[openssl] master update

Richard Levitte levitte at openssl.org
Wed Oct 2 17:26:31 UTC 2019


The branch master has been updated
       via  8dc57d76c99dffd91e88622e2ca2b4bd7de5e1aa (commit)
       via  705128b0f0dbc82db9e7b90aa4103eab9a5ce10e (commit)
      from  2342f68f56351601bdb277fbf1e844202d56aee9 (commit)


- Log -----------------------------------------------------------------
commit 8dc57d76c99dffd91e88622e2ca2b4bd7de5e1aa
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Oct 2 17:13:03 2019 +0200

    doc/man1: fix malformed options
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/10073)

commit 705128b0f0dbc82db9e7b90aa4103eab9a5ce10e
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed Oct 2 13:16:48 2019 +0200

    util/find-doc-nits: more precise option and function name checker
    
    The checks for our uses of 'B<' and 'I<' for options, and possibly
    function names, was over-reaching quite a bit.
    
    So we fine-tune it a bit:
    
    - by only checking for options in man1 pages, and only in SYNOPSIS
      and *OPTIONS sections.
    - by only checking for function names in man3 pages.
    
    The man1 option checker has the additional check that options found in
    *OPTIONS are also found in SYNOPSIS andd vice versa.
    
    In all cases, this also handles options and function names with
    additional markup, such as 'B<-I<cipher>>' and 'B<sk_I<TYPE>_push>'.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/10073)

-----------------------------------------------------------------------

Summary of changes:
 doc/man1/openssl-cms.pod      |   4 +-
 doc/man1/openssl-dgst.pod     |   4 +-
 doc/man1/openssl-enc.pod      |   2 +-
 doc/man1/openssl-genpkey.pod  |   4 +-
 doc/man1/openssl-ocsp.pod     |   4 +-
 doc/man1/openssl-pkcs8.pod    |  12 +--
 doc/man1/openssl-pkey.pod     |   4 +-
 doc/man1/openssl-req.pod      |   4 +-
 doc/man1/openssl-rsautl.pod   |   2 +-
 doc/man1/openssl-s_server.pod |   4 +-
 doc/man1/openssl-smime.pod    |   6 +-
 doc/man1/openssl-storeutl.pod |   4 +-
 doc/man1/openssl-ts.pod       |  10 +--
 doc/man1/openssl-verify.pod   |   8 +-
 doc/man1/openssl-x509.pod     |   4 +-
 util/find-doc-nits            | 171 +++++++++++++++++++++++++++++++++++++-----
 16 files changed, 192 insertions(+), 55 deletions(-)

diff --git a/doc/man1/openssl-cms.pod b/doc/man1/openssl-cms.pod
index 36b075c655..d50a5d0efe 100644
--- a/doc/man1/openssl-cms.pod
+++ b/doc/man1/openssl-cms.pod
@@ -70,7 +70,7 @@ B<openssl> B<cms>
 [B<-verify_name> I<name>]
 [B<-x509_strict>]
 [B<-md> I<digest>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-nointern>]
 [B<-noverify>]
 [B<-nocerts>]
@@ -309,7 +309,7 @@ Do not load the trusted CA certificates from the default directory location
 Digest algorithm to use when signing or resigning. If not present then the
 default digest algorithm for the signing key will be used (usually SHA1).
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 The encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
 or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
diff --git a/doc/man1/openssl-dgst.pod b/doc/man1/openssl-dgst.pod
index d9319e5697..c6e2b21b8e 100644
--- a/doc/man1/openssl-dgst.pod
+++ b/doc/man1/openssl-dgst.pod
@@ -7,7 +7,7 @@ openssl-dgst - perform digest operations
 =head1 SYNOPSIS
 
 B<openssl dgst>
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-help>]
 [B<-c>]
 [B<-d>]
@@ -52,7 +52,7 @@ command.
 
 Print out a usage message.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 Specifies name of a supported digest to be used. To see the list of
 supported digests, use the command C<list --digest-commands>.
diff --git a/doc/man1/openssl-enc.pod b/doc/man1/openssl-enc.pod
index d0f876949a..498df90b1f 100644
--- a/doc/man1/openssl-enc.pod
+++ b/doc/man1/openssl-enc.pod
@@ -7,7 +7,7 @@ openssl-enc - symmetric cipher routines
 =head1 SYNOPSIS
 
 B<openssl>
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-help>]
 [B<-ciphers>]
 [B<-in> I<filename>]
diff --git a/doc/man1/openssl-genpkey.pod b/doc/man1/openssl-genpkey.pod
index 61390777f4..085f7cb4f8 100644
--- a/doc/man1/openssl-genpkey.pod
+++ b/doc/man1/openssl-genpkey.pod
@@ -11,7 +11,7 @@ B<openssl> B<genpkey>
 [B<-out> I<filename>]
 [B<-outform> B<DER>|B<PEM>]
 [B<-pass> I<arg>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-engine> I<id>]
 [B<-paramfile> I<file>]
 [B<-algorithm> I<alg>]
@@ -47,7 +47,7 @@ This specifies the output format DER or PEM. The default format is PEM.
 The output file password source. For more information about the format of B<arg>
 see L<openssl(1)/Pass phrase options>.
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 This option encrypts the private key with the supplied cipher. Any algorithm
 name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
diff --git a/doc/man1/openssl-ocsp.pod b/doc/man1/openssl-ocsp.pod
index dc66134e36..726020ffa5 100644
--- a/doc/man1/openssl-ocsp.pod
+++ b/doc/man1/openssl-ocsp.pod
@@ -88,7 +88,7 @@ B<openssl> B<ocsp>
 [B<-resp_key_id>]
 [B<-nrequest> I<n>]
 [B<-rcid> I<digest>]
-[B<->I<digest>]
+[B<-I<digest>>]
 
 =for comment ifdef multi
 
@@ -312,7 +312,7 @@ This option sets the digest algorithm to use for certificate identification
 in the OCSP response. Any digest supported by the OpenSSL B<dgst> command can
 be used. The default is the same digest algorithm used in the request.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 This option sets digest algorithm to use for certificate identification in the
 OCSP request. Any digest supported by the OpenSSL B<dgst> command can be used.
diff --git a/doc/man1/openssl-pkcs8.pod b/doc/man1/openssl-pkcs8.pod
index 99299f1044..e1cc0b38a5 100644
--- a/doc/man1/openssl-pkcs8.pod
+++ b/doc/man1/openssl-pkcs8.pod
@@ -21,9 +21,9 @@ B<openssl> B<pkcs8>
 [B<-writerand> I<file>]
 [B<-nocrypt>]
 [B<-traditional>]
-[B<-v2 alg>]
-[B<-v2prf alg>]
-[B<-v1 alg>]
+[B<-v2> I<alg>]
+[B<-v2prf> I<alg>]
+[B<-v1> I<alg>]
 [B<-engine> I<id>]
 [B<-scrypt>]
 [B<-scrypt_N> I<N>]
@@ -118,7 +118,7 @@ all others.
 Writes random data to the specified I<file> upon exit.
 This can be used with a subsequent B<-rand> flag.
 
-=item B<-v2 alg>
+=item B<-v2> I<alg>
 
 This option sets the PKCS#5 v2.0 algorithm.
 
@@ -126,7 +126,7 @@ The B<alg> argument is the encryption algorithm to use, valid values include
 B<aes128>, B<aes256> and B<des3>. If this option isn't specified then B<aes256>
 is used.
 
-=item B<-v2prf alg>
+=item B<-v2prf> I<alg>
 
 This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value
 value would be B<hmacWithSHA256>. If this option isn't set then the default
@@ -135,7 +135,7 @@ for the cipher is used or B<hmacWithSHA256> if there is no default.
 Some implementations may not support custom PRF algorithms and may require
 the B<hmacWithSHA1> option to work.
 
-=item B<-v1 alg>
+=item B<-v1> I<alg>
 
 This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used.  Some
 older implementations may not support PKCS#5 v2.0 and may require this option.
diff --git a/doc/man1/openssl-pkey.pod b/doc/man1/openssl-pkey.pod
index fa9ea11f9c..ea64ecff60 100644
--- a/doc/man1/openssl-pkey.pod
+++ b/doc/man1/openssl-pkey.pod
@@ -15,7 +15,7 @@ B<openssl> B<pkey>
 [B<-out> I<filename>]
 [B<-passout> I<arg>]
 [B<-traditional>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-text>]
 [B<-text_pub>]
 [B<-noout>]
@@ -78,7 +78,7 @@ Normally a private key is written using standard format: this is PKCS#8 form
 with the appropriate encryption algorithm (if any). If the B<-traditional>
 option is specified then the older "traditional" format is used instead.
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 These options encrypt the private key with the supplied cipher. Any algorithm
 name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
diff --git a/doc/man1/openssl-req.pod b/doc/man1/openssl-req.pod
index 70d121360a..e010e00f01 100644
--- a/doc/man1/openssl-req.pod
+++ b/doc/man1/openssl-req.pod
@@ -29,7 +29,7 @@ B<openssl> B<req>
 [B<-keyform> B<DER>|B<PEM>]
 [B<-keyout> I<filename>]
 [B<-keygen_engine> I<id>]
-[B<-> I<digest>]
+[B<-I<digest>>]
 [B<-config> I<filename>]
 [B<-multivalue-rdn>]
 [B<-x509>]
@@ -209,7 +209,7 @@ configuration file is used.
 If this option is specified then if a private key is created it
 will not be encrypted.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 This specifies the message digest to sign the request.
 Any digest supported by the OpenSSL B<dgst> command can be used.
diff --git a/doc/man1/openssl-rsautl.pod b/doc/man1/openssl-rsautl.pod
index 2122066270..fccd7a1ad7 100644
--- a/doc/man1/openssl-rsautl.pod
+++ b/doc/man1/openssl-rsautl.pod
@@ -97,7 +97,7 @@ all others.
 Writes random data to the specified I<file> upon exit.
 This can be used with a subsequent B<-rand> flag.
 
-=item B<-pkcs, -oaep, -ssl, -raw>
+=item B<-pkcs>, B<-oaep>, B<-ssl>, B<-raw>
 
 The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
 special padding used in SSL v2 backwards compatible handshakes,
diff --git a/doc/man1/openssl-s_server.pod b/doc/man1/openssl-s_server.pod
index df613311ed..69275ed976 100644
--- a/doc/man1/openssl-s_server.pod
+++ b/doc/man1/openssl-s_server.pod
@@ -47,8 +47,8 @@ B<openssl> B<s_server>
 [B<-WWW>]
 [B<-servername>]
 [B<-servername_fatal>]
-[B<-cert2 infile>]
-[B<-key2 infile>]
+[B<-cert2> I<infile>]
+[B<-key2> I<infile>]
 [B<-tlsextdebug>]
 [B<-HTTP>]
 [B<-id_prefix> I<val>]
diff --git a/doc/man1/openssl-smime.pod b/doc/man1/openssl-smime.pod
index b15baa2dc7..dc4a5bcf2f 100644
--- a/doc/man1/openssl-smime.pod
+++ b/doc/man1/openssl-smime.pod
@@ -16,7 +16,7 @@ B<openssl> B<smime>
 [B<-pk7out>]
 [B<-binary>]
 [B<-crlfeol>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-in> I<file>]
 [B<-CAfile> I<file>]
 [B<-CApath> I<dir>]
@@ -203,7 +203,7 @@ Do not load the trusted CA certificates from the default directory location.
 Digest algorithm to use when signing or resigning. If not present then the
 default digest algorithm for the signing key will be used (usually SHA1).
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 The encryption algorithm to use. For example DES  (56 bits) - B<-des>,
 triple DES (168 bits) - B<-des3>,
@@ -316,7 +316,7 @@ This can be used with a subsequent B<-rand> flag.
 One or more certificates of message recipients: used when encrypting
 a message.
 
-=item B<-to, -from, -subject>
+=item B<-to>, B<-from>, B<-subject>
 
 The relevant mail headers. These are included outside the signed
 portion of a message so they may be included manually. If signing
diff --git a/doc/man1/openssl-storeutl.pod b/doc/man1/openssl-storeutl.pod
index efaa6f98b2..fb292a3cf7 100644
--- a/doc/man1/openssl-storeutl.pod
+++ b/doc/man1/openssl-storeutl.pod
@@ -22,7 +22,7 @@ B<openssl> B<storeutl>
 [B<-serial> I<arg>]
 [B<-alias> I<arg>]
 [B<-fingerprint> I<arg>]
-[B<->I<digest>]
+[B<-I<digest>>]
 B<uri> ...
 
 =head1 DESCRIPTION
@@ -106,7 +106,7 @@ Search for an object having the given alias.
 
 Search for an object having the given fingerprint.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The digest that was used to compute the fingerprint given with B<-fingerprint>.
 
diff --git a/doc/man1/openssl-ts.pod b/doc/man1/openssl-ts.pod
index ec1d296c94..0d65601a41 100644
--- a/doc/man1/openssl-ts.pod
+++ b/doc/man1/openssl-ts.pod
@@ -13,7 +13,7 @@ B<-query>
 [B<-config> I<configfile>]
 [B<-data> I<file_to_hash>]
 [B<-digest> I<digest_bytes>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-tspolicy> I<object_id>]
 [B<-no_nonce>]
 [B<-cert>]
@@ -29,7 +29,7 @@ B<-reply>
 [B<-passin> I<password_src>]
 [B<-signer> I<tsa_cert.pem>]
 [B<-inkey> I<file_or_id>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-chain> I<certs_file.pem>]
 [B<-tspolicy> I<object_id>]
 [B<-in> I<response.tsr>]
@@ -167,7 +167,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
 1AF601...). The number of bytes must match the message digest algorithm
 in use. (Optional)
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The message digest to apply to the data file.
 Any digest supported by the OpenSSL B<dgst> command can be used.
@@ -260,7 +260,7 @@ B<signer_key> config file option. (Optional)
 If no engine is used, the argument is taken as a file; if an engine is
 specified, the argument is given to the engine as a key identifier.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 Signing digest to use. Overrides the B<signer_digest> config file
 option. (Mandatory unless specified in the config file)
@@ -461,7 +461,7 @@ command line option. (Optional)
 =item B<signer_digest>
 
 Signing digest to use. The same as the
-B<->I<digest> command line option. (Mandatory unless specified on the command
+B<-I<digest>> command line option. (Mandatory unless specified on the command
 line)
 
 =item B<default_policy>
diff --git a/doc/man1/openssl-verify.pod b/doc/man1/openssl-verify.pod
index 0635576c87..a83ffadc22 100644
--- a/doc/man1/openssl-verify.pod
+++ b/doc/man1/openssl-verify.pod
@@ -49,9 +49,9 @@ B<openssl> B<verify>
 [B<-verify_name> I<name>]
 [B<-x509_strict>]
 [B<-show_chain>]
-[B<-sm2-id string>]
-[B<-sm2-hex-id hex-string>]
-[B<->]
+[B<-sm2-id> I<string>]
+[B<-sm2-hex-id> I<hex-string>]
+[B<-->]
 [certificates]
 
 =for comment ifdef engine sm2-id sm2-hex-id
@@ -329,7 +329,7 @@ required by the SM2 signature algorithm for signing and verification.
 Specify a binary ID string to use when signing or verifying using an SM2
 certificate. The argument for this option is string of hexadecimal digits.
 
-=item B<->
+=item B<-->
 
 Indicates the last option. All arguments following this are assumed to be
 certificate files. This is useful if the first certificate filename begins
diff --git a/doc/man1/openssl-x509.pod b/doc/man1/openssl-x509.pod
index cb347151da..e2a64fece1 100644
--- a/doc/man1/openssl-x509.pod
+++ b/doc/man1/openssl-x509.pod
@@ -58,7 +58,7 @@ B<openssl> B<x509>
 [B<-ext> I<extensions>]
 [B<-certopt> I<option>]
 [B<-C>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-clrext>]
 [B<-extfile> I<filename>]
 [B<-extensions> I<section>]
@@ -113,7 +113,7 @@ if this option is not specified.
 This specifies the output filename to write to or standard output by
 default.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The digest to use.
 This affects any signing or display option that uses a message
diff --git a/util/find-doc-nits b/util/find-doc-nits
index 67a2ee365c..9c5826d05f 100755
--- a/util/find-doc-nits
+++ b/util/find-doc-nits
@@ -18,6 +18,8 @@ use Getopt::Std;
 use lib catdir(dirname($0), "perl");
 use OpenSSL::Util::Pod;
 
+my $debug = 0;                  # Set to 1 for debug output
+
 # Options.
 our($opt_d);
 our($opt_e);
@@ -203,6 +205,150 @@ sub check_head_style {
     }
 }
 
+# Because we have options and symbols with extra markup, we need
+# to take that into account, so we need a regexp that extracts
+# markup chunks, including recursive markup.
+# please read up on /(?R)/ in perlre(1)
+# (note: order is important, (?R) needs to come before .)
+# (note: non-greedy is important, or something like 'B<foo> and B<bar>'
+# will be captured as one item)
+my $markup_re =
+    qr/(                        # Capture group
+           [BIL]<               # The start of what we recurse on
+           (?:(?-1)|.)*?        # recurse the whole regexp (refering to
+                                # the last opened capture group, i.e. the
+                                # start of this regexp), or pick next
+                                # character.  Do NOT be greedy!
+           >                    # The end of what we recurse on
+       )/x;                     # (the x allows this sort of split up regexp)
+
+# Options must start with a dash, followed by a letter, possibly
+# followed by letters, digits, dashes and underscores, and the last
+# character must be a letter or a digit.
+# We do also accept the single -? or -n, where n is a digit
+my $option_re =
+    qr/(?:
+            \?                  # Single question mark
+            |
+            \d                  # Single digit
+            |
+            -                   # Single dash (--)
+            |
+            [[:alpha:]](?:[-_[:alnum:]]*?[[:alnum:]])?
+       )/x;
+
+# Helper function to check if a given $thing is properly marked up
+# option.  It returns one of these values:
+#
+# undef         if it's not an option
+# ""            if it's a malformed option
+# $unwrapped    the option with the outermost B<> wrapping removed.
+sub normalise_option {
+    my $id = shift;
+    my $filename = shift;
+    my $thing = shift;
+
+    my $unwrapped = $thing;
+    my $unmarked = $thing;
+
+    # $unwrapped is the option with the outer B<> markup removed
+    $unwrapped =~ s/^B<//;
+    $unwrapped =~ s/>$//;
+    # $unmarked is the option with *all* markup removed
+    $unmarked =~ s/[BIL]<|>//msg;
+
+
+    # If we found an option, check it, collect it
+    if ( $unwrapped =~ /^\s*-/ ) {
+        return $unwrapped       # return option with outer B<> removed
+            if $unmarked =~ /^-${option_re}$/;
+        return "";              # Malformed option
+    }
+    return undef;               # Something else
+}
+
+# Checks of command option (man1) formatting.  The man1 checks are
+# restricted to the SYNOPSIS and OPTIONS sections, the rest is too
+# free form, we simply cannot be too strict there.
+
+sub option_check {
+    my $id = shift;
+    my $filename = shift;
+    my $contents = shift;
+
+    my $synopsis = ($contents =~ /=head1\s+SYNOPSIS(.*?)=head1/s, $1);
+
+    # Some pages have more than one OPTIONS section, let's make sure
+    # to get them all
+    my $options = '';
+    while ( $contents =~ /=head1\s+[A-Z ]*?OPTIONS$(.*?)(?==head1)/msg ) {
+        $options .= $1;
+    }
+
+    # Look for options with no or incorrect markup
+    while ( $synopsis =~
+            /(?<![-<[:alnum:]])-(?:$markup_re|.)*(?![->[:alnum:]])/msg ) {
+        err($id, "Malformed option [1] in SYNOPSIS: $&");
+    }
+
+    while ( $synopsis =~ /$markup_re/msg ) {
+        my $found = $&;
+        print STDERR "$id:DEBUG[option_check] SYNOPSIS: found $found\n"
+            if $debug;
+        my $option_uw = normalise_option($id, $filename, $found);
+        err($id, "Malformed option [2] in SYNOPSIS: $found")
+            if defined $option_uw && $option_uw eq '';
+    }
+
+    # In OPTIONS, we look for =item paragraphs.
+    # (?=^\s*$) detects an empty line.
+    while ( $options =~ /=item\s+(.*?)(?=^\s*$)/msg ) {
+        my $item = $&;
+
+        while ( $item =~ /(\[\s*)?($markup_re)/msg ) {
+            my $found = $2;
+            print STDERR "$id:DEBUG[option_check] OPTIONS: found $&\n"
+                if $debug;
+            err($id, "Unexpected bracket in OPTIONS =item: $item")
+                if ($1 // '') ne '' && $found =~ /^B<\s*-/;
+
+            my $option_uw = normalise_option($id, $filename, $found);
+            err($id, "Malformed option in OPTIONS: $found")
+                if defined $option_uw && $option_uw eq '';
+        }
+    }
+}
+
+# Normal symbol form
+my $symbol_re = qr/[[:alpha:]_][_[:alnum:]]*?/;
+
+# Checks of function name (man3) formatting.  The man3 checks are
+# easier than the man1 checks, we only check the names followed by (),
+# and only the names that have POD markup.
+
+sub functionname_check {
+    my $id = shift;
+    my $filename = shift;
+    my $contents = shift;
+
+    while ( $contents =~ /($markup_re)\(\)/msg ) {
+        print STDERR "$id:DEBUG[functionname_check] SYNOPSIS: found $&\n"
+            if $debug;
+
+        my $symbol = $1;
+        my $unmarked = $symbol;
+        $unmarked =~ s/[BIL]<|>//msg;
+
+        err($id, "Malformed symbol: $symbol")
+            unless $symbol =~ /^B<.*>$/ && $unmarked =~ /^${symbol_re}$/
+    }
+
+    # We can't do the kind of collecting coolness that option_check()
+    # does, because there are too many things that can't be found in
+    # name repositories like the NAME sections, such as symbol names
+    # with a variable part (typically marked up as B<foo_I<TYPE>_bar>
+}
+
 sub check {
     my $filename = shift;
     my $dirname = basename(dirname($filename));
@@ -225,9 +371,14 @@ sub check {
         check_section_location($id, $contents, "EXAMPLES", "SEE ALSO");
     }
 
-    name_synopsis($id, $filename, $contents)
-        unless $contents =~ /=for comment generic/
-            or $filename =~ m at man[157]/@;
+    unless ( $contents =~ /=for comment generic/ ) {
+        if ( $filename =~ m|man3/| ) {
+            name_synopsis($id, $filename, $contents);
+            functionname_check($id, $filename, $contents);
+        } elsif ( $filename =~ m|man1/| ) {
+            option_check($id, $filename, $contents)
+        }
+    }
 
     err($id, "doesn't start with =pod")
         if $contents !~ /^=pod/;
@@ -255,20 +406,6 @@ sub check {
         if $contents =~ /=over([^ ][^24])/;
     err($id, "Possible version style issue")
         if $contents =~ /OpenSSL version [019]/;
-    err($id, "Brackets on item line")
-        if $contents =~ /=item \[/;
-    if ( $contents !~ /=for comment generic/) {
-        # Some API pages have B<foo<I<TYPE>bar>.
-        err($id, "Bad flag formatting inside B<>")
-            if $contents =~ /B<-[A-Za-z_ ]+ /;
-        while ( $contents =~ /([BI])<([^>]*)>/g ) {
-            my $B = $1;
-            my $T = $2;
-            next if $T =~ /E</;  # Assume it's E<lt>
-            err($id, "Bad content inside $B<$T>")
-                if $T =~ /[<|]/;
-        }
-    }
 
     if ( $contents !~ /=for comment multiple includes/ ) {
         # Look for multiple consecutive openssl #include lines


More information about the openssl-commits mailing list