diff options
| -rw-r--r-- | apps/apps.c | 2 | ||||
| -rw-r--r-- | apps/cms.c | 2 | ||||
| -rw-r--r-- | apps/ocsp.c | 2 | ||||
| -rw-r--r-- | apps/s_client.c | 2 | ||||
| -rw-r--r-- | apps/s_server.c | 2 | ||||
| -rw-r--r-- | apps/smime.c | 2 | ||||
| -rw-r--r-- | apps/verify.c | 2 |
7 files changed, 13 insertions, 1 deletions
diff --git a/apps/apps.c b/apps/apps.c index bf044d40f8..8412e24687 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2362,6 +2362,8 @@ int args_verify(char ***pargs, int *pargc, flags |= X509_V_FLAG_SUITEB_192_LOS; else if (!strcmp(arg, "-partial_chain")) flags |= X509_V_FLAG_PARTIAL_CHAIN; + else if (!strcmp(arg, "-no_alt_chains")) + flags |= X509_V_FLAG_NO_ALT_CHAINS; else return 0; diff --git a/apps/cms.c b/apps/cms.c index fbb5607398..479d1dddf2 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -646,6 +646,8 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-trusted_first use locally trusted certificates first when building trust chain\n"); BIO_printf(bio_err, + "-no_alt_chains only ever use the first certificate chain found\n"); + BIO_printf(bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); BIO_printf(bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); diff --git a/apps/ocsp.c b/apps/ocsp.c index 4b9d6f6b33..b0b3069676 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -538,6 +538,8 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-trusted_first use locally trusted CA's first when building trust chain\n"); BIO_printf(bio_err, + "-no_alt_chains only ever use the first certificate chain found\n"); + BIO_printf(bio_err, "-VAfile file validator certificates file\n"); BIO_printf(bio_err, "-validity_period n maximum validity discrepancy in seconds\n"); diff --git a/apps/s_client.c b/apps/s_client.c index 1607c6e438..bc82239f1b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -321,6 +321,8 @@ static void sc_usage(void) BIO_printf(bio_err, " -trusted_first - Use local CA's first when building trust chain\n"); BIO_printf(bio_err, + " -no_alt_chains - only ever use the first certificate chain found\n"); + BIO_printf(bio_err, " -reconnect - Drop and re-make the connection with the same Session-ID\n"); BIO_printf(bio_err, " -pause - sleep(1) after each read(2) and write(2) system call\n"); diff --git a/apps/s_server.c b/apps/s_server.c index 573bc873bf..4311d6d6fb 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -509,6 +509,8 @@ static void sv_usage(void) BIO_printf(bio_err, " -trusted_first - Use locally trusted CA's first when building trust chain\n"); BIO_printf(bio_err, + " -no_alt_chains - only ever use the first certificate chain found\n"); + BIO_printf(bio_err, " -nocert - Don't use any certificates (Anon-DH)\n"); BIO_printf(bio_err, " -cipher arg - play with 'openssl ciphers' to see what goes here\n"); diff --git a/apps/smime.c b/apps/smime.c index 5efe51f7d7..930978fd9b 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -444,6 +444,8 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-trusted_first use locally trusted CA's first when building trust chain\n"); BIO_printf(bio_err, + "-no_alt_chains only ever use the first certificate chain found\n"); + BIO_printf(bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); BIO_printf(bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); diff --git a/apps/verify.c b/apps/verify.c index 8f963f86c2..e771be22d2 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -236,7 +236,7 @@ int MAIN(int argc, char **argv) end: if (ret == 1) { BIO_printf(bio_err, - "usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check]"); + "usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check] [-no_alt_chains]"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err, " [-engine e]"); #endif |