Provided by: canlock_3.3.0-1_amd64 bug


       canlock - CLI frontend for libcanlock library


       canlock -h | -v

       canlock [-q] -o

       canlock [-a scheme] -l [uid]mid

       canlock [-a scheme] -k [uid]mid

       canlock [-q] -c key,lock

       canlock [-q] -m keys,locks


       Command line utility for Netnews Cancel-Lock authentication scheme.

       canlock  can  be  used to create <c-lock> and <c-key> elements according to RFC 8315.  The
       secret data is read from standard input (using EOF for termination).

       canlock also provides a verify interface with the -c option.  An external header parser is
       required to extract the <c-key> and <c-lock> elements from the article headers.
       The command line utilities canlock-mhp(1) and canlock-hfp(1) can be used for this purpose.


       The following options are supported:

       -a scheme           Use the hash algorithm specified by <scheme>.
                           Supported values for <scheme> (by version 3.0.0 of canlock):
                           sha1, sha224, sha256, sha384, sha512

                           If  this  option  is  not  present,  sha256  is  used as default value
                           (because this is the mandatory algorithm defined by RFC 8315).

       -l [uid]mid         Generate Cancel-Lock for Message-ID <mid>.
                           The Message-ID can be prepended with an optional User-ID <uid>.

                           The result is a <c-lock> element.

       -k [uid]mid         Generate Cancel-Key for Message-ID <mid>.
                           The Message-ID can be prepended with an optional User-ID <uid>.

                           The result is a <c-key> element.

       -c c-key,c-lock     Verify whether <c-key> element of a cancel or  supersede  matches  the
                           <c-lock> element of a target article.

       -m keys,locks       Verify whether one of multiple keys matches one of multiple locks.
                           The elements of both lists must be separated by SP (space) characters.
                           Anything  must  be  passed as single parameter of the "-m" option, use
                           appropriate quoting.

       -q                  Write no result to standard output.

                           Only valid if specified before -c and -o options.

       -h                  Print help message, then exit.

       -o                  Print whether libcanlock reports support for overwriting  secret  data
                           in memory.

                           The exit status is zero if cl_clear_secret(3) returned zero.

       -v                  Print version and compile time options, then exit.


       Zero on success or regular exit respectively.
       All other values indicate an error.


       Michael Baeuerle


       Report bugs to <>.


       canlock tries to comply with the following standards:

       RFC 5537, RFC 6234, RFC 8315


       canlock-hfp(1),   canlock-mhp(1),   cl_clear_secret(3),   cl_get_lock(3),   cl_get_key(3),
       cl_split(3), cl_verify(3), cl_verify_multi(3)