[gnutls-devel] Missing documentation in GnuTLS 3.4.4.1
Mark H Weaver
mhw at netris.org
Wed Aug 19 07:37:46 CEST 2015
I looked at the diffs between 3.4.4 and 3.4.4.1 and discovered that in
the documentation, all of the included output of <PROGRAM> --help has
been lost. For example:
--8<---------------cut here---------------start------------->8---
diff -ru gnutls-3.4.4/doc/invoke-certtool.texi gnutls-3.4.4.1/doc/invoke-certtool.texi
--- gnutls-3.4.4/doc/invoke-certtool.texi 2015-07-31 15:44:21.000000000 -0400
+++ gnutls-3.4.4.1/doc/invoke-certtool.texi 2015-08-10 13:43:52.000000000 -0400
@@ -41,97 +41,7 @@
@exampleindent 0
@example
-certtool - GnuTLS certificate tool
-Usage: certtool [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
-
- -d, --debug=num Enable debugging
- - it must be in the range:
- 0 to 9999
- -V, --verbose More verbose output
- - may appear multiple times
- --infile=file Input file
- - file must pre-exist
- --outfile=str Output file
- -s, --generate-self-signed Generate a self-signed certificate
- -c, --generate-certificate Generate a signed certificate
- --generate-proxy Generates a proxy certificate
- --generate-crl Generate a CRL
- -u, --update-certificate Update a signed certificate
- -p, --generate-privkey Generate a private key
- -q, --generate-request Generate a PKCS #10 certificate request
- - prohibits the option 'infile'
- -e, --verify-chain Verify a PEM encoded certificate chain
- --verify Verify a PEM encoded certificate chain using a trusted list
- --verify-crl Verify a CRL using a trusted list
- - requires the option 'load-ca-certificate'
- --generate-dh-params Generate PKCS #3 encoded Diffie-Hellman parameters
- --get-dh-params Get the included PKCS #3 encoded Diffie-Hellman parameters
- --dh-info Print information PKCS #3 encoded Diffie-Hellman parameters
- --load-privkey=str Loads a private key file
- --load-pubkey=str Loads a public key file
- --load-request=str Loads a certificate request file
- --load-certificate=str Loads a certificate file
- --load-ca-privkey=str Loads the certificate authority's private key file
- --load-ca-certificate=str Loads the certificate authority's certificate file
- --password=str Password to use
- --null-password Enforce a NULL password
- --empty-password Enforce an empty password
- --hex-numbers Print big number in an easier format to parse
- --cprint In certain operations it prints the information in C-friendly format
- -i, --certificate-info Print information on the given certificate
- --certificate-pubkey Print certificate's public key
- --pgp-certificate-info Print information on the given OpenPGP certificate
- --pgp-ring-info Print information on the given OpenPGP keyring structure
- -l, --crl-info Print information on the given CRL structure
- --crq-info Print information on the given certificate request
- --no-crq-extensions Do not use extensions in certificate requests
- --p12-info Print information on a PKCS #12 structure
- --p12-name=str The PKCS #12 friendly name to use
- --p7-info Print information on a PKCS #7 structure
- --smime-to-p7 Convert S/MIME to PKCS #7 structure
- -k, --key-info Print information on a private key
- --pgp-key-info Print information on an OpenPGP private key
- --pubkey-info Print information on a public key
- --v1 Generate an X.509 version 1 certificate (with no extensions)
- -!, --to-p12 Generate a PKCS #12 structure
- - requires the option 'load-certificate'
- -", --to-p8 Generate a PKCS #8 structure
- -8, --pkcs8 Use PKCS #8 format for private keys
- -#, --rsa Generate RSA key
- -$, --dsa Generate DSA key
- -%, --ecc Generate ECC (ECDSA) key
- -&, --ecdsa an alias for the 'ecc' option
- -', --hash=str Hash algorithm to use for signing
- -(, --inder Use DER format for input certificates, private keys, and DH parameters
- - disabled as '--no-inder'
- -), --inraw an alias for the 'inder' option
- -*, --outder Use DER format for output certificates, private keys, and DH parameters
- - disabled as '--no-outder'
- -+, --outraw an alias for the 'outder' option
- -,, --bits=num Specify the number of bits for key generate
- --, --curve=str Specify the curve used for EC key generation
- -., --sec-param=str Specify the security level [low, legacy, medium, high, ultra]
- -/, --disable-quick-random No effect
- -0, --template=str Template file to use for non-interactive operation
- -1, --stdout-info Print information to stdout instead of stderr
- -2, --ask-pass Enable interaction for entering password when in batch mode.
- -3, --pkcs-cipher=str Cipher to use for PKCS #8 and #12 operations
- -4, --provider=str Specify the PKCS #11 provider library
- -v, --version[=arg] output version information and exit
- -h, --help display extended usage information and exit
- -!, --more-help extended usage information passed thru pager
-
-Options are specified by doubled hyphens and their name or by a single
-hyphen and the flag character.
-
-Tool to parse and generate X.509 certificates, requests and private keys.
-It can be used interactively or non interactively by specifying the
-template command line option.
-
-The tool accepts files or URLs supported by GnuTLS. In case PIN is
-required for the URL access you can provide it using the environment
-variables GNUTLS_PIN and GNUTLS_SO_PIN.
-
+certtool is unavailable - no --help
@end example
@exampleindent 4
--8<---------------cut here---------------end--------------->8---
Ditto for ocsptool, srptool, psktool, p11tool, gnutls-cli, gnutls-serv,
and gnutls-cli-debug, and of course these problems are reflected in the
pre-generated docs as well.
Mark
More information about the Gnutls-devel
mailing list