2 # Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
17 use File::Spec::Functions;
19 use lib catdir(dirname($0), "perl");
20 use OpenSSL::Util::Pod;
22 # Set to 1 for debug output
38 # Print usage message and exit.
41 Find small errors (nits) in documentation. Options:
42 -c List undocumented commands and options
43 -d Detailed list of undocumented (implies -u)
44 -e Detailed list of new undocumented (implies -v)
45 -h Print this help message
47 -n Print nits in POD pages
48 -o Causes -e/-v to count symbols added since 1.1.1 as new (implies -v)
49 -u Count undocumented functions
50 -v Count new undocumented functions
59 $opt_v = 1 if $opt_o || $opt_e;
60 die "Cannot use both -u and -v"
62 die "Cannot use both -d and -e"
65 # We only need to check c, l, n, u and v.
66 # Options d, e, o imply one of the above.
67 die "Need one of -[cdehlnouv] flags.\n"
68 unless $opt_c or $opt_l or $opt_n or $opt_u or $opt_v;
71 my $temp = '/tmp/docnits.txt';
76 my %mandatory_sections = (
77 '*' => [ 'NAME', 'DESCRIPTION', 'COPYRIGHT' ],
78 1 => [ 'SYNOPSIS', 'OPTIONS' ],
79 3 => [ 'SYNOPSIS', 'RETURN VALUES' ],
85 # Print error message, set $status.
87 print join(" ", @_), "\n";
91 # Cross-check functions in the NAME and SYNOPSIS section.
97 # Get NAME section and all words in it.
98 return unless $contents =~ /=head1 NAME(.*)=head1 SYNOPSIS/ms;
101 err($id, "trailing comma before - in NAME")
104 err($id, "POD markup among the names in NAME")
107 err($id, "missing comma in NAME")
110 my $dirname = dirname($filename);
111 my $simplename = basename(basename($filename, ".in"), ".pod");
112 my $foundfilename = 0;
113 my %foundfilenames = ();
115 foreach my $n ( split ',', $tmp ) {
118 err($id, "the name '$n' contains white-space")
121 $foundfilename++ if $n eq $simplename;
122 $foundfilenames{$n} = 1
123 if -f "$dirname/$n.pod" && $n ne $simplename;
125 err($id, "the following exist as other .pod files:",
126 sort keys %foundfilenames)
128 err($id, "$simplename (filename) missing from NAME section")
129 unless $foundfilename;
130 if ( $filename !~ /internal/ ) {
131 foreach my $n ( keys %names ) {
132 err($id, "$n is not public")
133 if !defined $public{$n};
137 # Find all functions in SYNOPSIS
138 return unless $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms;
140 foreach my $line ( split /\n+/, $syn ) {
141 next unless $line =~ /^\s/;
143 $line =~ s/STACK_OF\([^)]+\)/int/g;
144 $line =~ s/SPARSE_ARRAY_OF\([^)]+\)/int/g;
145 $line =~ s/__declspec\([^)]+\)//;
146 if ( $line =~ /env (\S*)=/ ) {
147 # environment variable env NAME=...
149 } elsif ( $line =~ /typedef.*\(\*(\S+)\)\(.*/ ) {
150 # a callback function pointer: typedef ... (*NAME)(...
152 } elsif ( $line =~ /typedef.* (\S+)\(.*/ ) {
153 # a callback function signature: typedef ... NAME(...
155 } elsif ( $line =~ /typedef.* (\S+);/ ) {
156 # a simple typedef: typedef ... NAME;
158 } elsif ( $line =~ /enum (\S*) \{/ ) {
159 # an enumeration: enum ... {
161 } elsif ( $line =~ /#(?:define|undef) ([A-Za-z0-9_]+)/ ) {
163 } elsif ( $line =~ /([A-Za-z0-9_]+)\(/ ) {
169 err($id, "$sym missing from NAME section")
170 unless defined $names{$sym};
173 # Do some sanity checks on the prototype.
174 err($id, "prototype missing spaces around commas: $line")
175 if ( $line =~ /[a-z0-9],[^ ]/ );
178 foreach my $n ( keys %names ) {
179 next if $names{$n} == 2;
180 err($id, "$n missing from SYNOPSIS")
184 # Check if SECTION ($3) is located before BEFORE ($4)
185 sub check_section_location {
187 my $contents = shift;
191 return unless $contents =~ /=head1 $section/
192 and $contents =~ /=head1 $before/;
193 err($id, "$section should appear before $before section")
194 if $contents =~ /=head1 $before.*=head1 $section/ms;
197 # Check if a =head1 is duplicated, or a =headX is duplicated within a
198 # =head1. Treats =head2 =head3 as equivalent -- it doesn't reset the head3
199 # sets if it finds a =head2 -- but that is good enough for now. Also check
200 # for proper capitalization, trailing periods, etc.
201 sub check_head_style {
203 my $contents = shift;
207 foreach my $line ( split /\n+/, $contents ) {
208 next unless $line =~ /^=head/;
209 if ( $line =~ /head1/ ) {
210 err($id, "duplicate section $line")
211 if defined $head1{$line};
215 err($id, "duplicate subsection $line")
216 if defined $subheads{$line};
217 $subheads{$line} = 1;
219 err($id, "period in =head")
220 if $line =~ /\.[^\w]/ or $line =~ /\.$/;
221 err($id, "not all uppercase in =head1")
222 if $line =~ /head1.*[a-z]/;
223 err($id, "all uppercase in subhead")
224 if $line =~ /head[234][ A-Z0-9]+$/;
228 # Because we have options and symbols with extra markup, we need
229 # to take that into account, so we need a regexp that extracts
230 # markup chunks, including recursive markup.
231 # please read up on /(?R)/ in perlre(1)
232 # (note: order is important, (?R) needs to come before .)
233 # (note: non-greedy is important, or something like 'B<foo> and B<bar>'
234 # will be captured as one item)
237 [BIL]< # The start of what we recurse on
238 (?:(?-1)|.)*? # recurse the whole regexp (refering to
239 # the last opened capture group, i.e. the
240 # start of this regexp), or pick next
241 # character. Do NOT be greedy!
242 > # The end of what we recurse on
243 )/x; # (the x allows this sort of split up regexp)
245 # Options must start with a dash, followed by a letter, possibly
246 # followed by letters, digits, dashes and underscores, and the last
247 # character must be a letter or a digit.
248 # We do also accept the single -? or -n, where n is a digit
251 \? # Single question mark
257 [[:alpha:]](?:[-_[:alnum:]]*?[[:alnum:]])?
260 # Helper function to check if a given $thing is properly marked up
261 # option. It returns one of these values:
262 # undef if it's not an option
263 # "" if it's a malformed option
264 # $unwrapped the option with the outermost B<> wrapping removed.
265 sub normalise_option {
267 my $filename = shift;
270 my $unwrapped = $thing;
271 my $unmarked = $thing;
273 # $unwrapped is the option with the outer B<> markup removed
274 $unwrapped =~ s/^B<//;
275 $unwrapped =~ s/>$//;
276 # $unmarked is the option with *all* markup removed
277 $unmarked =~ s/[BIL]<|>//msg;
280 # If we found an option, check it, collect it
281 if ( $unwrapped =~ /^\s*-/ ) {
282 return $unwrapped # return option with outer B<> removed
283 if $unmarked =~ /^-${option_re}$/;
284 return ""; # Malformed option
286 return undef; # Something else
289 # Checks of command option (man1) formatting. The man1 checks are
290 # restricted to the SYNOPSIS and OPTIONS sections, the rest is too
291 # free form, we simply cannot be too strict there.
295 my $filename = shift;
296 my $contents = shift;
298 my $synopsis = ($contents =~ /=head1\s+SYNOPSIS(.*?)=head1/s, $1);
300 # Some pages have more than one OPTIONS section, let's make sure
303 while ( $contents =~ /=head1\s+[A-Z ]*?OPTIONS$(.*?)(?==head1)/msg ) {
307 # Look for options with no or incorrect markup
309 /(?<![-<[:alnum:]])-(?:$markup_re|.)*(?![->[:alnum:]])/msg ) {
310 err($id, "Malformed option [1] in SYNOPSIS: $&");
313 while ( $synopsis =~ /$markup_re/msg ) {
315 print STDERR "$id:DEBUG[option_check] SYNOPSIS: found $found\n"
317 my $option_uw = normalise_option($id, $filename, $found);
318 err($id, "Malformed option [2] in SYNOPSIS: $found")
319 if defined $option_uw && $option_uw eq '';
322 # In OPTIONS, we look for =item paragraphs.
323 # (?=^\s*$) detects an empty line.
324 while ( $options =~ /=item\s+(.*?)(?=^\s*$)/msg ) {
327 while ( $item =~ /(\[\s*)?($markup_re)/msg ) {
329 print STDERR "$id:DEBUG[option_check] OPTIONS: found $&\n"
331 err($id, "Unexpected bracket in OPTIONS =item: $item")
332 if ($1 // '') ne '' && $found =~ /^B<\s*-/;
334 my $option_uw = normalise_option($id, $filename, $found);
335 err($id, "Malformed option in OPTIONS: $found")
336 if defined $option_uw && $option_uw eq '';
342 my $symbol_re = qr/[[:alpha:]_][_[:alnum:]]*?/;
344 # Checks of function name (man3) formatting. The man3 checks are
345 # easier than the man1 checks, we only check the names followed by (),
346 # and only the names that have POD markup.
347 sub functionname_check {
349 my $filename = shift;
350 my $contents = shift;
352 while ( $contents =~ /($markup_re)\(\)/msg ) {
353 print STDERR "$id:DEBUG[functionname_check] SYNOPSIS: found $&\n"
357 my $unmarked = $symbol;
358 $unmarked =~ s/[BIL]<|>//msg;
360 err($id, "Malformed symbol: $symbol")
361 unless $symbol =~ /^B<.*>$/ && $unmarked =~ /^${symbol_re}$/
364 # We can't do the kind of collecting coolness that option_check()
365 # does, because there are too many things that can't be found in
366 # name repositories like the NAME sections, such as symbol names
367 # with a variable part (typically marked up as B<foo_I<TYPE>_bar>
370 # This is from http://man7.org/linux/man-pages/man7/man-pages.7.html
371 my %preferred_words = (
372 'bitmask' => 'bit mask',
373 'builtin' => 'built-in',
374 #'epoch' => 'Epoch', # handled specially, below
375 'file name' => 'filename',
376 'file system' => 'filesystem',
377 'host name' => 'hostname',
379 'lower case' => 'lowercase',
380 'lower-case' => 'lowercase',
381 'non-zero' => 'nonzero',
382 'path name' => 'pathname',
383 'pseudo-terminal' => 'pseudoterminal',
384 'reserved port' => 'privileged port',
385 'system port' => 'privileged port',
386 'realtime' => 'real-time',
387 'real time' => 'real-time',
388 'runtime' => 'run time',
389 'saved group ID'=> 'saved set-group-ID',
390 'saved set-GID' => 'saved set-group-ID',
391 'saved user ID' => 'saved set-user-ID',
392 'saved set-UID' => 'saved set-user-ID',
393 'set-GID' => 'set-group-ID',
394 'setgid' => 'set-group-ID',
395 'set-UID' => 'set-user-ID',
396 'setuid' => 'set-user-ID',
397 'super user' => 'superuser',
398 'super-user' => 'superuser',
399 'super block' => 'superblock',
400 'super-block' => 'superblock',
401 'time stamp' => 'timestamp',
402 'time zone' => 'timezone',
403 'upper case' => 'uppercase',
404 'upper-case' => 'uppercase',
405 'useable' => 'usable',
406 'userspace' => 'user space',
407 'user name' => 'username',
411 # Search manpage for words that have a different preferred use.
414 my $contents = shift;
416 foreach my $k ( keys %preferred_words ) {
418 next if $k eq 'file system'
419 and $contents =~ /Microsoft Encrypted File System/;
420 err($id, "found '$k' should use '$preferred_words{$k}'")
421 if $contents =~ /\b\Q$k\E\b/i;
423 err($id, "found 'epoch' should use 'Epoch'")
424 if $contents =~ /\bepoch\b/;
427 # Perform all sorts of nit/error checks on a manpage
429 my $filename = shift;
430 my $dirname = basename(dirname($filename));
435 open POD, $filename or die "Couldn't open $filename, $!";
440 my $id = "${filename}:1:";
441 check_head_style($id, $contents);
443 # Check ordering of some sections in man3
444 if ( $filename =~ m|man3/| ) {
445 check_section_location($id, $contents, "RETURN VALUES", "EXAMPLES");
446 check_section_location($id, $contents, "SEE ALSO", "HISTORY");
447 check_section_location($id, $contents, "EXAMPLES", "SEE ALSO");
450 # Make sure every link has a section.
451 while ( $contents =~ /$markup_re/msg ) {
453 next unless $target =~ /^L</; # Skip if not L<...>, or
454 next if $target =~ /::/; # links to a Perl module, or
455 next if $target =~ m@L</@; # links within the page, or
456 next if $target =~ /^L<https?:/; # is a URL link, or
457 next if $target =~ m@\([1357]\)>$@; # it has a section, or
458 next if $target =~ m@\([1357]\)/.*>$@; # it has a section/anchor
459 err($id, "Section missing in $target")
461 # Check for proper in-man-3 API links.
462 while ( $contents =~ /L<([^>]*)\(3\)(?:\/.*)?>/g ) {
464 err($id, "Bad L<$target>")
465 unless $target =~ /^[_[:alpha:]][_[:alnum:]]*$/
468 unless ( $contents =~ /=for openssl generic/ ) {
469 if ( $filename =~ m|man3/| ) {
470 name_synopsis($id, $filename, $contents);
471 functionname_check($id, $filename, $contents);
472 } elsif ( $filename =~ m|man1/| ) {
473 option_check($id, $filename, $contents)
477 wording($id, $contents);
479 err($id, "doesn't start with =pod")
480 if $contents !~ /^=pod/;
481 err($id, "doesn't end with =cut")
482 if $contents !~ /=cut\n$/;
483 err($id, "more than one cut line.")
484 if $contents =~ /=cut.*=cut/ms;
485 err($id, "EXAMPLE not EXAMPLES section.")
486 if $contents =~ /=head1 EXAMPLE[^S]/;
487 err($id, "WARNING not WARNINGS section.")
488 if $contents =~ /=head1 WARNING[^S]/;
489 err($id, "missing copyright")
490 if $contents !~ /Copyright .* The OpenSSL Project Authors/;
491 err($id, "copyright not last")
492 if $contents =~ /head1 COPYRIGHT.*=head/ms;
493 err($id, "head2 in All uppercase")
494 if $contents =~ /head2\s+[A-Z ]+\n/;
495 err($id, "extra space after head")
496 if $contents =~ /=head\d\s\s+/;
497 err($id, "period in NAME section")
498 if $contents =~ /=head1 NAME.*\.\n.*=head1 SYNOPSIS/ms;
499 err($id, "Duplicate $1 in L<>")
500 if $contents =~ /L<([^>]*)\|([^>]*)>/ && $1 eq $2;
501 err($id, "Bad =over $1")
502 if $contents =~ /=over([^ ][^24])/;
503 err($id, "Possible version style issue")
504 if $contents =~ /OpenSSL version [019]/;
506 if ( $contents !~ /=for openssl multiple includes/ ) {
507 # Look for multiple consecutive openssl #include lines
508 # (non-consecutive lines are okay; see man3/MD5.pod).
509 if ( $contents =~ /=head1 SYNOPSIS(.*)=head1 DESCRIPTION/ms ) {
511 foreach my $line ( split /\n+/, $1 ) {
512 if ( $line =~ m@include <openssl/@ ) {
513 err($id, "has multiple includes")
522 open my $OUT, '>', $temp
523 or die "Can't open $temp, $!";
524 podchecker($filename, $OUT);
526 open $OUT, '<', $temp
527 or die "Can't read $temp, $!";
529 next if /\(section\) in.*deprecated/;
533 unlink $temp || warn "Can't remove $temp, $!";
535 # Find what section this page is in; assume 3.
537 $section = $1 if $dirname =~ /man([1-9])/;
539 foreach ( (@{$mandatory_sections{'*'}}, @{$mandatory_sections{$section}}) ) {
540 err($id, "missing $_ head1 section")
541 if $contents !~ /^=head1\s+${_}\s*$/m;
545 # Parse libcrypto.num, etc., and return sorted list of what's there.
550 open my $IN, '<', $file
551 or die "Can't open $file, $!, stopped";
555 next if /\bNOEXIST\b/;
556 my @fields = split();
557 die "Malformed line $_"
558 if scalar @fields != 2 && scalar @fields != 4;
559 push @apis, $fields[0];
567 # Parse all the manpages, getting return map of what they document
568 # (by looking at their NAME sections).
575 foreach my $pod ( glob("$dir/*.pod") ) {
576 my %podinfo = extract_pod_info($pod);
577 foreach my $n ( @{$podinfo{names}} ) {
579 err("# Duplicate $n in $pod and $dups{$n}")
580 if defined $dups{$n} && $dups{$n} ne $pod;
588 # Map of documented functions; function => manpage
590 # Map of links in each POD file; filename => [ "foo(1)", "bar(3)", ... ]
592 # Map of names in each POD file; "name(s)" => filename
595 # Load file of symbol names that we know aren't documented.
598 my $missingfile = shift;
601 open FH, $missingfile
602 || die "Can't open $missingfile";
613 # Check for undocumented macros; ignore those in the "missing" file
614 # and do simple check for #define in our header files.
621 @missing = loadmissing('util/missingmacro111.txt');
623 @missing = loadmissing('util/missingmacro.txt');
626 foreach my $f ( glob('include/openssl/*.h') ) {
627 # Skip some internals we don't want to document yet.
628 next if $f eq 'include/openssl/asn1.h';
629 next if $f eq 'include/openssl/asn1t.h';
630 next if $f eq 'include/openssl/err.h';
631 open(IN, $f) || die "Can't open $f, $!";
633 next unless /^#\s*define\s*(\S+)\(/;
635 next if $docced{$macro} || defined $seen{$macro};
636 next if $macro =~ /i2d_/
638 || $macro =~ /DEPRECATEDIN/
639 || $macro =~ /IMPLEMENT_/
640 || $macro =~ /DECLARE_/;
642 # Skip macros known to be missing
643 next if $opt_v && grep( /^$macro$/, @missing);
645 err("$f:", "macro $macro undocumented")
652 err("# $count macros undocumented (count is approximate)")
656 # Find out what is undocumented (filtering out the known missing ones)
661 my $missingfile = shift;
665 my @missing = loadmissing($missingfile) if ( $opt_v );
667 foreach my $func ( parsenum($numfile) ) {
668 next if $docced{$func} || defined $seen{$func};
670 # Skip ASN1 utilities
671 next if $func =~ /^ASN1_/;
673 # Skip functions known to be missing
674 next if $opt_v && grep( /^$func$/, @missing);
676 err("$libname:", "function $func undocumented")
681 err("# $count in $numfile are not documented")
685 # Collect all the names in a manpage.
687 my $filename = shift;
688 $filename =~ m|man(\d)/|;
690 my $simplename = basename($filename, ".pod");
691 my $id = "${filename}:1:";
696 open POD, $filename or die "Couldn't open $filename, $!";
701 $contents =~ /=head1 NAME([^=]*)=head1 /ms;
703 unless ( defined $tmp ) {
704 err($id, "weird name section");
711 map { s|/|-|g; $_ } # Treat slash as dash
712 map { s/^\s+//g; s/\s+$//g; $_ } # Trim prefix and suffix blanks
714 unless ( grep { $simplename eq $_ } @names ) {
715 err($id, "missing $simplename");
716 push @names, $simplename;
718 foreach my $name (@names) {
720 if ( $name =~ /\s/ ) {
721 err($id, "'$name' contains white space")
723 my $name_sec = "$name($section)";
724 if ( !exists $name_map{$name_sec} ) {
725 $name_map{$name_sec} = $filename;
726 } elsif ( $filename eq $name_map{$name_sec} ) {
727 err($id, "$name_sec repeated in NAME section of",
728 $name_map{$name_sec});
730 err($id, "$name_sec also in NAME section of",
731 $name_map{$name_sec});
736 map { map { s/\s+//g; $_ } split(/,/, $_) }
737 $contents =~ /=for\s+comment\s+foreign\s+manuals:\s*(.*)\n\n/;
738 foreach ( @foreign_names ) {
739 $name_map{$_} = undef; # It still exists!
742 my @links = $contents =~ /L<
743 # if the link is of the form L<something|name(s)>,
744 # then remove 'something'. Note that 'something'
745 # may contain POD codes as well...
746 (?:(?:[^\|]|<[^>]*>)*\|)?
747 # we're only interested in references that have
748 # a one digit section number
751 $link_map{$filename} = [ @links ];
754 # Look for L<> ("link") references that point to files that do not exist.
756 foreach my $filename (sort keys %link_map) {
757 foreach my $link (@{$link_map{$filename}}) {
758 err("${filename}:1:", "reference to non-existing $link")
759 unless exists $name_map{$link};
764 # Load the public symbol/macro names
766 foreach my $name ( parsenum('util/libcrypto.num') ) {
769 foreach my $name ( parsenum('util/libssl.num') ) {
772 foreach my $name ( parsenum('util/other.syms') ) {
777 # Cipher/digests to skip if they show up as "not implemented"
778 # because they are, via the "-*" construct.
796 # Check the flags of a command and see if everything is in the manpage
804 # Get the list of options in the command.
805 open CFH, "./apps/openssl list --options $cmd|"
806 || die "Can list options for $cmd, $!";
814 # Get the list of flags from the synopsis
816 || die "Can't open $doc, $!";
819 last if /DESCRIPTION/;
820 if ( /=for openssl ifdef (.*)/ ) {
821 foreach my $f ( split / /, $1 ) {
826 next unless /\[B<-([^ >]+)/;
828 $opt = $1 if $opt =~ /I<(.*)/;
833 # See what's in the command not the manpage.
834 my @undocced = sort grep { !defined $docopts{$_} } keys %cmdopts;
835 foreach ( @undocced ) {
836 next if /-/; # Skip the -- end-of-flags marker
837 err("$doc: undocumented option -$_");
840 # See what's in the command not the manpage.
841 my @unimpl = sort grep { !defined $cmdopts{$_} } keys %docopts;
842 foreach ( @unimpl ) {
843 next if defined $skips{$_} || defined $localskips{$_};
844 err("$cmd documented but not implemented -$_");
850 ## Do the work requested by the various getopt flags.
851 ## The flags are parsed in alphabetical order, just because we have
852 ## to have *some way* of listing them.
858 # Get list of commands.
859 open FH, "./apps/openssl list -1 -commands|"
860 || die "Can't list commands, $!";
867 # See if each has a manpage.
868 foreach my $cmd ( @commands ) {
869 next if $cmd eq 'help' || $cmd eq 'exit';
870 my $doc = "doc/man1/$cmd.pod";
871 $doc = "doc/man1/openssl-$cmd.pod" if -f "doc/man1/openssl-$cmd.pod";
873 err("$doc does not exist");
875 checkflags($cmd, $doc);
879 # See what help is missing.
880 open FH, "./apps/openssl list --missing-help |"
881 || die "Can't list missing help, $!";
884 my ($cmd, $flag) = split;
885 err("$cmd has no help for -$flag");
893 foreach ( glob('doc/*/*.pod doc/internal/*/*.pod') ) {
901 foreach ( @ARGV ? @ARGV : glob('doc/*/*.pod doc/internal/*/*.pod') ) {
905 # If not given args, check that all man1 commands are named properly.
906 if ( scalar @ARGV == 0 ) {
907 foreach (glob('doc/man1/*.pod')) {
908 next if /CA.pl/ || /openssl\.pod/ || /tsget\.pod/;
909 err("$_ doesn't start with openssl-") unless /openssl-/;
914 if ( $opt_u || $opt_v) {
915 my %temp = getdocced('doc/man3');
916 foreach ( keys %temp ) {
917 $docced{$_} = $temp{$_};
920 printem('crypto', 'util/libcrypto.num', 'util/missingcrypto111.txt');
921 printem('ssl', 'util/libssl.num', 'util/missingssl111.txt');
923 printem('crypto', 'util/libcrypto.num', 'util/missingcrypto.txt');
924 printem('ssl', 'util/libssl.num', 'util/missingssl.txt');