Jason McIntyre <j...@kerhand.co.uk> writes: > On Sun, May 25, 2014 at 03:02:18PM +0200, Alexander Schrijver wrote: >> c_rehash doesn't exist in OpenBSD and remove a history lesson which is either >> not aplicable anymore or was never true. >> > > hmm, two things for the price of one. > > since we don;t have c_rehash, it seems silly to reference it. but > there's another ref in ftp(1) added only a few months ago by jca...any > comments, jca?
No particular comment. Adding ftp(1) support for c_rehash'd directories was cheap, and I was thinking about proposing the addition of said utility to the base system. I've only needed it once or twice, yet it bugged me not to have it at hand next to other openssl programs. Before removing the references to c_rehash I'd like to know if other people are interested in getting a trimmed down c_rehash utility in. Else there is not much point in supporting ftp -S capath=... at all. > the change to HISTORY is less convincing for me. there may well be room > to cut verbosity from this file (it's difficult to imagine adding to > it), but zapping one section so inconsistently feels wrong. when i > eventually get my extra life, i pledge to spend it checking this page. > until then, i've opted to zap the c_rehash reference only. I think you're right about the HISTORY removal. > unless they protest, i will commit this: > > Index: usr.bin/ftp/ftp.1 > =================================================================== > RCS file: /cvs/src/usr.bin/ftp/ftp.1,v > retrieving revision 1.91 > diff -u -r1.91 ftp.1 > --- usr.bin/ftp/ftp.1 23 Jan 2014 08:09:08 -0000 1.91 > +++ usr.bin/ftp/ftp.1 25 May 2014 18:58:31 -0000 > @@ -232,7 +232,6 @@ > .It Cm capath Ns = Ns Ar /path/to/certs/ > Directory containing PEM encoded CA certificates used for certificate > validation. > -Such a directory can be prepared using the c_rehash OpenSSL utility. > .It Cm ciphers Ns = Ns Ar cipher_list > Specify the list of ciphers that will be used by > .Nm . > Index: usr.sbin/openssl/openssl.1 > =================================================================== > RCS file: /cvs/src/usr.sbin/openssl/openssl.1,v > retrieving revision 1.94 > diff -u -r1.94 openssl.1 > --- usr.sbin/openssl/openssl.1 18 May 2014 08:23:27 -0000 1.94 > +++ usr.sbin/openssl/openssl.1 25 May 2014 18:58:34 -0000 > @@ -9072,11 +9072,6 @@ > option of the > .Nm x509 > utility). > -Under > -.Ux , > -the > -.Nm c_rehash > -script will automatically create symbolic links to a directory of > certificates. > .It Fl crl_check > Checks end entity certificate validity by attempting to look up a valid CRL. > If a valid CRL cannot be found an error occurs. > @@ -10420,10 +10415,6 @@ > In > .Nm OpenSSL > 1.0.0 and later it is based on a canonical version of the DN using SHA1. > -This means that any directories using the old form > -must have their links rebuilt using > -.Ar c_rehash > -or similar. > .\" > .\" FILES > .\" > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
