[Pkg-openssl-devel] Bug#1101012: openssl-cmp.1ssl: Some remarks about this man page
Bjarni Ingi Gislason
bjarniig at simnet.is
Fri Mar 21 18:40:55 GMT 2025
Package: openssl
Version: 3.4.1-1
Severity: minor
Tags: upstream
* What led up to the situation?
Checking for defects with a new version
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z < "man page"
[Use "groff -e ' $' -e '\\~$' <file>" to find obvious trailing spaces.]
["test-groff" is a script in the repository for "groff"; is not shipped]
(local copy and "troff" slightly changed by me).
[The fate of "test-nroff" was decided in groff bug #55941.]
* What was the outcome of this action?
an.tmac:<stdin>:299: style: use of deprecated macro: .PD
an.tmac:<stdin>:312: style: use of deprecated macro: .PD
troff:<stdin>:336: warning: trailing space in the line
troff:<stdin>:781: warning: trailing space in the line
troff:<stdin>:786: warning: trailing space in the line
an.tmac:<stdin>:946: style: use of deprecated macro: .PD
an.tmac:<stdin>:951: style: use of deprecated macro: .PD
an.tmac:<stdin>:1189: style: use of deprecated macro: .PD
an.tmac:<stdin>:1192: style: use of deprecated macro: .PD
* What outcome did you expect instead?
No output (no warnings).
-.-
General remarks and further material, if a diff-file exist, are in the
attachments.
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.17-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages openssl depends on:
ii libc6 2.41-6
ii libssl3t64 3.4.1-1
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20241223
-- no debconf information
-------------- next part --------------
Input file is openssl-cmp.1ssl
Output from "mandoc -T lint openssl-cmp.1ssl": (shortened list)
1 empty block: RS
1 input text line longer than 80 bytes: Also used for \fB\-c...
[...]
1 input text line longer than 80 bytes: while the subject of...
3 whitespace at end of input line
Remove trailing space with: sed -e 's/ *$//'
-.-.
Output from "test-nroff -mandoc -t -ww -z openssl-cmp.1ssl": (shortened list)
3 trailing space in the line
Remove trailing space with: sed -e 's/ *$//'
-.-.
Show if Pod::Man generated this.
Who is actually creating this man page? Debian or upstream?
Is the generating software out of date?
2:.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
-.-.
Remove space characters (whitespace) at the end of lines.
Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".
Number of lines affected is
3
-.-.
Change '-' (\-) to '\(en' (en-dash) for a (numeric) range.
GNU gnulib has recently (2023-06-18) updated its
"build_aux/update-copyright" to recognize "\(en" in man pages.
openssl-cmp.1ssl:1459:Copyright 2007\-2024 The OpenSSL Project Authors. All Rights Reserved.
-.-.
Reduce space between words.
Use a table or constant width font with a nofill text block (.nf/.fi)
'\&' then can be removed.
openssl-cmp.1ssl:539:\& unspecified (0),
openssl-cmp.1ssl:540:\& keyCompromise (1),
openssl-cmp.1ssl:541:\& cACompromise (2),
openssl-cmp.1ssl:542:\& affiliationChanged (3),
openssl-cmp.1ssl:543:\& superseded (4),
openssl-cmp.1ssl:544:\& cessationOfOperation (5),
openssl-cmp.1ssl:545:\& certificateHold (6),
openssl-cmp.1ssl:546:\& \-\- value 7 is not used
openssl-cmp.1ssl:547:\& removeFromCRL (8),
openssl-cmp.1ssl:548:\& privilegeWithdrawn (9),
openssl-cmp.1ssl:549:\& aACompromise (10)
openssl-cmp.1ssl:550:\& }
-.-.
Strings longer than 3/4 of a standard line length (80).
Use "\:" to split the string at the end of an output line, for example a
long URL (web address)
111 [\fB\-server\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR]
112 [\fB\-proxy\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR]
554 .IP "\fB\-server\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR" 4
555 .IX Item "-server [http[s]://][userinfo@]host[:port][/path][?query][#fragment]"
569 .IP "\fB\-proxy\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR" 4
570 .IX Item "-proxy [http[s]://][userinfo@]host[:port][/path][?query][#fragment]"
-.-.
Wrong distance (not two spaces) between sentences in the input file.
Separate the sentences and subordinate clauses; each begins on a new
line. See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").
The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.
Remember coding: Only one command ("sentence") on each (logical) line.
E-mail: Easier to quote exactly the relevant lines.
Generally: Easier to edit the sentence.
Patches: Less unaffected text.
Search for two adjacent words is easier, when they belong to the same line,
and the same phrase.
The amount of space between sentences in the output can then be
controlled with the ".ss" request.
Mark a final abbreviation point as such by suffixing it with "\&".
Some sentences (etc.) do not begin on a new line.
Split (sometimes) lines after a punctuation mark; before a conjunction.
Lines with only one (or two) space(s) between sentences could be split,
so latter sentences begin on a new line.
Use
#!/usr/bin/sh
sed -e '/^\./n' \
-e 's/\([[:alpha:]]\)\. */\1.\n/g' $1
to split lines after a sentence period.
Check result with the difference between the formatted outputs.
See also the attachment "general.bugs"
933:\&... it's also possible to just give the key ID in URI form to \fB\-key\fR,
1028:of CMP request messages. Thus, all options required for doing this
1182:Valid range is 0 (accepted) .. 6 (keyUpdateWarning).
1186:Valid range is 0 (badAlg) .. 26 (duplicateCertReq).
1459:Copyright 2007\-2024 The OpenSSL Project Authors. All Rights Reserved.
-.-.
Split lines longer than 80 characters into two or more lines.
Appropriate break points are the end of a sentence and a subordinate
clause; after punctuation marks.
Add "\:" to split the string for the output, "\<newline>" in the source.
[List of affected lines removed.]
Longest line is number 1217 with 653 characters
.IP "\fB\-allow_proxy_certs\fR, \fB\-attime\fR, \fB\-no_check_time\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR \fB\-issuer_checks\fR" 4
-.-.
Add a zero (0) in front of a decimal fraction that begins with a period
(.)
7:.if t .sp .5v
-.-.
Put a parenthetical sentence, phrase on a separate line,
if not part of a code.
See man-pages(7), item "semantic newline".
[List of affected lines removed.]
-.-.
Use "\(en" (en-dash) to indicate a range, not a minus (\-);
this is not a substraction
1187:.IP "\fB\-failurebits\fR \fInumber\fR Number representing failure bits to be included in server response. Valid range is 0 .. 2^27 \- 1." 4
-.-.
Only one space character after a possible end of sentence
(after a punctuation, that can end a sentence).
openssl-cmp.1ssl:933:\&... it's also possible to just give the key ID in URI form to \fB\-key\fR,
openssl-cmp.1ssl:1028:of CMP request messages. Thus, all options required for doing this
openssl-cmp.1ssl:1182:Valid range is 0 (accepted) .. 6 (keyUpdateWarning).
openssl-cmp.1ssl:1186:Valid range is 0 (badAlg) .. 26 (duplicateCertReq).
openssl-cmp.1ssl:1187:.IP "\fB\-failurebits\fR \fInumber\fR Number representing failure bits to be included in server response. Valid range is 0 .. 2^27 \- 1." 4
openssl-cmp.1ssl:1459:Copyright 2007\-2024 The OpenSSL Project Authors. All Rights Reserved.
-.-.
Put a subordinate sentence (after a comma) on a new line.
[List of affected lines removed.]
-.-.
Use ".na" (no adjustment) instead of ".ad l" (and ".ad" to begin the
same adjustment again as before).
61:.if n .ad l
-.-.
Add lines to use the CR font for groff instead of CW.
.if t \{\
. ie \\n(.g .ft CR
. el .ft CW
.\}
11:.ft CW
-.-.
Section headings (.SH and .SS) do not need quoting their arguments.
290:.SS "Generic message options"
359:.SS "Certificate enrollment options"
497:.SS "Certificate enrollment and revocation options"
552:.SS "Message transfer options"
629:.SS "Server authentication options"
794:.SS "Client authentication options"
894:.SS "Credentials format options"
942:.SS "Provider options"
953:.SS "Random state options"
958:.SS "TLS connection options"
1006:.SS "Client-side options for debugging and offline scenarios"
1105:.SS "Mock server options"
1215:.SS "Certificate verification options, for both CMP and TLS"
1253:.SS "Simple examples using the default OpenSSL configuration file"
1348:.SS "Certificate enrollment"
1371:.SS "Certificate update"
1389:.SS "Requesting information from CMP server"
1398:.SS "Using a custom configuration file"
1443:.SH "SEE ALSO"
-.-.
.\" Define a fallback for font CW with
.if t \{\
. ie \n(.g .ds fC \f(CR
. el .ds fC \f(CW
. ds fP \fP
.\}
.
.if n \{\
. ds fC \fR
. ds fP \fP
.\}
[List of affected lines removed.]
-.-
Put a (long) web address on a new line to reduce the posibility of
splitting the address between two output lines.
Or inhibit hyphenation with "\%" in front of the name.
111:[\fB\-server\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR]
112:[\fB\-proxy\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR]
554:.IP "\fB\-server\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR" 4
555:.IX Item "-server [http[s]://][userinfo@]host[:port][/path][?query][#fragment]"
564:If the scheme \f(CW\*(C`https\*(C'\fR is given, the \fB\-tls_used\fR option is implied.
569:.IP "\fB\-proxy\fR \fI[http[s]://][userinfo@]host[:port][/path][?query][#fragment]\fR" 4
570:.IX Item "-proxy [http[s]://][userinfo@]host[:port][/path][?query][#fragment]"
574:The proxy port defaults to 80 or 443 if the scheme is \f(CW\*(C`https\*(C'\fR; apart from that
575:the optional \f(CW\*(C`http://\*(C'\fR or \f(CW\*(C`https://\*(C'\fR prefix is ignored (note that using TLS
576:may be required by \fB\-tls_used\fR or \fB\-server\fR with the prefix \f(CW\*(C`https\*(C'\fR),
578:Defaults to the environment variable \f(CW\*(C`http_proxy\*(C'\fR if set, else \f(CW\*(C`HTTP_PROXY\*(C'\fR
579:in case no TLS is used, otherwise \f(CW\*(C`https_proxy\*(C'\fR if set, else \f(CW\*(C`HTTPS_PROXY\*(C'\fR.
965:It is implied if the \fB\-server\fR option is given with the scheme \f(CW\*(C`https\*(C'\fR.
1280:via the environment variable \fBhttp_proxy\fR or via the \fB\-proxy\fR option in the
1284:\& \-proxy http://192.168.1.1:8080
1464:<https://www.openssl.org/source/license.html>.
-.-.
Output from "test-groff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z ":
an.tmac:<stdin>:299: style: use of deprecated macro: .PD
an.tmac:<stdin>:312: style: use of deprecated macro: .PD
troff:<stdin>:336: warning: trailing space in the line
troff:<stdin>:781: warning: trailing space in the line
troff:<stdin>:786: warning: trailing space in the line
an.tmac:<stdin>:946: style: use of deprecated macro: .PD
an.tmac:<stdin>:951: style: use of deprecated macro: .PD
an.tmac:<stdin>:1189: style: use of deprecated macro: .PD
an.tmac:<stdin>:1192: style: use of deprecated macro: .PD
-.-.
Generally:
Split (sometimes) lines after a punctuation mark; before a conjunction.
-------------- next part --------------
Any program (person), that produces man pages, should check the output
for defects by using (both groff and nroff)
[gn]roff -mandoc -t -ww -b -z -K utf8 <man page>
The same goes for man pages that are used as an input.
For a style guide use
mandoc -T lint
-.-
Any "autogenerator" should check its products with the above mentioned
'groff', 'mandoc', and additionally with 'nroff ...'.
It should also check its input files for too long (> 80) lines.
This is just a simple quality control measure.
The "autogenerator" may have to be corrected to get a better man page,
the source file may, and any additional file may.
Common defects:
Not removing trailing spaces (in in- and output).
The reason for these trailing spaces should be found and eliminated.
"git" has a "tool" to point out whitespace,
see for example "git-apply(1)" and git-config(1)")
Not beginning each input sentence on a new line.
Line length and patch size should thus be reduced.
The script "reportbug" uses 'quoted-printable' encoding when a line is
longer than 1024 characters in an 'ascii' file.
See man-pages(7), item "semantic newline".
-.-
The difference between the formatted output of the original and patched file
can be seen with:
nroff -mandoc <file1> > <out1>
nroff -mandoc <file2> > <out2>
diff -d -u <out1> <out2>
and for groff, using
\"printf '%s\n%s\n' '.kern 0' '.ss 12 0' | groff -mandoc -Z - \"
instead of 'nroff -mandoc'
Add the option '-t', if the file contains a table.
Read the output from 'diff -d -u ...' with 'less -R' or similar.
-.-.
If 'man' (man-db) is used to check the manual for warnings,
the following must be set:
The option \"-warnings=w\"
The environmental variable:
export MAN_KEEP_STDERR=yes (or any non-empty value)
or
(produce only warnings):
export MANROFFOPT=\"-ww -b -z\"
export MAN_KEEP_STDERR=yes (or any non-empty value)
-.-
More information about the Pkg-openssl-devel
mailing list