[Pkg-openssl-devel] Bug#766052: openssl: verify does not support single dash parameter

[ygrex at ygrex.ru]

Package: openssl
Version: 1.0.1j-1
Severity: normal

Dear Maintainer,

the single dash parameter is documented as follows:

$ man verify | grep -iw -A6 -m1 synopsis
SYNOPSIS
       openssl verify [-CApath directory] [-CAfile file] [-purpose purpose]
       [-policy arg] [-ignore_critical] [-crl_check] [-crl_check_all]
       [-policy_check] [-explicit_policy] [-inhibit_any] [-inhibit_map]
       [-x509_strict] [-extended_crl] [-use_deltas] [-policy_print] [-untrusted
       file] [-help] [-issuer_checks] [-attime timestamp] [-verbose] [-]
       [certificates]

$ man verify | grep -E ' -   '
       -   Indicates the last option. All arguments following this are assumed to

but "openssl verify" fails if the dash is used:

$ openssl verify - -pem
usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-attime timestamp] [-engine e] cert1 cert2 ...
recognized usages:
	sslclient 	SSL client
	sslserver 	SSL server
	nssslserver	Netscape SSL server
	smimesign 	S/MIME signing
	smimeencrypt	S/MIME encryption
	crlsign   	CRL signing
	any       	Any Purpose
	ocsphelper	OCSP helper
	timestampsign	Time Stamp signing

a workaround with shell redirection:

$ openssl verify < -pem
stdin: OK

it is expected that "openssl verify" processes "-" parameter as documented

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: armhf (armv7l)
Foreign Architectures: armel

Kernel: Linux 3.0.35-ygrex-utilite-dirty (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssl depends on:
ii  libc6        2.19-11
ii  libssl1.0.0  1.0.1j-1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20140927

-- no debconf information