Commit 5a1f853b authored by Rich Salz's avatar Rich Salz
Browse files

GH875: Document -no_check_time 


Date:   Tue Mar 15 15:19:44 2016 +0100

This commit updates the documentation of cms, ocsp, s_client,
s_server, and verify to reflect the new "-no_check_time"
option introduced in commit d35ff2c0
on 2015-07-31.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 5c4b8c6f

doc/apps/cms.pod

+2 −1
Original line number Diff line number Diff line
@@ -47,6 +47,7 @@ B<openssl> B<cms> 
[B<-ignore_critical>]

[B<-inhibit_any>]

[B<-inhibit_map>]

[B<-no_check_time>]

[B<-partial_chain>]

[B<-policy arg>]

[B<-policy_check>]
@@ -473,7 +474,7 @@ address matches that specified in the From: address. 


=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,

B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,

B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,

B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,

B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,

doc/apps/ocsp.pod

+2 −1
Original line number Diff line number Diff line
@@ -42,6 +42,7 @@ B<openssl> B<ocsp> 
[B<-ignore_critical>]

[B<-inhibit_any>]

[B<-inhibit_map>]

[B<-no_check_time>]

[B<-partial_chain>]

[B<-policy arg>]

[B<-policy_check>]
@@ -195,7 +196,7 @@ Do not load the trusted CA certificates from the default directory location 


=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,

B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,

B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,

B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,

B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,

doc/apps/s_client.pod

+2 −1
Original line number Diff line number Diff line
@@ -34,6 +34,7 @@ B<openssl> B<s_client> 
[B<-ignore_critical>]

[B<-inhibit_any>]

[B<-inhibit_map>]

[B<-no_check_time>]

[B<-partial_chain>]

[B<-policy arg>]

[B<-policy_check>]
@@ -227,7 +228,7 @@ whitespace is ignored in the associated data field. For example: 


=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,

B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,

B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,

B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,

B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,

doc/apps/s_server.pod

+2 −1
Original line number Diff line number Diff line
@@ -44,6 +44,7 @@ B<openssl> B<s_server> 
[B<-ignore_critical>]

[B<-inhibit_any>]

[B<-inhibit_map>]

[B<-no_check_time>]

[B<-partial_chain>]

[B<-policy arg>]

[B<-policy_check>]
@@ -232,7 +233,7 @@ anonymous ciphersuite or PSK) this option has no effect. 


=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<-explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-no_alt_chains>, B<-partial_chain>, B<-policy>,

B<-inhibit_map>, B<-no_alt_chains>, B<-no_check_time>, B<-partial_chain>, B<-policy>,

B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>,

B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>,

B<-auth_level>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,

doc/apps/verify.pod

+7 −0
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ B<openssl> B<verify> 
[B<-ignore_critical>]

[B<-inhibit_any>]

[B<-inhibit_map>]

[B<-no_check_time>]

[B<-partial_chain>]

[B<-policy arg>]

[B<-policy_check>]
@@ -145,6 +146,12 @@ Set policy variable inhibit-any-policy (see RFC5280). 


Set policy variable inhibit-policy-mapping (see RFC5280).



=item B<-no_check_time>



This option suppresses checking the validity period of certificates and CRLs 

against the current time. If option B<-attime timestamp> is used to specify 

a verification time, the check is not suppressed.



=item B<-partial_chain>



Allow verification to succeed even if a I<complete> chain cannot be built to a