Update man pages

2016-10-09 18:44:33 +09:00 · 2016-10-09 18:44:33 +09:00 · e6ae681f07
parent 7e681dc98f
commit e6ae681f07
6 changed files with 86 additions and 14 deletions
--- a/doc/h2load.1
+++ b/doc/h2load.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "H2LOAD" "1" "Oct 08, 2016" "1.16.0-DEV" "nghttp2"
+.TH "H2LOAD" "1" "Oct 09, 2016" "1.16.0-DEV" "nghttp2"
 .SH NAME
 h2load \- HTTP/2 benchmarking tool
 .
--- a/doc/h2load.1.rst
+++ b/doc/h2load.1.rst
@ -74,14 +74,14 @@ OPTIONS
 .. option:: -w, --window-bits=<N>
    Sets the stream level initial window size to (2\*\*<N>)-1.
-    For SPDY, 2**<N> is used instead.
+    For SPDY, 2\*\*<N> is used instead.
    Default: ``30``
 .. option:: -W, --connection-window-bits=<N>
    Sets  the  connection  level   initial  window  size  to
-    (2**<N>)-1.  For SPDY, if <N>  is strictly less than 16,
+    (2\*\*<N>)-1.  For SPDY, if <N>  is strictly less than 16,
    this option  is ignored.   Otherwise 2\*\*<N> is  used for
    SPDY.
--- a/doc/nghttp.1
+++ b/doc/nghttp.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTP" "1" "Oct 08, 2016" "1.16.0-DEV" "nghttp2"
+.TH "NGHTTP" "1" "Oct 09, 2016" "1.16.0-DEV" "nghttp2"
 .SH NAME
 nghttp \- HTTP/2 client
 .
--- a/doc/nghttpd.1
+++ b/doc/nghttpd.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTPD" "1" "Oct 08, 2016" "1.16.0-DEV" "nghttp2"
+.TH "NGHTTPD" "1" "Oct 09, 2016" "1.16.0-DEV" "nghttp2"
 .SH NAME
 nghttpd \- HTTP/2 server
 .
--- a/doc/nghttpx.1
+++ b/doc/nghttpx.1
@ -1,6 +1,6 @@
 .\" Man page generated from reStructuredText.
 .
-.TH "NGHTTPX" "1" "Oct 08, 2016" "1.16.0-DEV" "nghttp2"
+.TH "NGHTTPX" "1" "Oct 09, 2016" "1.16.0-DEV" "nghttp2"
 .SH NAME
 nghttpx \- HTTP/2 proxy
 .
@ -55,7 +55,7 @@ The options are categorized into several groups.
 .SS Connections
 .INDENT 0.0
 .TP
-.B \-b, \-\-backend=(<HOST>,<PORT>|unix:<PATH>)[;[<PATTERN>[:...]][[;PARAM]...]
+.B \-b, \-\-backend=(<HOST>,<PORT>|unix:<PATH>)[;[<PATTERN>[:...]][[;<PARAM>]...]
 Set  backend  host  and   port.   The  multiple  backend
 addresses are  accepted by repeating this  option.  UNIX
 domain socket  can be  specified by prefixing  path name
@ -183,7 +183,7 @@ Default: \fB127.0.0.1,80\fP
 .UNINDENT
 .INDENT 0.0
 .TP
-.B \-f, \-\-frontend=(<HOST>,<PORT>|unix:<PATH>)[[;PARAM]...]
+.B \-f, \-\-frontend=(<HOST>,<PORT>|unix:<PATH>)[[;<PARAM>]...]
 Set  frontend  host and  port.   If  <HOST> is  \(aq*\(aq,  it
 assumes  all addresses  including  both  IPv4 and  IPv6.
 UNIX domain  socket can  be specified by  prefixing path
@ -542,12 +542,21 @@ password protected it\(aqll be requested interactively.
 .UNINDENT
 .INDENT 0.0
 .TP
-.B \-\-subcert=<KEYPATH>:<CERTPATH>
+.B \-\-subcert=<KEYPATH>:<CERTPATH>[[;<PARAM>]...]
 Specify  additional certificate  and  private key  file.
 nghttpx will  choose certificates based on  the hostname
 indicated  by  client  using TLS  SNI  extension.   This
 option  can  be  used  multiple  times.   To  make  OCSP
 stapling work, <CERTPATH> must be absolute path.
 .sp
 Additional parameter  can be specified in  <PARAM>.  The
 available <PARAM> is "sct\-dir=<DIR>".
 .sp
 "sct\-dir=<DIR>"  specifies the  path to  directory which
 contains        *.sct        files        for        TLS
 signed_certificate_timestamp extension (RFC 6962).  This
 feature   requires   OpenSSL   >=   1.0.2.    See   also
 \fI\%\-\-tls\-sct\-dir\fP option.
 .UNINDENT
 .INDENT 0.0
 .TP
@ -790,6 +799,18 @@ Allow black  listed cipher  suite on  HTTP/2 connection.
 See  \fI\%https://tools.ietf.org/html/rfc7540#appendix\-A\fP  for
 the complete HTTP/2 cipher suites black list.
 .UNINDENT
 .INDENT 0.0
 .TP
 .B \-\-tls\-sct\-dir=<DIR>
 Specifies the  directory where  *.sct files  exist.  All
 *.sct   files   in  <DIR>   are   read,   and  sent   as
 extension_data of  TLS signed_certificate_timestamp (RFC
 6962)  to  client.   These   *.sct  files  are  for  the
 certificate   specified   in   positional   command\-line
 argument <CERT>, or  certificate option in configuration
 file.   For   additional  certificates,   use  \fI\%\-\-subcert\fP
 option.  This option requires OpenSSL >= 1.0.2.
 .UNINDENT
 .SS HTTP/2 and SPDY
 .INDENT 0.0
 .TP
@ -1536,6 +1557,19 @@ If \fI\%\-\-tls\-ticket\-key\-file\fP is given, encryption key is read
 from the given file.  In this case, nghttpx does not rotate key
 automatically.  To rotate key, one has to restart nghttpx (see
 SIGNALS).
 .SH CERTIFICATE TRANSPARENCY
 .sp
 nghttpx supports TLS \fBsigned_certificate_timestamp\fP extension (\fI\%RFC
 6962\fP).  The relevant options
 are \fI\%\-\-tls\-sct\-dir\fP and \fBsct\-dir\fP parameter in
 \fI\%\-\-subcert\fP\&.  They takes a directory, and nghttpx reads all
 files whose extension is \fB\&.sct\fP under the directory.  The \fB*.sct\fP
 files are encoded as \fBSignedCertificateTimestamp\fP struct described
 in \fI\%section 3.2 of RFC 69662\fP\&.  This format is
 the same one used by \fI\%nginx\-ct\fP and \fI\%mod_ssl_ct\fP\&.
 \fI\%ct\-submit\fP can be
 used to submit certificates to log servers, and obtain the
 \fBSignedCertificateTimestamp\fP struct which can be used with nghttpx.
 .SH MRUBY SCRIPTING
 .sp
 \fBWARNING:\fP
--- a/doc/nghttpx.1.rst
+++ b/doc/nghttpx.1.rst
@ -37,7 +37,7 @@ The options are categorized into several groups.
 Connections
 ~~~~~~~~~~~
-.. option:: -b, --backend=(<HOST>,<PORT>|unix:<PATH>)[;[<PATTERN>[:...]][[;PARAM]...]
+.. option:: -b, --backend=(<HOST>,<PORT>|unix:<PATH>)[;[<PATTERN>[:...]][[;<PARAM>]...]
    Set  backend  host  and   port.   The  multiple  backend
@ -70,7 +70,7 @@ Connections
    Host  can  include "\*"  in  the  left most  position  to
    indicate  wildcard match  (only suffix  match is  done).
-    The "*" must match at least one character.  For example,
+    The "\*" must match at least one character.  For example,
    host    pattern    "\*.nghttp2.org"    matches    against
    "www.nghttp2.org"  and  "git.ngttp2.org", but  does  not
    match  against  "nghttp2.org".   The exact  hosts  match
@ -166,7 +166,7 @@ Connections
    Default: ``127.0.0.1,80``
-.. option:: -f, --frontend=(<HOST>,<PORT>|unix:<PATH>)[[;PARAM]...]
+.. option:: -f, --frontend=(<HOST>,<PORT>|unix:<PATH>)[[;<PARAM>]...]
    Set  frontend  host and  port.   If  <HOST> is  '\*',  it
    assumes  all addresses  including  both  IPv4 and  IPv6.
@ -496,7 +496,7 @@ SSL/TLS
    private key.   If none is  given and the private  key is
    password protected it'll be requested interactively.
-.. option:: --subcert=<KEYPATH>:<CERTPATH>
+.. option:: --subcert=<KEYPATH>:<CERTPATH>[[;<PARAM>]...]
    Specify  additional certificate  and  private key  file.
    nghttpx will  choose certificates based on  the hostname
@ -504,6 +504,15 @@ SSL/TLS
    option  can  be  used  multiple  times.   To  make  OCSP
    stapling work, <CERTPATH> must be absolute path.
    Additional parameter  can be specified in  <PARAM>.  The
    available <PARAM> is "sct-dir=<DIR>".
    "sct-dir=<DIR>"  specifies the  path to  directory which
    contains        \*.sct        files        for        TLS
    signed_certificate_timestamp extension (RFC 6962).  This
    feature   requires   OpenSSL   >=   1.0.2.    See   also
    :option:`--tls-sct-dir` option.
 .. option:: --dh-param-file=<PATH>
    Path to file that contains  DH parameters in PEM format.
@ -719,6 +728,17 @@ SSL/TLS
    See  https://tools.ietf.org/html/rfc7540#appendix-A  for
    the complete HTTP/2 cipher suites black list.
 .. option:: --tls-sct-dir=<DIR>
    Specifies the  directory where  \*.sct files  exist.  All
    \*.sct   files   in  <DIR>   are   read,   and  sent   as
    extension_data of  TLS signed_certificate_timestamp (RFC
    6962)  to  client.   These   \*.sct  files  are  for  the
    certificate   specified   in   positional   command-line
    argument <CERT>, or  certificate option in configuration
    file.   For   additional  certificates,   use  :option:`--subcert`
    option.  This option requires OpenSSL >= 1.0.2.
 HTTP/2 and SPDY
 ~~~~~~~~~~~~~~~
@ -1083,7 +1103,7 @@ HTTP
    Set file path  to custom error page  served when nghttpx
    originally  generates  HTTP  error status  code  <CODE>.
    <CODE> must be greater than or equal to 400, and at most
-    599.  If "*"  is used instead of <CODE>,  it matches all
+    599.  If "\*"  is used instead of <CODE>,  it matches all
    HTTP  status  code.  If  error  status  code comes  from
    backend server, the custom error pages are not used.
@ -1407,6 +1427,24 @@ from the given file.  In this case, nghttpx does not rotate key
 automatically.  To rotate key, one has to restart nghttpx (see
 SIGNALS).
 CERTIFICATE TRANSPARENCY
 ------------------------
 nghttpx supports TLS ``signed_certificate_timestamp`` extension (`RFC
 6962 <https://tools.ietf.org/html/rfc6962>`_).  The relevant options
 are :option:`--tls-sct-dir` and ``sct-dir`` parameter in
 :option:`--subcert`.  They takes a directory, and nghttpx reads all
 files whose extension is ``.sct`` under the directory.  The ``*.sct``
 files are encoded as ``SignedCertificateTimestamp`` struct described
 in `section 3.2 of RFC 69662
 <https://tools.ietf.org/html/rfc6962#section-3.2>`_.  This format is
 the same one used by `nginx-ct
 <https://github.com/grahamedgecombe/nginx-ct>`_ and `mod_ssl_ct
 <https://httpd.apache.org/docs/trunk/mod/mod_ssl_ct.html>`_.
 `ct-submit <https://github.com/grahamedgecombe/ct-submit>`_ can be
 used to submit certificates to log servers, and obtain the
 ``SignedCertificateTimestamp`` struct which can be used with nghttpx.
 MRUBY SCRIPTING
 ---------------