |
159 | ||
160 | # TLS/DTLS Version Options | |
161 | $OpenSSL::safe::opt_version_synopsis = "" | |
162 | . "$OpenSSL::safe::opt_versiontls_synopsis\n" | |
163 | . "[B<-dtls>]\n" | |
164 | . "[B<-dtls1>]\n" | |
165 | . "[B<-dtls1_2>]"; | |
166 | $OpenSSL::safe::opt_version_item = "\n" | |
167 | . "$OpenSSL::safe::opt_versiontls_item\n" | |
168 | . "\n" | |
169 | . "=item B<-dtls>, B<-dtls1>, B<-dtls1_2>\n" | |
170 | . "\n" | |
171 | . "These specify the use of DTLS instead of TLS.\n" | |
172 | . "See L<openssl(1)/TLS Version Options>."; | |
173 | ||
9fcb9702 | 174 | # SSL connection options. |
8b3efb53 | 175 | # TODO # options will probably be re-ordered. |
9fcb9702 RS |
176 | $OpenSSL::safe::opt_s_synopsis = "" |
177 | . "[B<-bugs>]\n" | |
178 | . "[B<-no_comp>]\n" | |
8b3efb53 | 179 | . "[B<-comp>]\n" |
9fcb9702 RS |
180 | . "[B<-no_ticket>]\n" |
181 | . "[B<-serverpref>]\n" | |
55373bfd | 182 | . "[B<-client_renegotiation>]\n" |
9fcb9702 RS |
183 | . "[B<-legacy_renegotiation>]\n" |
184 | . "[B<-no_renegotiation>]\n" | |
9fcb9702 | 185 | . "[B<-no_resumption_on_reneg>]\n" |
55373bfd | 186 | . "[B<-immediate_renegotiation>]\n" |
8b3efb53 | 187 | . "[B<-legacy_server_connect>]\n" |
9fcb9702 RS |
188 | . "[B<-no_legacy_server_connect>]\n" |
189 | . "[B<-allow_no_dhe_kex>]\n" | |
190 | . "[B<-prioritize_chacha>]\n" | |
191 | . "[B<-strict>]\n" | |
192 | . "[B<-sigalgs> I<algs>]\n" | |
193 | . "[B<-client_sigalgs> I<algs>]\n" | |
194 | . "[B<-groups> I<groups>]\n" | |
195 | . "[B<-curves> I<curves>]\n" | |
8b3efb53 | 196 | . "[B<-named_curve> I<curve>]\n" |
9fcb9702 RS |
197 | . "[B<-cipher> I<ciphers>]\n" |
198 | . "[B<-ciphersuites> I<1.3ciphers>]\n" | |
199 | . "[B<-min_protocol> I<minprot>]\n" | |
200 | . "[B<-max_protocol> I<maxprot>]\n" | |
201 | . "[B<-record_padding> I<padding>]\n" | |
202 | . "[B<-debug_broken_protocol>]\n" | |
203 | . "[B<-no_middlebox>]"; | |
204 | $OpenSSL::safe::opt_s_item = "" | |
8b3efb53 | 205 | . "=item B<-bugs>, B<-comp>, B<-no_comp>, B<-no_ticket>, B<-serverpref>,\n" |
55373bfd | 206 | . "B<-client_renegotiation>, B<_immediate_renegotiation>\n" |
8b3efb53 RS |
207 | . "B<-legacy_renegotiation>, B<-no_renegotiation>, B<-no_resumption_on_reneg>,\n" |
208 | . "B<-legacy_server_connect>, B<-no_legacy_server_connect>,\n" | |
9fcb9702 RS |
209 | . "B<-allow_no_dhe_kex>, B<-prioritize_chacha>, B<-strict>, B<-sigalgs>\n" |
210 | . "I<algs>, B<-client_sigalgs> I<algs>, B<-groups> I<groups>, B<-curves>\n" | |
8b3efb53 | 211 | . "I<curves>, B<-named_curve> I<curve>, B<-cipher> I<ciphers>, B<-ciphersuites>\n" |
9fcb9702 RS |
212 | . "I<1.3ciphers>, B<-min_protocol> I<minprot>, B<-max_protocol> I<maxprot>,\n" |
213 | . "B<-record_padding> I<padding>, B<-debug_broken_protocol>, B<-no_middlebox>\n" | |
214 | . "\n" | |
215 | . "See L<SSL_CONF_cmd(3)/SUPPORTED COMMAND LINE COMMANDS> for details."; | |
625c781d RS |
216 | |
217 | package OpenSSL::safe; | |
218 | sub output_do_not_edit_headers { | |
219 | return "\n=begin comment\n\n" | |
220 | . join("\n", @autowarntext) | |
221 | . "\n\n=end comment"; | |
222 | } | |
223 | 1; |