Update manual pages

5eac3c90 · Tatsuhiro Tsujikawa · e70195ae · 5eac3c90 · 5eac3c90 · 5eac3c90
Commit 5eac3c90 authored Feb 22, 2018 by Tatsuhiro Tsujikawa
Showing with 43 additions and 6 deletions

doc/h2load.1 doc/h2load.1 +1 -1

doc/nghttp.1 doc/nghttp.1 +1 -1

doc/nghttpd.1 doc/nghttpd.1 +1 -1

doc/nghttpx.1 doc/nghttpx.1 +22 -2

doc/nghttpx.1.rst doc/nghttpx.1.rst +18 -1

No files found.
--- a/doc/h2load.1
+++ b/doc/h2load.1
 .\" Man page generated from reStructuredText.
 .
-.TH "H2LOAD" "1" "Feb 02, 2018" "1.30.0" "nghttp2"
+.TH "H2LOAD" "1" "Feb 22, 2018" "1.31.0-DEV" "nghttp2"
 .SH NAME
 h2load \- HTTP/2 benchmarking tool
 .

--- a/doc/nghttp.1
+++ b/doc/nghttp.1
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTP" "1" "Feb 02, 2018" "1.30.0" "nghttp2"
+.TH "NGHTTP" "1" "Feb 22, 2018" "1.31.0-DEV" "nghttp2"
 .SH NAME
 nghttp \- HTTP/2 client
 .

--- a/doc/nghttpd.1
+++ b/doc/nghttpd.1
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTPD" "1" "Feb 02, 2018" "1.30.0" "nghttp2"
+.TH "NGHTTPD" "1" "Feb 22, 2018" "1.31.0-DEV" "nghttp2"
 .SH NAME
 nghttpd \- HTTP/2 server
 .

--- a/doc/nghttpx.1
+++ b/doc/nghttpx.1
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTPX" "1" "Feb 02, 2018" "1.30.0" "nghttp2"
+.TH "NGHTTPX" "1" "Feb 22, 2018" "1.31.0-DEV" "nghttp2"
 .SH NAME
 nghttpx \- HTTP/2 proxy
 .
@@ -698,6 +698,14 @@ can contain multiple certificates.
 .UNINDENT
 .INDENT 0.0
 .TP
+.B \-\-verify\-client\-tolerate\-expired
+Accept  expired  client  certificate.   Operator  should
+handle  the expired  client  certificate  by some  means
+(e.g.,  mruby  script).   Otherwise, this  option  might
+cause a security risk.
+.UNINDENT
+.INDENT 0.0
+.TP
 .B \-\-client\-private\-key\-file=<PATH>
 Path to  file that contains  client private key  used in
 backend client authentication.
@@ -996,7 +1004,7 @@ option.  But be aware its implications.
 Set the maximum number of  the concurrent streams in one
 frontend HTTP/2 session.
 .sp
-Default: \(ga\(ga 100\(ga\(ga
+Default: \fB100\fP
 .UNINDENT
 .INDENT 0.0
 .TP
@@ -2030,6 +2038,18 @@ Return the serial number of a client certificate.
 .UNINDENT
 .INDENT 7.0
 .TP
+.B attribute [R] tls_client_not_before
+Return the start date of a client certificate in seconds since
+the epoch.
+.UNINDENT
+.INDENT 7.0
+.TP
+.B attribute [R] tls_client_not_after
+Return the end date of a client certificate in seconds since
+the epoch.
+.UNINDENT
+.INDENT 7.0
+.TP
 .B attribute [R] tls_cipher
 Return a TLS cipher negotiated in this connection.
 .UNINDENT

--- a/doc/nghttpx.1.rst
+++ b/doc/nghttpx.1.rst
@@ -644,6 +644,13 @@ SSL/TLS
    client certificate.  The file must be in PEM format.  It
    can contain multiple certificates.

+.. option:: --verify-client-tolerate-expired
+
+    Accept  expired  client  certificate.   Operator  should
+    handle  the expired  client  certificate  by some  means
+    (e.g.,  mruby  script).   Otherwise, this  option  might
+    cause a security risk.
+
 .. option:: --client-private-key-file=<PATH>

    Path to  file that contains  client private key  used in
@@ -917,7 +924,7 @@ HTTP/2
    Set the maximum number of  the concurrent streams in one
    frontend HTTP/2 session.

-    Default: `` 100``
+    Default: ``100``

 .. option:: --backend-http2-max-concurrent-streams=<N>

@@ -1859,6 +1866,16 @@ respectively.

        Return the serial number of a client certificate.

+    .. rb:attr_reader:: tls_client_not_before
+
+        Return the start date of a client certificate in seconds since
+        the epoch.
+
+    .. rb:attr_reader:: tls_client_not_after
+
+        Return the end date of a client certificate in seconds since
+        the epoch.
+
    .. rb:attr_reader:: tls_cipher

        Return a TLS cipher negotiated in this connection.