2 # Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
17 use File::Spec::Functions;
19 use lib catdir(dirname($0), "perl");
20 use OpenSSL::Util::Pod;
22 # Set to 1 for debug output
38 # Print usage message and exit.
41 Find small errors (nits) in documentation. Options:
42 -c List undocumented commands and options
43 -d Detailed list of undocumented (implies -u)
44 -e Detailed list of new undocumented (implies -v)
45 -h Print this help message
47 -n Print nits in POD pages
48 -o Causes -e/-v to count symbols added since 1.1.1 as new (implies -v)
49 -u Count undocumented functions
50 -v Count new undocumented functions
59 $opt_v = 1 if $opt_o || $opt_e;
60 die "Cannot use both -u and -v"
62 die "Cannot use both -d and -e"
65 # We only need to check c, l, n, u and v.
66 # Options d, e, o imply one of the above.
67 die "Need one of -[cdehlnouv] flags.\n"
68 unless $opt_c or $opt_l or $opt_n or $opt_u or $opt_v;
71 my $temp = '/tmp/docnits.txt';
76 my %mandatory_sections = (
77 '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
78 1 => [ 'SYNOPSIS', 'OPTIONS' ],
79 3 => [ 'SYNOPSIS', 'RETURN VALUES' ],
85 # Print error message, set $status.
87 print join(" ", @_), "\n";
91 # Cross-check functions in the NAME and SYNOPSIS section.
97 # Get NAME section and all words in it.
98 return unless $contents =~ /=head1 NAME(.*)=head1 SYNOPSIS/ms;
101 err($id, "trailing comma before - in NAME")
104 err($id, "POD markup among the names in NAME")
107 err($id, "missing comma in NAME")
110 my $dirname = dirname($filename);
111 my $simplename = basename(basename($filename, ".in"), ".pod");
112 my $foundfilename = 0;
113 my %foundfilenames = ();
115 foreach my $n ( split ',', $tmp ) {
118 err($id, "the name '$n' contains white-space")
121 $foundfilename++ if $n eq $simplename;
122 $foundfilenames{$n} = 1
123 if -f "$dirname/$n.pod" && $n ne $simplename;
125 err($id, "the following exist as other .pod files:",
126 sort keys %foundfilenames)
128 err($id, "$simplename (filename) missing from NAME section")
129 unless $foundfilename;
130 if ( $filename !~ /internal/ ) {
131 foreach my $n ( keys %names ) {
132 err($id, "$n is not public")
133 if !defined $public{$n};
137 # Find all functions in SYNOPSIS
138 return unless $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms;
140 foreach my $line ( split /\n+/, $syn ) {
141 next unless $line =~ /^\s/;
143 my $is_prototype = 1;
144 $line =~ s/STACK_OF\([^)]+\)/int/g;
145 $line =~ s/SPARSE_ARRAY_OF\([^)]+\)/int/g;
146 $line =~ s/__declspec\([^)]+\)//;
147 if ( $line =~ /env (\S*)=/ ) {
148 # environment variable env NAME=...
150 } elsif ( $line =~ /typedef.*\(\*(\S+)\)\(.*/ ) {
151 # a callback function pointer: typedef ... (*NAME)(...
153 } elsif ( $line =~ /typedef.* (\S+)\(.*/ ) {
154 # a callback function signature: typedef ... NAME(...
156 } elsif ( $line =~ /typedef.* (\S+);/ ) {
157 # a simple typedef: typedef ... NAME;
160 } elsif ( $line =~ /enum (\S*) \{/ ) {
161 # an enumeration: enum ... {
163 } elsif ( $line =~ /#(?:define|undef) ([A-Za-z0-9_]+)/ ) {
166 } elsif ( $line =~ /([A-Za-z0-9_]+)\(/ ) {
172 err($id, "$sym missing from NAME section")
173 unless defined $names{$sym};
176 # Do some sanity checks on the prototype.
177 err($id, "prototype missing spaces around commas: $line")
178 if $is_prototype && $line =~ /[a-z0-9],[^ ]/;
181 foreach my $n ( keys %names ) {
182 next if $names{$n} == 2;
183 err($id, "$n missing from SYNOPSIS")
187 # Check if SECTION ($3) is located before BEFORE ($4)
188 sub check_section_location {
190 my $contents = shift;
194 return unless $contents =~ /=head1 $section/
195 and $contents =~ /=head1 $before/;
196 err($id, "$section should appear before $before section")
197 if $contents =~ /=head1 $before.*=head1 $section/ms;
200 # Check if a =head1 is duplicated, or a =headX is duplicated within a
201 # =head1. Treats =head2 =head3 as equivalent -- it doesn't reset the head3
202 # sets if it finds a =head2 -- but that is good enough for now. Also check
203 # for proper capitalization, trailing periods, etc.
204 sub check_head_style {
206 my $contents = shift;
210 foreach my $line ( split /\n+/, $contents ) {
211 next unless $line =~ /^=head/;
212 if ( $line =~ /head1/ ) {
213 err($id, "duplicate section $line")
214 if defined $head1{$line};
218 err($id, "duplicate subsection $line")
219 if defined $subheads{$line};
220 $subheads{$line} = 1;
222 err($id, "period in =head")
223 if $line =~ /\.[^\w]/ or $line =~ /\.$/;
224 err($id, "not all uppercase in =head1")
225 if $line =~ /head1.*[a-z]/;
226 err($id, "all uppercase in subhead")
227 if $line =~ /head[234][ A-Z0-9]+$/;
231 # Because we have options and symbols with extra markup, we need
232 # to take that into account, so we need a regexp that extracts
233 # markup chunks, including recursive markup.
234 # please read up on /(?R)/ in perlre(1)
235 # (note: order is important, (?R) needs to come before .)
236 # (note: non-greedy is important, or something like 'B<foo> and B<bar>'
237 # will be captured as one item)
240 [BIL]< # The start of what we recurse on
241 (?:(?-1)|.)*? # recurse the whole regexp (referring to
242 # the last opened capture group, i.e. the
243 # start of this regexp), or pick next
244 # character. Do NOT be greedy!
245 > # The end of what we recurse on
246 )/x; # (the x allows this sort of split up regexp)
248 # Options must start with a dash, followed by a letter, possibly
249 # followed by letters, digits, dashes and underscores, and the last
250 # character must be a letter or a digit.
251 # We do also accept the single -? or -n, where n is a digit
254 \? # Single question mark
260 [[:alpha:]](?:[-_[:alnum:]]*?[[:alnum:]])?
263 # Helper function to check if a given $thing is properly marked up
264 # option. It returns one of these values:
265 # undef if it's not an option
266 # "" if it's a malformed option
267 # $unwrapped the option with the outermost B<> wrapping removed.
268 sub normalise_option {
270 my $filename = shift;
273 my $unwrapped = $thing;
274 my $unmarked = $thing;
276 # $unwrapped is the option with the outer B<> markup removed
277 $unwrapped =~ s/^B<//;
278 $unwrapped =~ s/>$//;
279 # $unmarked is the option with *all* markup removed
280 $unmarked =~ s/[BIL]<|>//msg;
283 # If we found an option, check it, collect it
284 if ( $unwrapped =~ /^\s*-/ ) {
285 return $unwrapped # return option with outer B<> removed
286 if $unmarked =~ /^-${option_re}$/;
287 return ""; # Malformed option
289 return undef; # Something else
292 # Checks of command option (man1) formatting. The man1 checks are
293 # restricted to the SYNOPSIS and OPTIONS sections, the rest is too
294 # free form, we simply cannot be too strict there.
298 my $filename = shift;
299 my $contents = shift;
301 my $synopsis = ($contents =~ /=head1\s+SYNOPSIS(.*?)=head1/s, $1);
303 # Some pages have more than one OPTIONS section, let's make sure
306 while ( $contents =~ /=head1\s+[A-Z ]*?OPTIONS$(.*?)(?==head1)/msg ) {
310 # Look for options with no or incorrect markup
312 /(?<![-<[:alnum:]])-(?:$markup_re|.)*(?![->[:alnum:]])/msg ) {
313 err($id, "Malformed option [1] in SYNOPSIS: $&");
316 while ( $synopsis =~ /$markup_re/msg ) {
318 print STDERR "$id:DEBUG[option_check] SYNOPSIS: found $found\n"
320 my $option_uw = normalise_option($id, $filename, $found);
321 err($id, "Malformed option [2] in SYNOPSIS: $found")
322 if defined $option_uw && $option_uw eq '';
325 # In OPTIONS, we look for =item paragraphs.
326 # (?=^\s*$) detects an empty line.
327 while ( $options =~ /=item\s+(.*?)(?=^\s*$)/msg ) {
330 while ( $item =~ /(\[\s*)?($markup_re)/msg ) {
332 print STDERR "$id:DEBUG[option_check] OPTIONS: found $&\n"
334 err($id, "Unexpected bracket in OPTIONS =item: $item")
335 if ($1 // '') ne '' && $found =~ /^B<\s*-/;
337 my $option_uw = normalise_option($id, $filename, $found);
338 err($id, "Malformed option in OPTIONS: $found")
339 if defined $option_uw && $option_uw eq '';
345 my $symbol_re = qr/[[:alpha:]_][_[:alnum:]]*?/;
347 # Checks of function name (man3) formatting. The man3 checks are
348 # easier than the man1 checks, we only check the names followed by (),
349 # and only the names that have POD markup.
350 sub functionname_check {
352 my $filename = shift;
353 my $contents = shift;
355 while ( $contents =~ /($markup_re)\(\)/msg ) {
356 print STDERR "$id:DEBUG[functionname_check] SYNOPSIS: found $&\n"
360 my $unmarked = $symbol;
361 $unmarked =~ s/[BIL]<|>//msg;
363 err($id, "Malformed symbol: $symbol")
364 unless $symbol =~ /^B<.*>$/ && $unmarked =~ /^${symbol_re}$/
367 # We can't do the kind of collecting coolness that option_check()
368 # does, because there are too many things that can't be found in
369 # name repositories like the NAME sections, such as symbol names
370 # with a variable part (typically marked up as B<foo_I<TYPE>_bar>
373 # This is from http://man7.org/linux/man-pages/man7/man-pages.7.html
374 my %preferred_words = (
375 'bitmask' => 'bit mask',
376 'builtin' => 'built-in',
377 #'epoch' => 'Epoch', # handled specially, below
378 'file name' => 'filename',
379 'file system' => 'filesystem',
380 'host name' => 'hostname',
382 'lower case' => 'lowercase',
383 'lower-case' => 'lowercase',
384 'non-zero' => 'nonzero',
385 'path name' => 'pathname',
386 'pseudo-terminal' => 'pseudoterminal',
387 'reserved port' => 'privileged port',
388 'system port' => 'privileged port',
389 'realtime' => 'real-time',
390 'real time' => 'real-time',
391 'runtime' => 'run time',
392 'saved group ID'=> 'saved set-group-ID',
393 'saved set-GID' => 'saved set-group-ID',
394 'saved user ID' => 'saved set-user-ID',
395 'saved set-UID' => 'saved set-user-ID',
396 'set-GID' => 'set-group-ID',
397 'setgid' => 'set-group-ID',
398 'set-UID' => 'set-user-ID',
399 'setuid' => 'set-user-ID',
400 'super user' => 'superuser',
401 'super-user' => 'superuser',
402 'super block' => 'superblock',
403 'super-block' => 'superblock',
404 'time stamp' => 'timestamp',
405 'time zone' => 'timezone',
406 'upper case' => 'uppercase',
407 'upper-case' => 'uppercase',
408 'useable' => 'usable',
409 'userspace' => 'user space',
410 'user name' => 'username',
414 # Search manpage for words that have a different preferred use.
417 my $contents = shift;
419 foreach my $k ( keys %preferred_words ) {
421 next if $k eq 'file system'
422 and $contents =~ /Microsoft Encrypted File System/;
423 err($id, "found '$k' should use '$preferred_words{$k}'")
424 if $contents =~ /\b\Q$k\E\b/i;
426 err($id, "found 'epoch' should use 'Epoch'")
427 if $contents =~ /\bepoch\b/;
430 # Perform all sorts of nit/error checks on a manpage
432 my $filename = shift;
433 my $dirname = basename(dirname($filename));
438 open POD, $filename or die "Couldn't open $filename, $!";
443 my $id = "${filename}:1:";
444 check_head_style($id, $contents);
446 # Check ordering of some sections in man3
447 if ( $filename =~ m|man3/| ) {
448 check_section_location($id, $contents, "RETURN VALUES", "EXAMPLES");
449 check_section_location($id, $contents, "SEE ALSO", "HISTORY");
450 check_section_location($id, $contents, "EXAMPLES", "SEE ALSO");
453 # Make sure every link has a section.
454 while ( $contents =~ /$markup_re/msg ) {
456 next unless $target =~ /^L<(.*)>$/; # Skip if not L<...>
457 $target = $1; # Peal away L< and >
458 $target =~ s/\/[^\/]*$//; # Peal away possible anchor
459 $target =~ s/.*\|//g; # Peal away possible link text
460 next if $target eq ''; # Skip if links within page, or
461 next if $target =~ /::/; # links to a Perl module, or
462 next if $target =~ /^https?:/; # is a URL link, or
463 next if $target =~ /\([1357]\)$/; # it has a section
464 err($id, "Section missing in $target")
466 # Check for proper links to commands.
467 while ( $contents =~ /L<([^>]*)\(1\)(?:\/.*)?>/g ) {
469 next if $target =~ /openssl-?/;
470 next if -f "doc/man1/$target.pod";
471 # TODO: Filter out "foreign manual" links.
472 next if $target =~ /ps|apropos|sha1sum|procmail|perl/;
473 err($id, "Bad command link L<$target(1)>");
475 # Check for proper in-man-3 API links.
476 while ( $contents =~ /L<([^>]*)\(3\)(?:\/.*)?>/g ) {
478 err($id, "Bad L<$target>")
479 unless $target =~ /^[_[:alpha:]][_[:alnum:]]*$/
482 unless ( $contents =~ /=for openssl generic/ ) {
483 if ( $filename =~ m|man3/| ) {
484 name_synopsis($id, $filename, $contents);
485 functionname_check($id, $filename, $contents);
486 } elsif ( $filename =~ m|man1/| ) {
487 option_check($id, $filename, $contents)
491 wording($id, $contents);
493 err($id, "doesn't start with =pod")
494 if $contents !~ /^=pod/;
495 err($id, "doesn't end with =cut")
496 if $contents !~ /=cut\n$/;
497 err($id, "more than one cut line.")
498 if $contents =~ /=cut.*=cut/ms;
499 err($id, "EXAMPLE not EXAMPLES section.")
500 if $contents =~ /=head1 EXAMPLE[^S]/;
501 err($id, "WARNING not WARNINGS section.")
502 if $contents =~ /=head1 WARNING[^S]/;
503 err($id, "missing copyright")
504 if $contents !~ /Copyright .* The OpenSSL Project Authors/;
505 err($id, "copyright not last")
506 if $contents =~ /head1 COPYRIGHT.*=head/ms;
507 err($id, "head2 in All uppercase")
508 if $contents =~ /head2\s+[A-Z ]+\n/;
509 err($id, "extra space after head")
510 if $contents =~ /=head\d\s\s+/;
511 err($id, "period in NAME section")
512 if $contents =~ /=head1 NAME.*\.\n.*=head1 SYNOPSIS/ms;
513 err($id, "Duplicate $1 in L<>")
514 if $contents =~ /L<([^>]*)\|([^>]*)>/ && $1 eq $2;
515 err($id, "Bad =over $1")
516 if $contents =~ /=over([^ ][^24])/;
517 err($id, "Possible version style issue")
518 if $contents =~ /OpenSSL version [019]/;
520 if ( $contents !~ /=for openssl multiple includes/ ) {
521 # Look for multiple consecutive openssl #include lines
522 # (non-consecutive lines are okay; see man3/MD5.pod).
523 if ( $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms ) {
525 foreach my $line ( split /\n+/, $1 ) {
526 if ( $line =~ m@include <openssl/@ ) {
527 err($id, "has multiple includes")
536 open my $OUT, '>', $temp
537 or die "Can't open $temp, $!";
538 podchecker($filename, $OUT);
540 open $OUT, '<', $temp
541 or die "Can't read $temp, $!";
543 next if /\(section\) in.*deprecated/;
547 unlink $temp || warn "Can't remove $temp, $!";
549 # Find what section this page is in; assume 3.
551 $section = $1 if $dirname =~ /man([1-9])/;
553 foreach ( (@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}}) ) {
554 err($id, "missing $_ head1 section")
555 if $contents !~ /^=head1\s+${_}\s*$/m;
559 # Parse libcrypto.num, etc., and return sorted list of what's there.
564 open my $IN, '<', $file
565 or die "Can't open $file, $!, stopped";
569 next if /\bNOEXIST\b/;
570 my @fields = split();
571 die "Malformed line $_"
572 if scalar @fields != 2 && scalar @fields != 4;
573 push @apis, $fields[0];
581 # Parse all the manpages, getting return map of what they document
582 # (by looking at their NAME sections).
583 # Map of links in each POD file; filename => [ "foo(1)", "bar(3)", ... ]
585 # Map of names in each POD file; "name(s)" => filename
588 # Load file of symbol names that we know aren't documented.
591 my $missingfile = shift;
594 open FH, $missingfile
595 || die "Can't open $missingfile";
606 # Check for undocumented macros; ignore those in the "missing" file
607 # and do simple check for #define in our header files.
614 @missing = loadmissing('util/missingmacro111.txt');
616 @missing = loadmissing('util/missingmacro.txt');
619 foreach my $f ( glob('include/openssl/*.h') ) {
620 # Skip some internals we don't want to document yet.
621 next if $f eq 'include/openssl/asn1.h';
622 next if $f eq 'include/openssl/asn1t.h';
623 next if $f eq 'include/openssl/err.h';
624 open(IN, $f) || die "Can't open $f, $!";
626 next unless /^#\s*define\s*(\S+)\(/;
627 my $macro = "$1(3)"; # We know they're all in section 3
628 next if exists $name_map{$macro} || defined $seen{$macro};
629 next if $macro =~ /^i2d_/
631 || $macro =~ /^DEPRECATEDIN/
632 || $macro =~ /\Q_fnsig(3)\E$/
633 || $macro =~ /^IMPLEMENT_/
634 || $macro =~ /^_?DECLARE_/;
636 # Skip macros known to be missing
637 next if $opt_v && grep( /^\Q$macro\E$/, @missing);
639 err("$f:", "macro $macro undocumented")
646 err("# $count macros undocumented (count is approximate)")
650 # Find out what is undocumented (filtering out the known missing ones)
655 my $missingfile = shift;
659 my @missing = loadmissing($missingfile) if ( $opt_v );
661 foreach my $func ( parsenum($numfile) ) {
662 $func .= '(3)'; # We know they're all in section 3
663 next if exists $name_map{$func} || defined $seen{$func};
665 # Skip ASN1 utilities
666 next if $func =~ /^ASN1_/;
668 # Skip functions known to be missing.
669 next if $opt_v && grep( /^\Q$func\E$/, @missing);
671 err("$libname:", "function $func undocumented")
676 err("# $count in $numfile are not documented")
680 # Collect all the names in a manpage.
682 my $filename = shift;
683 $filename =~ m|man(\d)/|;
685 my $simplename = basename($filename, ".pod");
686 my $id = "${filename}:1:";
687 my %podinfo = extract_pod_info($filename, { debug => $debug });
689 unless ( grep { $simplename eq $_ } @{$podinfo{names}} ) {
690 err($id, "$simplename not in NAME section");
691 push @{$podinfo{names}}, $simplename;
693 foreach my $name (@{$podinfo{names}}) {
695 err($id, "'$name' contains white space")
697 my $name_sec = "$name($section)";
698 if ( !exists $name_map{$name_sec} ) {
699 $name_map{$name_sec} = $filename;
700 } elsif ( $filename eq $name_map{$name_sec} ) {
701 err($id, "$name_sec duplicated in NAME section of",
702 $name_map{$name_sec});
704 err($id, "$name_sec also in NAME section of",
705 $name_map{$name_sec});
710 map { map { s/\s+//g; $_ } split(/,/, $_) }
711 $podinfo{contents} =~ /=for\s+openssl\s+foreign\s+manuals:\s*(.*)\n\n/;
712 foreach ( @foreign_names ) {
713 $name_map{$_} = undef; # It still exists!
717 $podinfo{contents} =~ /L<
718 # if the link is of the form L<something|name(s)>,
719 # then remove 'something'. Note that 'something'
720 # may contain POD codes as well...
721 (?:(?:[^\|]|<[^>]*>)*\|)?
722 # we're only interested in references that have
723 # a one digit section number
726 $link_map{$filename} = [ @links ];
729 # Look for L<> ("link") references that point to files that do not exist.
731 foreach my $filename (sort keys %link_map) {
732 foreach my $link (@{$link_map{$filename}}) {
733 err("${filename}:1:", "reference to non-existing $link")
734 unless exists $name_map{$link};
739 # Load the public symbol/macro names
741 foreach my $name ( parsenum('util/libcrypto.num') ) {
744 foreach my $name ( parsenum('util/libssl.num') ) {
747 foreach my $name ( parsenum('util/other.syms') ) {
752 # Cipher/digests to skip if they show up as "not implemented"
753 # because they are, via the "-*" construct.
771 # Check the flags of a command and see if everything is in the manpage
779 # Get the list of options in the command.
780 open CFH, "./apps/openssl list --options $cmd|"
781 || die "Can list options for $cmd, $!";
789 # Get the list of flags from the synopsis
791 || die "Can't open $doc, $!";
794 last if /DESCRIPTION/;
795 if ( /=for openssl ifdef (.*)/ ) {
796 foreach my $f ( split / /, $1 ) {
801 next unless /\[B<-([^ >]+)/;
803 $opt = $1 if $opt =~ /I<(.*)/;
808 # See what's in the command not the manpage.
809 my @undocced = sort grep { !defined $docopts{$_} } keys %cmdopts;
810 foreach ( @undocced ) {
811 next if /-/; # Skip the -- end-of-flags marker
812 err("$doc: undocumented option -$_");
815 # See what's in the command not the manpage.
816 my @unimpl = sort grep { !defined $cmdopts{$_} } keys %docopts;
817 foreach ( @unimpl ) {
818 next if defined $skips{$_} || defined $localskips{$_};
819 err("$cmd documented but not implemented -$_");
825 ## Do the work requested by the various getopt flags.
826 ## The flags are parsed in alphabetical order, just because we have
827 ## to have *some way* of listing them.
833 # Get list of commands.
834 open FH, "./apps/openssl list -1 -commands|"
835 || die "Can't list commands, $!";
842 # See if each has a manpage.
843 foreach my $cmd ( @commands ) {
844 next if $cmd eq 'help' || $cmd eq 'exit';
845 my $doc = "doc/man1/$cmd.pod";
846 $doc = "doc/man1/openssl-$cmd.pod" if -f "doc/man1/openssl-$cmd.pod";
848 err("$doc does not exist");
850 checkflags($cmd, $doc);
854 # See what help is missing.
855 open FH, "./apps/openssl list --missing-help |"
856 || die "Can't list missing help, $!";
859 my ($cmd, $flag) = split;
860 err("$cmd has no help for -$flag");
867 # Preparation for some options, populate %name_map and %link_map
868 if ( $opt_l || $opt_u || $opt_v ) {
869 foreach ( glob('doc/*/*.pod doc/internal/*/*.pod') ) {
880 foreach ( @ARGV ? @ARGV : glob('doc/*/*.pod doc/internal/*/*.pod') ) {
884 # If not given args, check that all man1 commands are named properly.
885 if ( scalar @ARGV == 0 ) {
886 foreach (glob('doc/man1/*.pod')) {
887 next if /CA.pl/ || /openssl\.pod/ || /tsget\.pod/;
888 err("$_ doesn't start with openssl-") unless /openssl-/;
893 if ( $opt_u || $opt_v) {
895 printem('crypto', 'util/libcrypto.num', 'util/missingcrypto111.txt');
896 printem('ssl', 'util/libssl.num', 'util/missingssl111.txt');
898 printem('crypto', 'util/libcrypto.num', 'util/missingcrypto.txt');
899 printem('ssl', 'util/libssl.num', 'util/missingssl.txt');