From: Dr. David von Oheimb Date: Mon, 14 Apr 2025 19:04:07 +0000 (+0200) Subject: openssl-cmp.pod.in: fix doc of -server uri argument and tweak doc of -tls_used X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8eed141a822d7cf7ecb4facb1b46b4a18b1f3d1b;p=thirdparty%2Fopenssl.git openssl-cmp.pod.in: fix doc of -server uri argument and tweak doc of -tls_used Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale MergeDate: Tue Feb 3 08:43:03 2026 (Merged from https://github.com/openssl/openssl/pull/28478) --- diff --git a/apps/cmp.c b/apps/cmp.c index fe1219ee64a..90b8b4c5223 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -584,7 +584,7 @@ const OPTIONS cmp_options[] = { "NOTE: -tls_used and all other TLS options not supported due to no-sock/no-http build" }, #else { "tls_used", OPT_TLS_USED, '-', - "Enable using TLS for HTTP (also when other TLS options are not set)" }, + "Require using TLS for HTTP (also when other TLS options are not set)" }, { "tls_cert", OPT_TLS_CERT, 's', "Client's TLS certificate. May include chain to be provided to TLS server" }, { "tls_key", OPT_TLS_KEY, 's', diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in index b12ca950ab2..c6a6edf3478 100644 --- a/doc/man1/openssl-cmp.pod.in +++ b/doc/man1/openssl-cmp.pod.in @@ -536,8 +536,8 @@ It is ignored if I<-rspin> is given with enough filename arguments. If the scheme C is given, the B<-tls_used> option is implied. When TLS is used, the default port is 443, otherwise 80. -The optional userinfo and fragment components are ignored. -Any given query component is handled as part of the path component. +The optional userinfo component is ignored. +Any given query and fragment components are handled as part of the path component. If a path is included it provides the default value for the B<-path> option. =item B<-proxy> I<[http[s]://][userinfo@]host[:port][/path][?query][#fragment]> @@ -549,6 +549,7 @@ The proxy port defaults to 80 or 443 if the scheme is C; apart from that the optional C or C prefix is ignored (note that using TLS may be required by B<-tls_used> or B<-server> with the prefix C), as well as any path, userinfo, and query, and fragment components. + Defaults to the environment variable C if set, else C in case no TLS is used, otherwise C if set, else C. This option is ignored if I<-server> is not given. @@ -986,7 +987,7 @@ L. =item B<-tls_used> -Make the CMP client use TLS (regardless if other TLS-related options are set) +Require the CMP client to use TLS (regardless if other TLS-related options are set) for message exchange with the server via HTTP. This option is not supported with the I<-port> option. It is implied if the B<-server> option is given with the scheme C.