[Feature][ZXW-88]merge P50 version
Only Configure: No
Affected branch: master
Affected module: unknown
Is it affected on both ZXIC and MTK: only ZXIC
Self-test: Yes
Doc Update: No
Change-Id: I34667719d9e0e7e29e8e4368848601cde0a48408
diff --git a/ap/lib/libcurl/curl-7.86.0/docs/mk-ca-bundle.1 b/ap/lib/libcurl/curl-7.86.0/docs/mk-ca-bundle.1
new file mode 100755
index 0000000..98b5ae1
--- /dev/null
+++ b/ap/lib/libcurl/curl-7.86.0/docs/mk-ca-bundle.1
@@ -0,0 +1,120 @@
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 2008 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" * SPDX-License-Identifier: curl
+.\" *
+.\" **************************************************************************
+.\"
+.TH mk-ca-bundle 1 "24 Oct 2016" "version 1.27" "mk-ca-bundle manual"
+.SH NAME
+mk-ca-bundle \- convert Mozilla's certificate bundle to PEM format
+.SH SYNOPSIS
+mk-ca-bundle [options]
+.I [outputfile]
+.SH DESCRIPTION
+The mk-ca-bundle tool downloads the \fIcertdata.txt\fP file from Mozilla's
+source tree over HTTPS, then parses \fIcertdata.txt\fP and extracts
+certificates into PEM format. By default, only CA root certificates trusted to
+issue SSL server authentication certificates are extracted. These are then
+processed with the OpenSSL command line tool to produce the final ca-bundle
+file.
+
+The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'
+(a single dash) you will get the output sent to STDOUT instead of a file.
+
+The PEM format this scripts uses for output makes the result readily available
+for use by just about all OpenSSL or GnuTLS powered applications, such as curl
+and others.
+.SH OPTIONS
+The following options are supported:
+.IP -b
+backup an existing version of \fIoutputfilename\fP
+.IP "-d [name]"
+specify which Mozilla tree to pull \fIcertdata.txt\fP from (or a custom
+URL). Valid names are: aurora, beta, central, Mozilla, nss, release
+(default). They are shortcuts for which source tree to get the certificates
+data from.
+.IP -f
+force rebuild even if \fIcertdata.txt\fP is current (Added in version 1.17)
+.IP -i
+print version info about used modules
+.IP -k
+Allow insecure data transfer. By default (since 1.27) this command will fail
+if the HTTPS transfer fails. This overrides that decision (and opens for
+man-in-the-middle attacks).
+.IP -l
+print license info about \fIcertdata.txt\fP
+.IP -m
+(Added in 1.26) Include meta data comments in the output. The meta data is
+specific information about each certificate that is stored in the original
+file as comments and using this option will make those comments get passed on
+to the output file. The meta data is not parsed in any way by mk-ca-bundle.
+.IP -n
+no download of \fIcertdata.txt\fP (to use existing)
+.IP "-p [purposes]:[levels]"
+list of Mozilla trust purposes and levels for certificates to include in
+output. Takes the form of a comma separated list of purposes, a colon, and a
+comma separated list of levels. The default is to include all certificates
+trusted to issue SSL Server certificates
+(\fISERVER_AUTH:TRUSTED_DELEGATOR\fP).
+
+(Added in version 1.21, Perl only)
+
+Valid purposes are:
+.RS
+\fIALL\fP, \fIDIGITAL_SIGNATURE\fP, \fINON_REPUDIATION\fP,
+\fIKEY_ENCIPHERMENT\fP, \fIDATA_ENCIPHERMENT\fP, \fIKEY_AGREEMENT\fP,
+\fIKEY_CERT_SIGN\fP, \fICRL_SIGN\fP, \fISERVER_AUTH\fP (default),
+\fICLIENT_AUTH\fP, \fICODE_SIGNING\fP, \fIEMAIL_PROTECTION\fP,
+\fIIPSEC_END_SYSTEM\fP, \fIIPSEC_TUNNEL\fP, \fIIPSEC_USER\fP,
+\fITIME_STAMPING\fP, \fISTEP_UP_APPROVED\fP
+.RE
+.IP
+Valid trust levels are:
+.RS
+\fIALL\fP, \fITRUSTED_DELEGATOR\fP (default), \fINOT_TRUSTED\fP, \fIMUST_VERIFY_TRUST\fP, \fITRUSTED\fP
+.RE
+.IP -q
+be really quiet (no progress output at all)
+.IP -t
+include plain text listing of certificates
+.IP "-s [algorithms]"
+comma separated list of signature algorithms with which to hash/fingerprint
+each certificate and output when run in plain text mode.
+
+(Added in version 1.21, Perl only)
+
+Valid algorithms are:
+.RS
+ALL, NONE, MD5 (default), SHA1, SHA256, SHA384, SHA512
+.RE
+.IP -u
+unlink (remove) \fIcertdata.txt\fP after processing
+.IP -v
+be verbose and print out processed certificate authorities
+.SH EXIT STATUS
+Returns 0 on success. Returns 1 if it fails to download data.
+.SH FILE FORMAT
+The file format used by Mozilla for this trust information is documented here:
+.nf
+https://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html
+.fi
+.SH SEE ALSO
+.BR curl (1)