[openssl] master update
tmraz at fedoraproject.org
tmraz at fedoraproject.org
Wed Jan 22 17:07:22 UTC 2020
The branch master has been updated
via 177b60b48139f873dd8f7b841f2655a985d9806d (commit)
via fadb57e554cb0b9b7678902a3572740f31bcc279 (commit)
from 2280685883f7c19a07a55bcc3ddcd11b6cd82056 (commit)
- Log -----------------------------------------------------------------
commit 177b60b48139f873dd8f7b841f2655a985d9806d
Author: Rich Salz <rsalz at akamai.com>
Date: Mon Jan 13 13:48:08 2020 -0500
Add missing files to generated
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10256)
commit fadb57e554cb0b9b7678902a3572740f31bcc279
Author: Rich Salz <rsalz at akamai.com>
Date: Thu Oct 24 16:40:11 2019 -0400
Fix some missing doc links.
Replace "=for openssl foreign manuals" with simpler syntax, it looks
like the "=for openssl ifdef" construct.
Fix some broken L<> links; add some missing foreign references and fixed
some typo's.
The WARNINGS in dhparam referred to non-existant commands so reword it.
Fixes #10109
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10256)
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
Configurations/unix-Makefile.tmpl | 2 +-
doc/internal/man3/ossl_cmp_statusinfo_new.pod | 2 +-
doc/man1/build.info | 27 +++++++++++++++++++++
doc/man1/openssl-ca.pod.in | 2 ++
doc/man1/openssl-cmds.pod | 4 ++-
doc/man1/openssl-dgst.pod.in | 2 ++
doc/man1/openssl-dhparam.pod.in | 12 +++------
doc/man1/openssl-ts.pod.in | 4 +--
doc/man1/tsget.pod | 2 +-
doc/man3/EVP_PKEY_CTX_ctrl.pod | 6 ++---
doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod | 2 +-
doc/man3/EVP_PKEY_derive.pod | 7 +++---
doc/man3/EVP_PKEY_sign.pod | 1 -
doc/man3/EVP_PKEY_verify.pod | 3 +--
doc/man3/OSSL_trace_set_channel.pod | 2 +-
doc/man3/PKCS12_SAFEBAG_get0_attrs.pod | 1 -
doc/man3/SMIME_read_CMS.pod | 2 +-
doc/man3/X509_LOOKUP_hash_dir.pod | 6 ++---
doc/man7/EVP_KDF-KRB5KDF.pod | 1 -
doc/man7/OSSL_PROVIDER-FIPS.pod | 4 +--
doc/man7/openssl-env.pod | 2 +-
doc/man7/provider-asym_cipher.pod | 8 +++---
doc/man7/provider-keyexch.pod | 4 +--
doc/man7/provider-signature.pod | 6 ++---
doc/man7/provider.pod | 4 +--
doc/perlvars.pm | 3 +--
util/find-doc-nits | 35 +++++++++++++++------------
util/libcrypto.num | 8 ------
util/missingcrypto.txt | 17 +++++++++++--
util/other.syms | 2 --
31 files changed, 104 insertions(+), 78 deletions(-)
diff --git a/.gitignore b/.gitignore
index 26bba646d7..691e88a13e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,6 +26,7 @@
/include/openssl/opensslv.h
# Auto generated doc files
+# If you add to this list, make sure doc/man1/build.info is sync'd!
doc/man1/openssl-ca.pod
doc/man1/openssl-cms.pod
doc/man1/openssl-crl.pod
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index f01040d39d..62ca26dde5 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -952,7 +952,7 @@ generate: generate_apps generate_crypto_bn generate_crypto_objects \
.PHONY: doc-nits
doc-nits: build_generated
- (cd $(SRCDIR); $(PERL) util/find-doc-nits -n -e )
+ (cd $(SRCDIR); $(PERL) util/find-doc-nits -n -l -e )
# Test coverage is a good idea for the future
#coverage: $(PROGRAMS) $(TESTPROGRAMS)
diff --git a/doc/internal/man3/ossl_cmp_statusinfo_new.pod b/doc/internal/man3/ossl_cmp_statusinfo_new.pod
index 6a72056455..ee7dd35cf5 100644
--- a/doc/internal/man3/ossl_cmp_statusinfo_new.pod
+++ b/doc/internal/man3/ossl_cmp_statusinfo_new.pod
@@ -89,7 +89,7 @@ See the individual functions above.
=head1 SEE ALSO
-L<OSSL_CMP_CTX_new(3)>, L<ossl_cmp_certreq_new(3)>
+L<OSSL_CMP_CTX_new(3)>, L<ossl_cmp_certReq_new(3)>
=head1 HISTORY
diff --git a/doc/man1/build.info b/doc/man1/build.info
index aed1f948d5..2fbbb258b4 100644
--- a/doc/man1/build.info
+++ b/doc/man1/build.info
@@ -5,24 +5,33 @@ DEPEND[]= \
openssl-crl.pod \
openssl-dgst.pod \
openssl-dhparam.pod \
+ openssl-dsa.pod \
openssl-dsaparam.pod \
openssl-ecparam.pod \
+ openssl-ec.pod \
openssl-enc.pod \
openssl-gendsa.pod \
+ openssl-genpkey.pod \
openssl-genrsa.pod \
openssl-ocsp.pod \
openssl-passwd.pod \
openssl-pkcs12.pod \
openssl-pkcs8.pod \
+ openssl-pkcs7.pod \
+ openssl-pkey.pod \
+ openssl-pkeyparam.pod \
openssl-pkeyutl.pod \
openssl-rand.pod \
openssl-req.pod \
+ openssl-rsa.pod \
openssl-rsautl.pod \
openssl-s_client.pod \
openssl-s_server.pod \
openssl-s_time.pod \
openssl-smime.pod \
openssl-speed.pod \
+ openssl-spkac.pod \
+ openssl-storeutl.pod \
openssl-srp.pod \
openssl-ts.pod \
openssl-verify.pod \
@@ -38,30 +47,44 @@ DEPEND[openssl-dgst.pod]=../perlvars.pm
GENERATE[openssl-dgst.pod]=openssl-dgst.pod.in
DEPEND[openssl-dhparam.pod]=../perlvars.pm
GENERATE[openssl-dhparam.pod]=openssl-dhparam.pod.in
+DEPEND[openssl-dsa.pod]=../perlvars.pm
+GENERATE[openssl-dsa.pod]=openssl-dsa.pod.in
DEPEND[openssl-dsaparam.pod]=../perlvars.pm
GENERATE[openssl-dsaparam.pod]=openssl-dsaparam.pod.in
DEPEND[openssl-ecparam.pod]=../perlvars.pm
GENERATE[openssl-ecparam.pod]=openssl-ecparam.pod.in
+DEPEND[openssl-ec.pod]=../perlvars.pm
+GENERATE[openssl-ec.pod]=openssl-ec.pod.in
DEPEND[openssl-enc.pod]=../perlvars.pm
GENERATE[openssl-enc.pod]=openssl-enc.pod.in
DEPEND[openssl-gendsa.pod]=../perlvars.pm
GENERATE[openssl-gendsa.pod]=openssl-gendsa.pod.in
+DEPEND[openssl-genpkey.pod]=../perlvars.pm
+GENERATE[openssl-genpkey.pod]=openssl-genpkey.pod.in
DEPEND[openssl-genrsa.pod]=../perlvars.pm
GENERATE[openssl-genrsa.pod]=openssl-genrsa.pod.in
DEPEND[openssl-ocsp.pod]=../perlvars.pm
GENERATE[openssl-ocsp.pod]=openssl-ocsp.pod.in
DEPEND[openssl-passwd.pod]=../perlvars.pm
GENERATE[openssl-passwd.pod]=openssl-passwd.pod.in
+DEPEND[openssl-pkcs7.pod]=../perlvars.pm
+GENERATE[openssl-pkcs7.pod]=openssl-pkcs7.pod.in
DEPEND[openssl-pkcs8.pod]=../perlvars.pm
GENERATE[openssl-pkcs8.pod]=openssl-pkcs8.pod.in
DEPEND[openssl-pkcs12.pod]=../perlvars.pm
GENERATE[openssl-pkcs12.pod]=openssl-pkcs12.pod.in
+DEPEND[openssl-pkey.pod]=../perlvars.pm
+GENERATE[openssl-pkey.pod]=openssl-pkey.pod.in
+DEPEND[openssl-pkeyparam.pod]=../perlvars.pm
+GENERATE[openssl-pkeyparam.pod]=openssl-pkeyparam.pod.in
DEPEND[openssl-pkeyutl.pod]=../perlvars.pm
GENERATE[openssl-pkeyutl.pod]=openssl-pkeyutl.pod.in
DEPEND[openssl-rand.pod]=../perlvars.pm
GENERATE[openssl-rand.pod]=openssl-rand.pod.in
DEPEND[openssl-req.pod]=../perlvars.pm
GENERATE[openssl-req.pod]=openssl-req.pod.in
+DEPEND[openssl-rsa.pod]=../perlvars.pm
+GENERATE[openssl-rsa.pod]=openssl-rsa.pod.in
DEPEND[openssl-rsautl.pod]=../perlvars.pm
GENERATE[openssl-rsautl.pod]=openssl-rsautl.pod.in
DEPEND[openssl-s_client.pod]=../perlvars.pm
@@ -74,6 +97,10 @@ DEPEND[openssl-smime.pod]=../perlvars.pm
GENERATE[openssl-smime.pod]=openssl-smime.pod.in
DEPEND[openssl-speed.pod]=../perlvars.pm
GENERATE[openssl-speed.pod]=openssl-speed.pod.in
+DEPEND[openssl-spkac.pod]=../perlvars.pm
+GENERATE[openssl-spkac.pod]=openssl-spkac.pod.in
+DEPEND[openssl-storeutl.pod]=../perlvars.pm
+GENERATE[openssl-storeutl.pod]=openssl-storeutl.pod.in
DEPEND[openssl-srp.pod]=../perlvars.pm
GENERATE[openssl-srp.pod]=openssl-srp.pod.in
DEPEND[openssl-ts.pod]=../perlvars.pm
diff --git a/doc/man1/openssl-ca.pod.in b/doc/man1/openssl-ca.pod.in
index 44e581e0d9..6d351ae1cc 100644
--- a/doc/man1/openssl-ca.pod.in
+++ b/doc/man1/openssl-ca.pod.in
@@ -149,6 +149,8 @@ Names and values of these options are algorithm-specific.
=item B<-key> I<password>
+=for openssl foreign manual ps(1)
+
The password used to encrypt the private key. Since on some
systems the command line arguments are visible (e.g. Unix with
the L<ps(1)> utility) this option should be used with caution.
diff --git a/doc/man1/openssl-cmds.pod b/doc/man1/openssl-cmds.pod
index 8a649ca343..d44d40cfec 100644
--- a/doc/man1/openssl-cmds.pod
+++ b/doc/man1/openssl-cmds.pod
@@ -55,7 +55,7 @@ version,
x509
- OpenSSL application commands
-=for comment foreign manuals: apropos(1)
+=for openssl foreign manual apropos(1)
=head1 SYNOPSIS
@@ -136,6 +136,8 @@ L<openssl-x509(1)>,
=head1 HISTORY
+=for openssl foreign manual apropos(1)
+
Initially, the manual page entry for the C<openssl I<cmd>> command used
to be available at I<cmd>(1). Later, the alias B<openssl-I<cmd>>(1) was
introduced, which made it easier to group the openssl commands using
diff --git a/doc/man1/openssl-dgst.pod.in b/doc/man1/openssl-dgst.pod.in
index 4563ad1d5e..a954b8b253 100644
--- a/doc/man1/openssl-dgst.pod.in
+++ b/doc/man1/openssl-dgst.pod.in
@@ -81,6 +81,8 @@ Output the digest or signature in binary form.
=item B<-r>
+=for openssl foreign manual sha1sum(1)
+
Output the digest in the "coreutils" format, including newlines.
Used by programs like L<sha1sum(1)>.
diff --git a/doc/man1/openssl-dhparam.pod.in b/doc/man1/openssl-dhparam.pod.in
index e125330b36..9da15f7ad2 100644
--- a/doc/man1/openssl-dhparam.pod.in
+++ b/doc/man1/openssl-dhparam.pod.in
@@ -108,19 +108,15 @@ be loaded by calling the get_dhNNNN() function.
=back
-=head1 WARNINGS
-
-This command combines the functionality of the L<openssl-dh(1)> and the
-L<openssl-gendh(1)> commands in previous OpenSSL versions.
-The L<openssl-dh(1)> and L<openssl-gendh(1)> commands are retained for now but
-may have different purposes in future versions of OpenSSL.
-
=head1 NOTES
+This command replaces the B<dh> and B<gendh> commands of previous
+releases.
+
OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42
DH.
-This program manipulates DH parameters not keys.
+This command manipulates DH parameters not keys.
=head1 BUGS
diff --git a/doc/man1/openssl-ts.pod.in b/doc/man1/openssl-ts.pod.in
index 0eb4f8031a..53781126fa 100644
--- a/doc/man1/openssl-ts.pod.in
+++ b/doc/man1/openssl-ts.pod.in
@@ -608,7 +608,7 @@ You could also look at the 'test' directory for more examples.
=head1 BUGS
-=for openssl foreign manuals: procmail(1), perl(1)
+=for openssl foreign manual procmail(1) perl(1)
=over 2
@@ -653,7 +653,7 @@ retained mainly for compatibility reasons.
=head1 SEE ALSO
L<openssl(1)>,
-L<openssl-tsget(1)>,
+L<tsget(1)>,
L<openssl-req(1)>,
L<openssl-x509(1)>,
L<openssl-ca(1)>,
diff --git a/doc/man1/tsget.pod b/doc/man1/tsget.pod
index 0287bc94be..201c24fc2a 100644
--- a/doc/man1/tsget.pod
+++ b/doc/man1/tsget.pod
@@ -183,7 +183,7 @@ example:
=head1 SEE ALSO
-=for openssl foreign manuals: WWW::Curl::Easy
+=for openssl foreign manual WWW::Curl::Easy
L<openssl(1)>,
L<openssl-ts(1)>,
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod
index 4d52af9d4c..41f8d919d4 100644
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@@ -168,8 +168,7 @@ Not all parameters may be supported by all providers.
See L<OSSL_PROVIDER(3)> for more information on providers.
See L<OSSL_PARAM(3)> for more information on parameters.
These functions must only be called after the EVP_PKEY_CTX has been initialised
-for use in an operation (for example by L<EVP_PKEY_sign_init_ex(3)>,
-L<EVP_PKEY_derive_init_ex(3)> or other similar functions).
+for use in an operation.
The parameters currently supported by the default provider are:
@@ -204,8 +203,7 @@ that can be used with EVP_PKEY_CTX_get_params() and EVP_PKEY_CTX_set_params()
respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
These functions must only be called after the EVP_PKEY_CTX has been initialised
-for use in an operation (for example by L<EVP_PKEY_sign_init_ex(3)>,
-L<EVP_PKEY_derive_init_ex(3)> or other similar functions).
+for use in an operation.
The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
diff --git a/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod b/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
index dfde4ff8bc..7dbf5fa9c9 100644
--- a/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
+++ b/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod
@@ -29,7 +29,7 @@ EVP_PKEY_CTX_set_scrypt_maxmem_bytes
These functions are used to set up the necessary data to use the
scrypt KDF.
-For more information on scrypt, see L<EVP_KDF_SCRYPT(7)>.
+For more information on scrypt, see L<EVP_KDF-SCRYPT(7)>.
EVP_PKEY_CTX_set1_scrypt_salt() sets the B<saltlen> bytes long salt
value.
diff --git a/doc/man3/EVP_PKEY_derive.pod b/doc/man3/EVP_PKEY_derive.pod
index 954a3501e8..30d301a150 100644
--- a/doc/man3/EVP_PKEY_derive.pod
+++ b/doc/man3/EVP_PKEY_derive.pod
@@ -33,7 +33,7 @@ written to I<keylen>.
=head1 NOTES
-After the call to EVP_PKEY_derive_init() or EVP_PKEY_derive_init_ex() algorithm
+After the call to EVP_PKEY_derive_init(), algorithm
specific control operations can be performed to set any appropriate parameters
for the operation.
@@ -42,7 +42,7 @@ context if several operations are performed using the same parameters.
=head1 RETURN VALUES
-EVP_PKEY_derive_init_ex(), EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1
+EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1
for success and 0 or a negative value for failure.
In particular a return value of -2 indicates the operation is not supported by
the public key algorithm.
@@ -95,8 +95,7 @@ L<EVP_KEYEXCH_fetch(3)>
=head1 HISTORY
-These functions were added in OpenSSL 1.0.0. The EVP_PKEY_derive_init_ex()
-function was added in OpenSSL 3.0.
+These functions were added in OpenSSL 1.0.0.
=head1 COPYRIGHT
diff --git a/doc/man3/EVP_PKEY_sign.pod b/doc/man3/EVP_PKEY_sign.pod
index 68788921da..78288781b8 100644
--- a/doc/man3/EVP_PKEY_sign.pod
+++ b/doc/man3/EVP_PKEY_sign.pod
@@ -105,7 +105,6 @@ L<EVP_PKEY_derive(3)>
=head1 HISTORY
-EVP_PKEY_sign_init_ex() was added in OpenSSL 3.0.
These functions were added in OpenSSL 1.0.0.
=head1 COPYRIGHT
diff --git a/doc/man3/EVP_PKEY_verify.pod b/doc/man3/EVP_PKEY_verify.pod
index ed63cdae84..878e4878c7 100644
--- a/doc/man3/EVP_PKEY_verify.pod
+++ b/doc/man3/EVP_PKEY_verify.pod
@@ -93,8 +93,7 @@ L<EVP_PKEY_derive(3)>
=head1 HISTORY
-EVP_PKEY_verify_init_ex() was added in OpenSSL 3.0.
-All other functions were added in OpenSSL 1.0.0.
+These functions were added in OpenSSL 1.0.0.
=head1 COPYRIGHT
diff --git a/doc/man3/OSSL_trace_set_channel.pod b/doc/man3/OSSL_trace_set_channel.pod
index 7df484ca95..a4b1d094d1 100644
--- a/doc/man3/OSSL_trace_set_channel.pod
+++ b/doc/man3/OSSL_trace_set_channel.pod
@@ -1,6 +1,6 @@
=pod
-=for openssl foreign manuals: atexit(3)
+=for openssl foreign manual atexit(3)
=head1 NAME
diff --git a/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod b/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod
index 9fd3b78699..f95e537b45 100644
--- a/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod
+++ b/doc/man3/PKCS12_SAFEBAG_get0_attrs.pod
@@ -35,7 +35,6 @@ is still owned by the B<PKCS12_SAFEBAG> in which it resides.
=head1 SEE ALSO
L<PKCS12_get_friendlyname(3)>,
-L<PKCS12_get_localkeyid(3)>,
L<PKCS12_add_friendlyname_asc(3)>
=head1 COPYRIGHT
diff --git a/doc/man3/SMIME_read_CMS.pod b/doc/man3/SMIME_read_CMS.pod
index 41d6fd454b..eab8347d3e 100644
--- a/doc/man3/SMIME_read_CMS.pod
+++ b/doc/man3/SMIME_read_CMS.pod
@@ -58,7 +58,7 @@ if an error occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
-L<ERR_get_error(3)>, L<CMS_type(3)>,
+L<ERR_get_error(3)>,
L<SMIME_read_CMS(3)>, L<CMS_sign(3)>,
L<CMS_verify(3)>, L<CMS_encrypt(3)>,
L<CMS_decrypt(3)>
diff --git a/doc/man3/X509_LOOKUP_hash_dir.pod b/doc/man3/X509_LOOKUP_hash_dir.pod
index b2f0a6a361..41d24018a5 100644
--- a/doc/man3/X509_LOOKUP_hash_dir.pod
+++ b/doc/man3/X509_LOOKUP_hash_dir.pod
@@ -116,14 +116,14 @@ hashed names for all files with F<.pem> suffix in a given directory.
B<X509_LOOKUP_store> is a method that allows access to any store of
certificates and CRLs through any loader supported by
-L<OSSL_STORE(3)>.
+L<ossl_store(7)>.
It works with the help of URIs, which can be direct references to
certificates or CRLs, but can also be references to catalogues of such
objects (that behave like directories).
This method overlaps the L</File Method> and L</Hashed Directory Method>
because of the 'file:' scheme loader.
-It does no caching of its own, but can use a caching L<OSSL_STORE(3)>
+It does no caching of its own, but can use a caching L<ossl_store(7)>
loader, and therefore depends on the loader's capability.
=head1 RETURN VALUES
@@ -141,7 +141,7 @@ L<X509_STORE_load_locations(3)>,
L<X509_store_add_lookup(3)>,
L<SSL_CTX_load_verify_locations(3)>,
L<X509_LOOKUP_meth_new(3)>,
-L<OSSL_STORE(3)>
+L<ossl_store(7)>
=head1 HISTORY
diff --git a/doc/man7/EVP_KDF-KRB5KDF.pod b/doc/man7/EVP_KDF-KRB5KDF.pod
index 1ac06c493e..9d3f27bb4b 100644
--- a/doc/man7/EVP_KDF-KRB5KDF.pod
+++ b/doc/man7/EVP_KDF-KRB5KDF.pod
@@ -96,7 +96,6 @@ RFC 3961
=head1 SEE ALSO
L<EVP_KDF(3)>,
-L<EVP_KDF_CTX_new_id(3)>,
L<EVP_KDF_CTX_free(3)>,
L<EVP_KDF_ctrl(3)>,
L<EVP_KDF_size(3)>,
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index a04ce4d6f2..c3768da7bc 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -15,7 +15,7 @@ accredited testing laboratory.
One of the requirements for the FIPS module is self testing. An optional callback
mechanism is available to return information to the user using
-L<OSSL_SELF_TEST_set_callback(7)>.
+L<OSSL_SELF_TEST_set_callback(3)>.
The OPENSSL FIPS module uses the following mechanism to provide information
about the self tests as they run.
@@ -240,7 +240,7 @@ A simple self test callback is shown below for illustrative purposes.
L<openssl-fipsinstall(1)>,
L<fips_config(5)>,
-L<OSSL_SELF_TEST_set_callback(7)>,
+L<OSSL_SELF_TEST_set_callback(3)>,
L<OSSL_PARAM(3)>,
L<openssl-core.h(7)>
diff --git a/doc/man7/openssl-env.pod b/doc/man7/openssl-env.pod
index ee341a92d1..be89f85172 100644
--- a/doc/man7/openssl-env.pod
+++ b/doc/man7/openssl-env.pod
@@ -37,7 +37,7 @@ See L<openssl-engine(1)>.
=item B<OPENSSL_MALLOC_FD>, B<OPENSSL_MALLOC_FAILURES>
If built with debugging, this allows memory allocation to fail.
-See L<OPENSSSL_malloc(3)>.
+See L<OPENSSL_malloc(3)>.
=item B<OPENSSL_MODULES>
diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod
index de615c463f..b442cd5a50 100644
--- a/doc/man7/provider-asym_cipher.pod
+++ b/doc/man7/provider-asym_cipher.pod
@@ -47,9 +47,9 @@ for further information.
The asymmetric cipher (OSSL_OP_ASYM_CIPHER) operation enables providers to
implement asymmetric cipher algorithms and make them available to applications
-via the API functions L<EVP_PKEY_encrypt_init_ex(3)>, L<EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt_init_ex(3)>, L<EVP_PKEY_decrypt(3)> (as well
-as other related functions).
+via the API functions L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)> and
+other related functions).
All "functions" mentioned here are passed as function pointers between
F<libcrypto> and the provider in B<OSSL_DISPATCH> arrays via
@@ -108,7 +108,7 @@ structure for holding context information during an asymmetric cipher operation.
A pointer to this context will be passed back in a number of the other
asymmetric cipher operation function calls.
The parameter I<provctx> is the provider context generated during provider
-initialisation (see L<provider(3)>).
+initialisation (see L<provider(7)>).
OP_asym_cipher_freectx() is passed a pointer to the provider side asymmetric
cipher context in the I<ctx> parameter.
diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod
index aa010daa81..ceb03ec2f0 100644
--- a/doc/man7/provider-keyexch.pod
+++ b/doc/man7/provider-keyexch.pod
@@ -38,8 +38,8 @@ This documentation is primarily aimed at provider authors. See L<provider(7)>
for further information.
The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key
-exchange algorithms and make them available to applications via the API
-functions L<EVP_PKEY_derive_init_ex(3)>, and L<EVP_PKEY_derive(3)> (as well as
+exchange algorithms and make them available to applications via
+L<EVP_PKEY_derive(3)> and
other related functions).
All "functions" mentioned here are passed as function pointers between
diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod
index ea98c95ae2..d5f0c396c1 100644
--- a/doc/man7/provider-signature.pod
+++ b/doc/man7/provider-signature.pod
@@ -51,9 +51,9 @@ for further information.
The signature (OSSL_OP_SIGNATURE) operation enables providers to implement
signature algorithms and make them available to applications via the API
-functions L<EVP_PKEY_sign_init_ex(3)>, L<EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify_init_ex(3)>, L<EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover_init_ex(3)> and L<EVP_PKEY_verify_recover(3)> (as well
+functions L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+and L<EVP_PKEY_verify_recover(3)> (as well
as other related functions).
All "functions" mentioned here are passed as function pointers between
diff --git a/doc/man7/provider.pod b/doc/man7/provider.pod
index 0e9019960d..d2fef9beee 100644
--- a/doc/man7/provider.pod
+++ b/doc/man7/provider.pod
@@ -217,8 +217,7 @@ When they are used with functions like L<EVP_DigestInit_ex(3)> or
L<EVP_CipherInit_ex(3)>, the actual implementation to be used is
fetched implicitly using default search criteria.
-Implicit fetching can also occur with functions such as
-L<EVP_PKEY_derive_init_ex(3)> where a NULL algorithm parameter is
+Implicit fetching can also occur when a NULL algorithm parameter is
supplied.
In this case an algorithm implementation is implicitly fetched using
default search criteria and an algorithm name that is consistent with
@@ -349,7 +348,6 @@ other providers:
=head1 SEE ALSO
L<EVP_DigestInit_ex(3)>, L<EVP_EncryptInit_ex(3)>,
-L<EVP_PKEY_derive_init_ex(3)>,
L<OPENSSL_CTX(3)>,
L<EVP_set_default_properties(3)>,
L<EVP_MD_fetch(3)>,
diff --git a/doc/perlvars.pm b/doc/perlvars.pm
index 7f0cf167d3..09e5000b7a 100644
--- a/doc/perlvars.pm
+++ b/doc/perlvars.pm
@@ -140,8 +140,7 @@ $OpenSSL::safe::opt_version_item = "\n"
. "See L<openssl(1)/TLS Version Options>.";
# SSL connection options.
-# TODO(3.0) Not currently used. The refactoring needs to be done, and
-# the options will probably be re-ordered.
+# TODO options will probably be re-ordered.
$OpenSSL::safe::opt_s_synopsis = ""
. "[B<-bugs>]\n"
. "[B<-no_comp>]\n"
diff --git a/util/find-doc-nits b/util/find-doc-nits
index 773214c94d..3daf58182f 100755
--- a/util/find-doc-nits
+++ b/util/find-doc-nits
@@ -597,7 +597,7 @@ sub loadmissing($)
my @missing;
open FH, $missingfile
- || die "Can't open $missingfile";
+ or die "Can't open $missingfile";
while ( <FH> ) {
chomp;
next if /^#/;
@@ -631,7 +631,8 @@ sub checkmacros {
next if $f eq 'include/openssl/asn1.h';
next if $f eq 'include/openssl/asn1t.h';
next if $f eq 'include/openssl/err.h';
- open(IN, $f) || die "Can't open $f, $!";
+ open(IN, $f)
+ or die "Can't open $f, $!";
while ( <IN> ) {
next unless /^#\s*define\s*(\S+)\(/;
my $macro = "$1(3)"; # We know they're all in section 3
@@ -666,7 +667,7 @@ sub printem {
my $count = 0;
my %seen;
- my @missing = loadmissing($missingfile) if ( $opt_v );
+ my @missing = loadmissing($missingfile) if $opt_v;
foreach my $func ( parsenum($numfile) ) {
$func .= '(3)'; # We know they're all in section 3
@@ -700,7 +701,7 @@ sub collectnames {
err($id, "$simplename not in NAME section");
push @{$podinfo{names}}, $simplename;
}
- foreach my $name (@{$podinfo{names}}) {
+ foreach my $name ( @{$podinfo{names}} ) {
next if $name eq "";
err($id, "'$name' contains white space")
if $name =~ /\s/;
@@ -716,11 +717,10 @@ sub collectnames {
}
}
- my @foreign_names =
- map { map { s/\s+//g; $_ } split(/,/, $_) }
- $podinfo{contents} =~ /=for\s+openssl\s+foreign\s+manuals:\s*(.*)\n\n/;
- foreach ( @foreign_names ) {
- $name_map{$_} = undef; # It still exists!
+ if ( $podinfo{contents} =~ /=for openssl foreign manual (.*)\n/ ) {
+ foreach my $f ( split / /, $1 ) {
+ $name_map{$f} = undef; # It still exists!
+ }
}
my @links =
@@ -738,8 +738,8 @@ sub collectnames {
# Look for L<> ("link") references that point to files that do not exist.
sub checklinks {
- foreach my $filename (sort keys %link_map) {
- foreach my $link (@{$link_map{$filename}}) {
+ foreach my $filename ( sort keys %link_map ) {
+ foreach my $link ( @{$link_map{$filename}} ) {
err("${filename}:1:", "reference to non-existing $link")
unless exists $name_map{$link};
}
@@ -788,7 +788,7 @@ sub checkflags {
# Get the list of options in the command.
open CFH, "./apps/openssl list --options $cmd|"
- || die "Can list options for $cmd, $!";
+ or die "Can list options for $cmd, $!";
while ( <CFH> ) {
chop;
s/ .$//;
@@ -798,7 +798,7 @@ sub checkflags {
# Get the list of flags from the synopsis
open CFH, "<$doc"
- || die "Can't open $doc, $!";
+ or die "Can't open $doc, $!";
while ( <CFH> ) {
chop;
last if /DESCRIPTION/;
@@ -842,7 +842,7 @@ if ( $opt_c ) {
# Get list of commands.
open FH, "./apps/openssl list -1 -commands|"
- || die "Can't list commands, $!";
+ or die "Can't list commands, $!";
while ( <FH> ) {
chop;
push @commands, $_;
@@ -863,7 +863,7 @@ if ( $opt_c ) {
# See what help is missing.
open FH, "./apps/openssl list --missing-help |"
- || die "Can't list missing help, $!";
+ or die "Can't list missing help, $!";
while ( <FH> ) {
chop;
my ($cmd, $flag) = split;
@@ -882,6 +882,9 @@ if ( $opt_l || $opt_u || $opt_v ) {
}
if ( $opt_l ) {
+ foreach my $func ( loadmissing("util/missingcrypto.txt") ) {
+ $name_map{$func} = undef;
+ }
checklinks();
}
@@ -893,7 +896,7 @@ if ( $opt_n ) {
# If not given args, check that all man1 commands are named properly.
if ( scalar @ARGV == 0 ) {
- foreach (glob('doc/man1/*.pod')) {
+ foreach ( glob('doc/man1/*.pod') ) {
next if /CA.pl/ || /openssl\.pod/ || /tsget\.pod/;
err("$_ doesn't start with openssl-") unless /openssl-/;
}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index ce01244621..457f968889 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4426,7 +4426,6 @@ EVP_MD_CTX_set_pkey_ctx 4531 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_set_digest_custom 4532 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_digest_custom 4533 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_new ? 3_0_0 EXIST::FUNCTION:
-EVP_MAC_CTX_new_id ? 3_0_0 NOEXIST::FUNCTION:
EVP_MAC_CTX_free ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_dup ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION:
@@ -4658,7 +4657,6 @@ BN_priv_rand_ex ? 3_0_0 EXIST::FUNCTION:
BN_rand_range_ex ? 3_0_0 EXIST::FUNCTION:
BN_priv_rand_range_ex ? 3_0_0 EXIST::FUNCTION:
BN_generate_prime_ex2 ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_derive_init_ex ? 3_0_0 NOEXIST::FUNCTION:
EVP_KEYEXCH_free ? 3_0_0 EXIST::FUNCTION:
EVP_KEYEXCH_up_ref ? 3_0_0 EXIST::FUNCTION:
EVP_KEYEXCH_fetch ? 3_0_0 EXIST::FUNCTION:
@@ -4669,7 +4667,6 @@ EVP_KEYMGMT_up_ref ? 3_0_0 EXIST::FUNCTION:
EVP_KEYMGMT_free ? 3_0_0 EXIST::FUNCTION:
EVP_KEYMGMT_provider ? 3_0_0 EXIST::FUNCTION:
X509_PUBKEY_dup ? 3_0_0 EXIST::FUNCTION:
-ERR_put_func_error ? 3_0_0 NOEXIST::FUNCTION:
EVP_MD_name ? 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_name ? 3_0_0 EXIST::FUNCTION:
EVP_MD_provider ? 3_0_0 EXIST::FUNCTION:
@@ -4710,7 +4707,6 @@ EVP_MAC_CTX_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_free ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_up_ref ? 3_0_0 EXIST::FUNCTION:
-EVP_MAC_name ? 3_0_0 NOEXIST::FUNCTION:
EVP_MAC_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_gettable_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_provider ? 3_0_0 EXIST::FUNCTION:
@@ -4721,7 +4717,6 @@ EVP_KDF_up_ref ? 3_0_0 EXIST::FUNCTION:
EVP_KDF_free ? 3_0_0 EXIST::FUNCTION:
EVP_KDF_fetch ? 3_0_0 EXIST::FUNCTION:
EVP_KDF_CTX_dup ? 3_0_0 EXIST::FUNCTION:
-EVP_KDF_name ? 3_0_0 NOEXIST::FUNCTION:
EVP_KDF_provider ? 3_0_0 EXIST::FUNCTION:
EVP_KDF_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_KDF_CTX_get_params ? 3_0_0 EXIST::FUNCTION:
@@ -4734,10 +4729,7 @@ EVP_SIGNATURE_free ? 3_0_0 EXIST::FUNCTION:
EVP_SIGNATURE_up_ref ? 3_0_0 EXIST::FUNCTION:
EVP_SIGNATURE_provider ? 3_0_0 EXIST::FUNCTION:
EVP_SIGNATURE_fetch ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_sign_init_ex ? 3_0_0 NOEXIST::FUNCTION:
EVP_PKEY_CTX_set_signature_md ? 3_0_0 EXIST::FUNCTION:
-EVP_PKEY_verify_init_ex ? 3_0_0 NOEXIST::FUNCTION:
-EVP_PKEY_verify_recover_init_ex ? 3_0_0 NOEXIST::FUNCTION:
EVP_PKEY_CTX_get_signature_md ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_gettable_params ? 3_0_0 EXIST::FUNCTION:
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index 954cfc4523..f1eea668cd 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -1,4 +1,3 @@
-# Missing functions in libcrypto, as of Tue Oct 1 16:13:38 EDT 2019
ACCESS_DESCRIPTION_it(3)
ADMISSIONS_it(3)
ADMISSION_SYNTAX_it(3)
@@ -20,6 +19,8 @@ AES_wrap_key(3)
ASIdOrRange_it(3)
ASIdentifierChoice_it(3)
ASIdentifiers_it(3)
+ASN1_item_sign(3)
+ASN1_item_verify(3)
ASRange_it(3)
AUTHORITY_INFO_ACCESS_it(3)
AUTHORITY_KEYID_it(3)
@@ -448,13 +449,13 @@ ERR_load_EVP_strings(3)
ERR_load_KDF_strings(3)
ERR_load_OBJ_strings(3)
ERR_load_OCSP_strings(3)
+ERR_load_OSSL_SERIALIZER_strings(3)
ERR_load_OSSL_STORE_strings(3)
ERR_load_PEM_strings(3)
ERR_load_PKCS12_strings(3)
ERR_load_PKCS7_strings(3)
ERR_load_RAND_strings(3)
ERR_load_RSA_strings(3)
-ERR_load_OSSL_SERIALIZER_strings(3)
ERR_load_TS_strings(3)
ERR_load_UI_strings(3)
ERR_load_X509V3_strings(3)
@@ -479,6 +480,7 @@ EVP_CIPHER_do_all_sorted(3)
EVP_CIPHER_get_asn1_iv(3)
EVP_CIPHER_impl_ctx_size(3)
EVP_CIPHER_set_asn1_iv(3)
+EVP_KDF_ctrl(3)
EVP_MD_do_all(3)
EVP_MD_do_all_sorted(3)
EVP_PBE_CipherInit(3)
@@ -730,6 +732,10 @@ OPENSSL_strnlen(3)
OPENSSL_uni2asc(3)
OPENSSL_uni2utf8(3)
OPENSSL_utf82uni(3)
+OSSL_CMP_MSG_http_perform(3)
+OSSL_CMP_exec_GENM_ses(3)
+OSSL_CMP_exec_IR_ses(3)
+OSSL_CMP_exec_KUR_ses(3)
OSSL_STORE_do_all_loaders(3)
OSSL_STORE_vctrl(3)
OTHERNAME_cmp(3)
@@ -941,6 +947,7 @@ SRP_Calc_u(3)
SRP_Calc_x(3)
SRP_Verify_A_mod_N(3)
SRP_Verify_B_mod_N(3)
+SSL_CTX_set0_ctlog_store(3)
SXNETID_it(3)
SXNET_add_id_INTEGER(3)
SXNET_add_id_asc(3)
@@ -1074,6 +1081,7 @@ TS_VERIFY_CTX_cleanup(3)
TS_VERIFY_CTX_free(3)
TS_VERIFY_CTX_init(3)
TS_VERIFY_CTX_new(3)
+TS_VERIFY_CTX_set_certs(3)
TS_VERIFY_CTX_set_data(3)
TS_VERIFY_CTX_set_flags(3)
TS_VERIFY_CTX_set_imprint(3)
@@ -1274,6 +1282,7 @@ X509_VERIFY_PARAM_lookup(3)
X509_VERIFY_PARAM_move_peername(3)
X509_VERIFY_PARAM_new(3)
X509_VERIFY_PARAM_set1(3)
+X509_VERIFY_PARAM_set1_ipasc(3)
X509_VERIFY_PARAM_set1_name(3)
X509_VERIFY_PARAM_table_cleanup(3)
X509_add1_reject_object(3)
@@ -1329,6 +1338,7 @@ X509_print_fp(3)
X509_reject_clear(3)
X509_signature_dump(3)
X509_signature_print(3)
+X509_store_add_lookup(3)
X509_subject_name_hash(3)
X509_subject_name_hash_old(3)
X509_supported_extension(3)
@@ -1409,6 +1419,9 @@ i2v_ASN1_BIT_STRING(3)
i2v_GENERAL_NAME(3)
i2v_GENERAL_NAMES(3)
o2i_ECPublicKey(3)
+openssl-core_numbers.h(7)
+ossl_cmp_certReq_new(3)
+provider-kdf(7)
s2i_ASN1_IA5STRING(3)
s2i_ASN1_INTEGER(3)
s2i_ASN1_OCTET_STRING(3)
diff --git a/util/other.syms b/util/other.syms
index b57af07c7d..62a5a7c843 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -209,8 +209,6 @@ ERR_raise define
ERR_raise_data define
EVP_DigestSignUpdate define
EVP_DigestVerifyUpdate define
-EVP_KDF_name define
-EVP_MAC_name define
EVP_MD_CTX_block_size define
EVP_MD_CTX_name define
EVP_MD_CTX_size define
More information about the openssl-commits
mailing list