summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjmc <>2017-11-29 21:15:45 +0000
committerjmc <>2017-11-29 21:15:45 +0000
commitc6fd1f3146d18e788d976c587c1cc38d1ff98d89 (patch)
treec4124bd9493de3f2e44b77f991138eafe9583393
parentbc8bb57301186279c74b55cd2daec9131d087ef8 (diff)
downloadopenbsd-c6fd1f3146d18e788d976c587c1cc38d1ff98d89.tar.gz
openbsd-c6fd1f3146d18e788d976c587c1cc38d1ff98d89.tar.bz2
openbsd-c6fd1f3146d18e788d976c587c1cc38d1ff98d89.zip
add -i to SYNOPSIS/usage() and sundry tweaks;
ok beck
Diffstat
-rw-r--r--src/usr.sbin/ocspcheck/ocspcheck.89
-rw-r--r--src/usr.sbin/ocspcheck/ocspcheck.c5
2 files changed, 8 insertions, 6 deletions
diff --git a/src/usr.sbin/ocspcheck/ocspcheck.8 b/src/usr.sbin/ocspcheck/ocspcheck.8
index 2a3f2d6187..19f55fb838 100644
--- a/src/usr.sbin/ocspcheck/ocspcheck.8
+++ b/src/usr.sbin/ocspcheck/ocspcheck.8
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ocspcheck.8,v 1.8 2017/11/28 23:32:00 beck Exp $ 1.\" $OpenBSD: ocspcheck.8,v 1.9 2017/11/29 21:15:45 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2017 Bob Beck <beck@openbsd.org> 3.\" Copyright (c) 2017 Bob Beck <beck@openbsd.org>
4.\" 4.\"
@@ -14,7 +14,7 @@
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\" 16.\"
17.Dd $Mdocdate: November 28 2017 $ 17.Dd $Mdocdate: November 29 2017 $
18.Dt OCSPCHECK 8 18.Dt OCSPCHECK 8
19.Os 19.Os
20.Sh NAME 20.Sh NAME
@@ -24,6 +24,7 @@
24.Nm 24.Nm
25.Op Fl Nv 25.Op Fl Nv
26.Op Fl C Ar CAfile 26.Op Fl C Ar CAfile
27.Op Fl i Ar staplefile
27.Op Fl o Ar staplefile 28.Op Fl o Ar staplefile
28.Ar file 29.Ar file
29.Sh DESCRIPTION 30.Sh DESCRIPTION
@@ -46,7 +47,7 @@ certificate chain provided by the
46.Ar file 47.Ar file
47argument. 48argument.
48.It Fl i Ar staplefile 49.It Fl i Ar staplefile
49Specify an input filename from which a DER encoded OCSP response 50Specify an input filename from which a DER-encoded OCSP response
50will be read instead of fetching it from the OCSP server. 51will be read instead of fetching it from the OCSP server.
51A filename 52A filename
52of 53of
@@ -56,7 +57,7 @@ will read the response from standard input.
56Do not use a nonce value in the OCSP request, or validate that the 57Do not use a nonce value in the OCSP request, or validate that the
57nonce was returned in the OCSP response. 58nonce was returned in the OCSP response.
58By default a nonce is always used and validated when retrieving 59By default a nonce is always used and validated when retrieving
59a response from an OCSP server. 60a response from an OCSP server.
60The use of this flag is a security risk as it will allow OCSP 61The use of this flag is a security risk as it will allow OCSP
61responses to be replayed. 62responses to be replayed.
62It should not be used unless the OCSP server does not support the 63It should not be used unless the OCSP server does not support the
diff --git a/src/usr.sbin/ocspcheck/ocspcheck.c b/src/usr.sbin/ocspcheck/ocspcheck.c
index 6038f8817d..133401003e 100644
--- a/src/usr.sbin/ocspcheck/ocspcheck.c
+++ b/src/usr.sbin/ocspcheck/ocspcheck.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ocspcheck.c,v 1.22 2017/11/28 23:32:00 beck Exp $ */ 1/* $OpenBSD: ocspcheck.c,v 1.23 2017/11/29 21:15:45 jmc Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2017 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2017 Bob Beck <beck@openbsd.org>
@@ -498,7 +498,8 @@ static void
498usage(void) 498usage(void)
499{ 499{
500 fprintf(stderr, 500 fprintf(stderr,
501 "usage: ocspcheck [-Nv] [-C CAfile] [-o staplefile] file\n"); 501 "usage: ocspcheck [-Nv] [-C CAfile] [-i staplefile] "
502 "[-o staplefile] file\n");
502 exit(1); 503 exit(1);
503} 504}
504 505
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 21:25:39 +0000