commands help cleanup

opt_valtype 0 is same as '-' while printing cmd usage
asn1parse/ca/ciphers help cleanup

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

apps/apps.h

@@ -356,8 +356,9 @@ typedef struct options_st {
     int retval;
     /*
      * value type: - no value (also the value zero), n number, p positive
-     * number, u unsigned, s string, < input file, > output file, f der/pem
-     * format, F any format identifier.  n and u include zero; p does not.
+     * number, u unsigned, l long, s string, < input file, > output file,
+     * f any format, F der/pem format , E der/pem/engine format identifier.
+     * l, n and u include zero; p does not.
      */
     int valtype;
     const char *helpstr;

apps/asn1pars.c

@@ -81,7 +81,7 @@ OPTIONS asn1parse_options[] = {
     {"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
     {"in", OPT_IN, '<', "input file"},
     {"out", OPT_OUT, '>', "output file (output format is always DER)"},
-    {"i", OPT_INDENT, 0, "entries"},
+    {"i", OPT_INDENT, 0, "indents the output"},
     {"noout", OPT_NOOUT, 0, "don't produce any output"},
     {"offset", OPT_OFFSET, 'p', "offset into file"},
     {"length", OPT_LENGTH, 'p', "length of section in file"},

apps/ca.c

@@ -209,7 +209,8 @@ OPTIONS ca_options[] = {
     {"name", OPT_NAME, 's', "The particular CA definition to use"},
     {"subj", OPT_SUBJ, 's', "Use arg instead of request's subject"},
     {"utf8", OPT_UTF8, '-', "Input characters are UTF8 (default ASCII)"},
-    {"create_serial", OPT_CREATE_SERIAL, '-'},
+    {"create_serial", OPT_CREATE_SERIAL, '-',
+    "If reading serial fails, create a new random serial"},
     {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
      "Enable support for multivalued RDNs"},
     {"startdate", OPT_STARTDATE, 's', "Cert notBefore, YYMMDDHHMMSSZ"},
@@ -253,10 +254,13 @@ OPTIONS ca_options[] = {
     {"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
     {"crlexts", OPT_CRLEXTS, 's',
      "CRL extension section (override value in config file)"},
-    {"crl_reason", OPT_CRL_REASON, 's'},
-    {"crl_hold", OPT_CRL_HOLD, 's'},
-    {"crl_compromise", OPT_CRL_COMPROMISE, 's'},
-    {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's'},
+    {"crl_reason", OPT_CRL_REASON, 's', "revocation reason"},
+    {"crl_hold", OPT_CRL_HOLD, 's',
+     "the hold instruction, an OID. Sets revocation reason to certificateHold"},
+    {"crl_compromise", OPT_CRL_COMPROMISE, 's',
+     "sets compromise time to val and the revocation reason to keyCompromise"},
+    {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's',
+     "sets compromise time to val and the revocation reason to CACompromise"},
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif

apps/opt.c

@@ -815,6 +815,7 @@ int opt_num_rest(void)
 static const char *valtype2param(const OPTIONS *o)
 {
     switch (o->valtype) {
+    case 0:
     case '-':
         return "";
     case 's':

doc/apps/ca.pod

@@ -50,6 +50,7 @@ B<openssl> B<ca>
 [B<-engine id>]
 [B<-subj arg>]
 [B<-utf8>]
+[B<-create_serial>]
 [B<-multivalue-rdn>]
 
 =head1 DESCRIPTION
@@ -65,6 +66,14 @@ The options descriptions will be divided into each purpose.
 
 =over 4
 
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+this prints extra details about the operations being performed.
+
 =item B<-config filename>
 
 specifies the configuration file to use.
@@ -144,14 +153,6 @@ self-signed certificate.
 the key password source. For more information about the format of B<arg>
 see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
 =item B<-notext>
 
 don't output the text form of a certificate to the output file.
@@ -249,6 +250,12 @@ default they are interpreted as ASCII. This means that the field
 values, whether prompted from a terminal or obtained from a
 configuration file, must be valid UTF8 strings.
 
+=item B<-create_serial>
+
+if reading serial from the text file as specified in the configuration
+fails, specifying this option creates a new random serial to be used as next
+serial number.
+
 =item B<-multivalue-rdn>
 
 This option causes the -subj argument to be interpreted with full

doc/apps/ciphers.pod

@@ -74,10 +74,6 @@ List the ciphers which would be used if TLS v1.2 was negotiated.
 precede each ciphersuite by its standard name: only available is OpenSSL
 is built with tracing enabled (B<enable-ssl-trace> argument to Configure).
 
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
 =item B<cipherlist>
 
 a cipher list to convert to a cipher preference list. If it is not included