=item B<-c>
-print out the digest in two digit groups separated by colons, only relevant if
+Print out the digest in two digit groups separated by colons, only relevant if
B<hex> format output is used.
=item B<-d>
-print out BIO debugging information.
+Print out BIO debugging information.
=item B<-hex>
-digest is to be output as a hex dump. This is the default case for a "normal"
+Digest is to be output as a hex dump. This is the default case for a "normal"
digest as opposed to a digital signature. See NOTES below for digital
signatures using B<-hex>.
=item B<-binary>
-output the digest or signature in binary form.
+Output the digest or signature in binary form.
=item B<-r>
-output the digest in the "coreutils" format used by programs like B<sha1sum>.
+Output the digest in the "coreutils" format used by programs like B<sha1sum>.
=item B<-out filename>
-filename to output to, or standard output by default.
+Filename to output to, or standard output by default.
=item B<-sign filename>
-digitally sign the digest using the private key in "filename".
+Digitally sign the digest using the private key in "filename".
=item B<-keyform arg>
Pass options to the signature algorithm during sign or verify operations.
Names and values of these options are algorithm-specific.
-
=item B<-passin arg>
-
the private key password source. For more information about the format of B<arg>
+
The private key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
=item B<-verify filename>
-verify the signature using the public key in "filename".
+Verify the signature using the public key in "filename".
The output is either "Verification OK" or "Verification Failure".
=item B<-prverify filename>
-verify the signature using the private key in "filename".
+Verify the signature using the private key in "filename".
=item B<-signature filename>
-the actual signature to verify.
+The actual signature to verify.
=item B<-hmac key>
-create a hashed MAC using "key".
+Create a hashed MAC using "key".
=item B<-mac alg>
-create MAC (keyed Message Authentication Code). The most popular MAC
+Create MAC (keyed Message Authentication Code). The most popular MAC
algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
which are not based on hash, for instance B<gost-mac> algorithm,
supported by B<ccgost> engine. MAC keys and other options should be set
Passes options to MAC algorithm, specified by B<-mac> key.
Following options are supported by both by B<HMAC> and B<gost-mac>:
-=over 8
+=over 4
=item B<key:string>
=item B<-rand file(s)>
-a file or files containing random data used to seed the random number
+A file or files containing random data used to seed the random number
generator, or an EGD socket (see L<RAND_egd(3)>).
Multiple files can be specified separated by an OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
=item B<-fips-fingerprint>
-compute HMAC using a specific key
-for certain OpenSSL-FIPS operations.
+Compute HMAC using a specific key for certain OpenSSL-FIPS operations.
=item B<-engine id>
=item B<file...>
-file or files to digest. If no files are specified then standard input is
+File or files to digest. If no files are specified then standard input is
used.
=back
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
=head2 Standard Commands
-=over 10
+=over 4
=item L<B<asn1parse>|asn1parse(1)>
=item L<B<cms>|cms(1)>
-CMS (Cryptographic Message Syntax) utility
+CMS (Cryptographic Message Syntax) utility.
=item L<B<crl>|crl(1)>
=item L<B<dhparam>|dhparam(1)>
Generation and Management of Diffie-Hellman Parameters. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
-
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>.
=item L<B<dsa>|dsa(1)>
=item L<B<dsaparam>|dsaparam(1)>
DSA Parameter Generation and Management. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>.
=item L<B<ec>|ec(1)>
-EC (Elliptic curve) key processing
+EC (Elliptic curve) key processing.
=item L<B<ecparam>|ecparam(1)>
-EC parameter manipulation and generation
+EC parameter manipulation and generation.
=item L<B<enc>|enc(1)>
=item L<B<gendsa>|gendsa(1)>
Generation of DSA Private Key from Parameters. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>
+L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>.
=item L<B<genpkey>|genpkey(1)>
=item L<B<nseq>|nseq(1)>
-Create or examine a Netscape certificate sequence
+Create or examine a Netscape certificate sequence.
=item L<B<ocsp>|ocsp(1)>
=item L<B<rsautl>|rsautl(1)>
RSA utility for signing, verification, encryption, and decryption. Superseded
-by L<B<pkeyutl>|pkeyutl(1)>
+by L<B<pkeyutl>|pkeyutl(1)>.
=item L<B<s_client>|s_client(1)>
=item L<B<spkac>|spkac(1)>
-SPKAC printing and generating utility
+SPKAC printing and generating utility.
=item L<B<ts>|ts(1)>
-Time Stamping Authority tool (client/server)
+Time Stamping Authority tool (client/server).
=item L<B<verify>|verify(1)>
=head2 Message Digest Commands
-=over 10
+=over 4
=item B<md2>
=head2 Encoding and Cipher Commands
-=over 10
+=over 4
=item B<base64>
=head2 Common Options
-=over 10
+=over 4
=item B<-help>
prompted to enter one: this will typically be read from the current
terminal with echoing turned off.
-=over 10
+=over 4
=item B<pass:password>
-
the actual password is B<password>. Since the password is visible
+
The actual password is B<password>. Since the password is visible
to utilities (like 'ps' under Unix) this form should only be used
where security is not important.
=item B<env:var>
-obtain the password from the environment variable B<var>. Since
+Obtain the password from the environment variable B<var>. Since
the environment of other processes is visible on certain platforms
(e.g. ps under certain Unix OSes) this option should be used with caution.
=item B<file:pathname>
-
the first line of B<pathname> is the password. If the same B<pathname>
+
The first line of B<pathname> is the password. If the same B<pathname>
argument is supplied to B<-passin> and B<-passout> arguments then the first
line will be used for the input password and the next line for the output
password. B<pathname> need not refer to a regular file: it could for example
=item B<fd:number>
-read the password from the file descriptor B<number>. This can be used to
+Read the password from the file descriptor B<number>. This can be used to
send the data via a pipe for example.
=item B<stdin>
-read the password from standard input.
+Read the password from standard input.
=back
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
=head1 ENVIRONMENT
-=over
+=over 4
=item B<OPENSSL>
the configuration information. The general format of the string
is:
-=over 2
+=over 4
=item B<[modifier,]type[:value]>
The supported types are listed below. Unless otherwise specified
only the B<ASCII> format is permissible.
-=over 2
+=over 4
=item B<BOOLEAN>, B<BOOL>
the string format of the final type and value. The supported
formats are documented below.
-=over 2
+=over 4
=item B<EXPLICIT>, B<EXP>
is the type of the old format callback function. The meaning of each argument
is described below:
-=over
+=over 4
=item B<b>
determine this, an SCT's timestamp and signature must be verified.
This requires:
-=over 2
+=over 4
-=item *
+=item * the public key of the log that issued the SCT
-the public key of the log that issued the SCT
+=item * the certificate that the SCT was issued for
-=item *
+=item * the issuer certificate (if the SCT was issued for a pre-certificate)
-the certificate that the SCT was issued for
-
-=item *
-
-the issuer certificate (if the SCT was issued for a pre-certificate)
-
-=item *
-
-the current time
+=item * the current time
=back
CT_POLICY_EVAL_CTX_new() creates an empty policy evaluation context. This
should then be populated using:
-=over 2
+=over 4
-=item *
-
-CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for
+=item * CT_POLICY_EVAL_CTX_set1_cert() to provide the certificate the SCTs were issued for
Increments the reference count of the certificate.
-=item *
-
-CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate
+=item * CT_POLICY_EVAL_CTX_set1_issuer() to provide the issuer certificate
Increments the reference count of the certificate.
-=item *
-
-CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs
+=item * CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE() to provide a list of logs that are trusted as sources of SCTs
Holds a pointer to the CTLOG_STORE, so the CTLOG_STORE must outlive the
CT_POLICY_EVAL_CTX.
-=item *
-
-CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid
+=item * CT_POLICY_EVAL_CTX_set_time() to set the time SCTs should be compared with to determine if they are valid
The SCT timestamp will be compared to this time to check whether the SCT was
issued in the future. RFC6962 states that "TLS clients MUST reject SCTs whose
several flags can be or'd together.
The available flags are:
-=over
+=over 4
=item EVP_CIPH_STREAM_CIPHER, EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE,
EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE,
range of processors. For the moment of this writing following bits are
significant:
-=over
+=over 4
=item bit #4 denoting presence of Time-Stamp Counter.
The capability vector is further extended with EBX value returned by
CPUID with EAX=7 and ECX=0 as input. Following bits are significant:
-=over
+=over 4
=item bit #64+3 denoting availability of BMI1 instructions, e.g. ANDN;
The first option is to create a blank SCT, using SCT_new(), and then populate
it using:
-=over 2
+=over 4
-=item *
-
-SCT_set_version() to set the SCT version.
+=item * SCT_set_version() to set the SCT version.
Only SCT_VERSION_V1 is currently supported.
-=item *
-
-SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:
+=item * SCT_set_log_entry_type() to set the type of certificate the SCT was issued for:
B<CT_LOG_ENTRY_TYPE_X509> for a normal certificate.
B<CT_LOG_ENTRY_TYPE_PRECERT> for a pre-certificate.
-=item *
-
-SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.
+=item * SCT_set0_log_id() or SCT_set1_log_id() to set the LogID of the CT log that the SCT came from.
The former takes ownership, whereas the latter makes a copy.
See RFC 6962, Section 3.2 for the definition of LogID.
-=item *
-
-SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).
-
-=item *
-
-SCT_set_signature_nid() to set the NID of the signature.
+=item * SCT_set_timestamp() to set the time the SCT was issued (epoch time in milliseconds).
-=item *
+=item * SCT_set_signature_nid() to set the NID of the signature.
-SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.
+=item * SCT_set0_signature() or SCT_set1_signature() to set the raw signature value.
The former takes ownership, whereas the latter makes a copy.
-=item *
-
-SCT_set0_extensions() or B<SCT_set1_extensions> to provide SCT extensions.
+=item * SCT_set0_extensions() or B<SCT_set1_extensions> to provide SCT extensions.
The former takes ownership, whereas the latter makes a copy.
Alternatively, the SCT can be pre-populated from the following data using
SCT_new_from_base64():
-=over 2
-
-=item *
-
-The SCT version (only SCT_VERSION_V1 is currently supported).
+=over 4
-=item *
+=item * The SCT version (only SCT_VERSION_V1 is currently supported).
-The LogID (see RFC 6962, Section 3.2), base64 encoded.
+=item * The LogID (see RFC 6962, Section 3.2), base64 encoded.
-=item *
+=item * The type of certificate the SCT was issued for:
-The type of certificate the SCT was issued for:
B<CT_LOG_ENTRY_TYPE_X509> for a normal certificate.
B<CT_LOG_ENTRY_TYPE_PRECERT> for a pre-certificate.
-=item *
-
-The time that the SCT was issued (epoch time in milliseconds).
-
-=item *
-
-The SCT extensions, base64 encoded.
+=item * The time that the SCT was issued (epoch time in milliseconds).
-=item *
+=item * The SCT extensions, base64 encoded.
-The SCT signature, base64 encoded.
+=item * The SCT signature, base64 encoded.
=back
A CT_POLICY_EVAL_CTX must be provided that specifies:
-=over 2
+=over 4
-=item *
-
-The certificate the SCT was issued for.
+=item * The certificate the SCT was issued for.
Failure to provide the certificate will result in the validation status being
SCT_VALIDATION_STATUS_UNVERIFIED.
-=item *
-
-The issuer of that certificate.
+=item * The issuer of that certificate.
This is only required if the SCT was issued for a pre-certificate
(see RFC 6962). If it is required but not provided, the validation status will
be SCT_VALIDATION_STATUS_UNVERIFIED.
-=item *
-
-A CTLOG_STORE that contains the CT log that issued this SCT.
+=item * A CTLOG_STORE that contains the CT log that issued this SCT.
If the SCT was issued by a log that is not in this CTLOG_STORE, the validation
status will be SCT_VALIDATION_STATUS_UNKNOWN_LOG.
i2d_X509_VAL,
- convert objects from/to ASN.1/DER representation
-=for comment generic
-
=head1 SYNOPSIS
+=for comment generic
+
TYPE *d2i_TYPE(TYPE **a, unsigned char **pp, long length);
TYPE *d2i_TYPE_bio(BIO *bp, TYPE **a);
TYPE *d2i_TYPE_fp(FILE *fp, TYPE **a);
The following points about the data types might be useful:
-=over
+=over 4
=item B<ASN1_OBJECT>
=pod
-
=for comment openssl_manual_section:7
=head1 NAME
Normally, this is found as the function I<algorithm>_ecb_encrypt().
-=over 2
+=over 4
=item *
Be aware that des_cbc_encrypt() is not really DES CBC (it does
not update the IV); use des_ncbc_encrypt() instead.
-=over 2
+=over 4
=item *
Normally, this is found as the function I<algorithm>_cfb_encrypt().
-=over 2
+=over 4
=item *
Normally, this is found as the function I<algorithm>_ofb_encrypt().
-=over 2
+=over 4
=item *
Normally, this is found as the function I<algorithm>_ecb3_encrypt().
-=over 2
+=over 4
=item *
Normally, this is found as the function I<algorithm>_ede3_cbc_encrypt().
-=over 2
-
+=over 4
=item *
=head1 SEE ALSO
-L<blowfish(3)>, L<des(3)>, L<idea(3)>,
-L<rc2(3)>
+L<BF_encrypt(3)>, L<DES_crypt(3)>
=head1 COPYRIGHT
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
The EVP_PKEY functions support the full range of asymmetric algorithm operations:
-=over
+=over 4
=item For key agreement see L<EVP_PKEY_derive(3)>
+++ /dev/null
-#! /usr/bin/env perl
-# Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License"). You may not use
-# this file except in compliance with the License. You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-
-require 5.10.0;
-use warnings;
-use strict;
-use Pod::Checker;
-use File::Find;
-use File::Basename;
-use File::Spec::Functions;
-use Getopt::Std;
-use lib catdir(dirname($0), "perl");
-use OpenSSL::Util::Pod;
-
-# Options.
-our($opt_s);
-our($opt_u);
-our($opt_h);
-our($opt_n);
-our($opt_l);
-
-sub help()
-{
- print <<EOF;
-Find small errors (nits) in documentation. Options:
- -l Print bogus links
- -n Print nits in POD pages
- -s Also print missing sections in POD pages (implies -n)
- -u List undocumented functions
- -h Print this help message
-EOF
- exit;
-}
-
-my $temp = '/tmp/docnits.txt';
-my $OUT;
-
-my %mandatory_sections =
- ( '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
- 1 => [ 'SYNOPSIS', 'OPTIONS' ],
- 3 => [ 'SYNOPSIS', 'RETURN VALUES' ],
- 5 => [ ],
- 7 => [ ] );
-
-# Cross-check functions in the NAME and SYNOPSIS section.
-sub name_synopsis()
-{
- my $id = shift;
- my $filename = shift;
- my $contents = shift;
-
- # Get NAME section and all words in it.
- return unless $contents =~ /=head1 NAME(.*)=head1 SYNOPSIS/ms;
- my $tmp = $1;
- $tmp =~ tr/\n/ /;
- print "$id trailing comma before - in NAME\n" if $tmp =~ /, *-/;
- $tmp =~ s/-.*//g;
- $tmp =~ s/,//g;
-
- my $dirname = dirname($filename);
- my $simplename = basename($filename);
- $simplename =~ s/.pod$//;
- my $foundfilename = 0;
- my %foundfilenames = ();
- my %names;
- foreach my $n ( split ' ', $tmp ) {
- $names{$n} = 1;
- $foundfilename++ if $n eq $simplename;
- $foundfilenames{$n} = 1
- if -f "$dirname/$n.pod" && $n ne $simplename;
- }
- print "$id the following exist as other .pod files:\n",
- join(" ", sort keys %foundfilenames), "\n"
- if %foundfilenames;
- print "$id $simplename (filename) missing from NAME section\n",
- unless $foundfilename;
-
- # Find all functions in SYNOPSIS
- return unless $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms;
- my $syn = $1;
- foreach my $line ( split /\n+/, $syn ) {
- my $sym;
- $line =~ s/STACK_OF\([^)]+\)/int/g;
- $line =~ s/__declspec\([^)]+\)//;
- if ( $line =~ /env (\S*)=/ ) {
- # environment variable env NAME=...
- $sym = $1;
- } elsif ( $line =~ /typedef.*\(\*(\S+)\)\(.*/ ) {
- # a callback function: typedef ... (*NAME)(...
- $sym = $1;
- } elsif ( $line =~ /typedef.* (\S+);/ ) {
- # a simple typedef: typedef ... NAME;
- $sym = $1;
- } elsif ( $line =~ /enum (\S*) \{/ ) {
- # an enumeration: enum ... {
- $sym = $1;
- } elsif ( $line =~ /#define ([A-Za-z0-9_]+)/ ) {
- $sym = $1;
- } elsif ( $line =~ /([A-Za-z0-9_]+)\(/ ) {
- $sym = $1;
- }
- else {
- next;
- }
- print "$id $sym missing from NAME section\n"
- unless defined $names{$sym};
- $names{$sym} = 2;
-
- # Do some sanity checks on the prototype.
- print "$id prototype missing spaces around commas: $line\n"
- if ( $line =~ /[a-z0-9],[^ ]/ );
- }
-
- foreach my $n ( keys %names ) {
- next if $names{$n} == 2;
- print "$id $n missing from SYNOPSIS\n";
- }
-}
-
-sub check()
-{
- my $filename = shift;
- my $dirname = basename(dirname($filename));
-
- my $contents = '';
- {
- local $/ = undef;
- open POD, $filename or die "Couldn't open $filename, $!";
- $contents = <POD>;
- close POD;
- }
-
- my $id = "${filename}:1:";
-
- &name_synopsis($id, $filename, $contents)
- unless $contents =~ /=for comment generic/
- or $filename =~ m@man[157]/@;
-
- print "$id doesn't start with =pod\n"
- if $contents !~ /^=pod/;
- print "$id doesn't end with =cut\n"
- if $contents !~ /=cut\n$/;
- print "$id more than one cut line.\n"
- if $contents =~ /=cut.*=cut/ms;
- print "$id missing copyright\n"
- if $contents !~ /Copyright .* The OpenSSL Project Authors/;
- print "$id copyright not last\n"
- if $contents =~ /head1 COPYRIGHT.*=head/ms;
- print "$id head2 in All uppercase\n"
- if $contents =~ /head2\s+[A-Z ]+\n/;
- print "$id extra space after head\n"
- if $contents =~ /=head\d\s\s+/;
- print "$id period in NAME section\n"
- if $contents =~ /=head1 NAME.*\.\n.*=head1 SYNOPSIS/ms;
- print "$id POD markup in NAME section\n"
- if $contents =~ /=head1 NAME.*[<>].*=head1 SYNOPSIS/ms;
- print "$id Duplicate $1 in L<>\n"
- if $contents =~ /L<([^>]*)\|([^>]*)>/ && $1 eq $2;
- print "$id Bad =over $1\n"
- if $contents =~ /=over([^ ][^24])/;
-
- # Look for multiple consecutive openssl #include lines.
- # Consecutive because of files like md5.pod. Sometimes it's okay
- # or necessary, as in ssl/SSL_set1_host.pod
- if ( $contents !~ /=for comment multiple includes/ ) {
- if ( $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms ) {
- my $count = 0;
- foreach my $line ( split /\n+/, $1 ) {
- if ( $line =~ m@include <openssl/@ ) {
- if ( ++$count == 2 ) {
- print "$id has multiple includes\n";
- }
- } else {
- $count = 0;
- }
- }
- }
- }
-
- return unless $opt_s;
-
- # Find what section this page is in. If run from "." assume
- # section 3.
- my $section = 3;
- $section = $1 if $dirname =~ /man([1-9])/;
-
- foreach ((@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}})) {
- print "$id: missing $_ head1 section\n"
- if $contents !~ /^=head1\s+${_}\s*$/m;
- }
-
- open my $OUT, '>', $temp
- or die "Can't open $temp, $!";
- podchecker($filename, $OUT);
- close $OUT;
- open $OUT, '<', $temp
- or die "Can't read $temp, $!";
- while ( <$OUT> ) {
- next if /\(section\) in.*deprecated/;
- print;
- }
- close $OUT;
- unlink $temp || warn "Can't remove $temp, $!";
-}
-
-my %dups;
-
-sub parsenum()
-{
- my $file = shift;
- my @apis;
-
- open my $IN, '<', $file
- or die "Can't open $file, $!, stopped";
-
- while ( <$IN> ) {
- next if /\bNOEXIST\b/;
- next if /\bEXPORT_VAR_AS_FUNC\b/;
- push @apis, $1 if /([^\s]+).\s/;
- }
-
- close $IN;
-
- print "# Found ", scalar(@apis), " in $file\n";
- return sort @apis;
-}
-
-sub getdocced()
-{
- my $dir = shift;
- my %return;
-
- foreach my $pod ( glob("$dir/*.pod") ) {
- my %podinfo = extract_pod_info($pod);
- foreach my $n ( @{$podinfo{names}} ) {
- $return{$n} = $pod;
- print "# Duplicate $n in $pod and $dups{$n}\n"
- if defined $dups{$n} && $dups{$n} ne $pod;
- $dups{$n} = $pod;
- }
- }
-
- return %return;
-}
-
-my %docced;
-
-sub printem()
-{
- my $libname = shift;
- my $numfile = shift;
- my $count = 0;
-
- foreach my $func ( &parsenum($numfile) ) {
- next if $docced{$func};
-
- # Skip ASN1 utilities
- next if $func =~ /^ASN1_/;
-
- print "$libname:$func\n";
- $count++;
- }
- print "# Found $count missing from $numfile\n\n";
-}
-
-
-# Collection of links in each POD file.
-# filename => [ "foo(1)", "bar(3)", ... ]
-my %link_collection = ();
-# Collection of names in each POD file.
-# "name(s)" => filename
-my %name_collection = ();
-
-sub collectnames {
- my $filename = shift;
- $filename =~ m|man(\d)/|;
- my $section = $1;
- my $simplename = basename($filename, ".pod");
- my $id = "${filename}:1:";
-
- my $contents = '';
- {
- local $/ = undef;
- open POD, $filename or die "Couldn't open $filename, $!";
- $contents = <POD>;
- close POD;
- }
-
- $contents =~ /=head1 NAME([^=]*)=head1 /ms;
- my $tmp = $1;
- unless (defined $tmp) {
- print "$id weird name section\n";
- return;
- }
- $tmp =~ tr/\n/ /;
- $tmp =~ s/-.*//g;
-
- my @names = map { s/\s+//g; $_ } split(/,/, $tmp);
- unless (grep { $simplename eq $_ } @names) {
- print "$id missing $simplename\n";
- push @names, $simplename;
- }
- foreach my $name (@names) {
- next if $name eq "";
- my $name_sec = "$name($section)";
- if (! exists $name_collection{$name_sec}) {
- $name_collection{$name_sec} = $filename;
- } else { #elsif ($filename ne $name_collection{$name_sec}) {
- print "$id $name_sec also in $name_collection{$name_sec}\n";
- }
- }
-
- my @foreign_names =
- map { map { s/\s+//g; $_ } split(/,/, $_) }
- $contents =~ /=for\s+comment\s+foreign\s+manuals:\s*(.*)\n\n/;
- foreach (@foreign_names) {
- $name_collection{$_} = undef; # It still exists!
- }
-
- my @links = $contents =~ /L<
- # if the link is of the form L<something|name(s)>,
- # then remove 'something'. Note that 'something'
- # may contain POD codes as well...
- (?:(?:[^\|]|<[^>]*>)*\|)?
- # we're only interested in referenses that have
- # a one digit section number
- ([^\/>\(]+\(\d\))
- /gx;
- $link_collection{$filename} = [ @links ];
-}
-
-sub checklinks {
- foreach my $filename (sort keys %link_collection) {
- foreach my $link (@{$link_collection{$filename}}) {
- print "${filename}:1: reference to non-existing $link\n"
- unless exists $name_collection{$link};
- }
- }
-}
-
-getopts('lnshu');
-
-&help() if ( $opt_h );
-
-die "Need one of -l -n -s or -u flags.\n"
- unless $opt_l or $opt_n or $opt_s or $opt_u;
-
-if ( $opt_n or $opt_s ) {
- foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {
- &check($_);
- }
-}
-
-if ( $opt_l ) {
- foreach (@ARGV ? @ARGV : glob('doc/*/*.pod')) {
- collectnames($_);
- }
- checklinks();
-}
-
-if ( $opt_u ) {
- my %temp = &getdocced('doc/man3');
- foreach ( keys %temp ) {
- $docced{$_} = $temp{$_};
- }
- &printem('crypto', 'util/libcrypto.num');
- &printem('ssl', 'util/libssl.num');
-}
-
-exit;
projects / oweals / openssl.git / commitdiff