On Sun, May 25, 2014 at 03:02:18PM +0200, Alexander Schrijver wrote: > c_rehash doesn't exist in OpenBSD and remove a history lesson which is either > not aplicable anymore or was never true. >
after discussion with jca, i've just tried to make it clearer that we don;t have this script in base. that's because it does appear to have some use, so i don;t want to pretend it doesn;t exist. as mentioned earlier, i don;t see the point in messing with the history stuff (at least for now). jmc > Index: openssl.1 > =================================================================== > RCS file: /backup/mirrors/cvsync/src/usr.sbin/openssl/openssl.1,v > retrieving revision 1.93 > diff -u -r1.93 openssl.1 > --- openssl.1 13 Mar 2014 10:12:11 -0000 1.93 > +++ openssl.1 25 May 2014 12:48:53 -0000 > @@ -9072,11 +9072,6 @@ > option of the > .Nm x509 > utility). > -Under > -.Ux , > -the > -.Nm c_rehash > -script will automatically create symbolic links to a directory of > certificates. > .It Fl crl_check > Checks end entity certificate validity by attempting to look up a valid CRL. > If a valid CRL cannot be found an error occurs. > @@ -10403,27 +10398,6 @@ > It is hoped that it will represent reality in > .Nm OpenSSL > 0.9.5 and later. > -.Sh X509 HISTORY > -Before > -.Nm OpenSSL > -0.9.8, > -the default digest for RSA keys was MD5. > -.Pp > -The hash algorithm used in the > -.Fl subject_hash > -and > -.Fl issuer_hash > -options before > -.Nm OpenSSL > -1.0.0 was based on the deprecated MD5 algorithm and the encoding > -of the distinguished name. > -In > -.Nm OpenSSL > -1.0.0 and later it is based on a canonical version of the DN using SHA1. > -This means that any directories using the old form > -must have their links rebuilt using > -.Ar c_rehash > -or similar. > .\" > .\" FILES > .\" >
