various cleanup;

7 files changed, 52 insertions, 57 deletions

diff --git a/src/lib/libcrypto/man/ASN1_OBJECT_new.3 b/src/lib/libcrypto/man/ASN1_OBJECT_new.3
index e78bfd1174..55a90bbcb2 100644
--- a/src/lib/libcrypto/man/ASN1_OBJECT_new.3
+++ b/src/lib/libcrypto/man/ASN1_OBJECT_new.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ASN1_OBJECT_new.3,v 1.6 2016/11/10 11:30:07 schwarze Exp $
+.\"     $OpenBSD: ASN1_OBJECT_new.3,v 1.7 2016/11/10 14:34:18 jmc Exp $
 .\"     OpenSSL 99d63d4 Mar 19 12:28:58 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson.
@@ -9,7 +9,7 @@
 .\" are met:
 .\"
 .\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer. 
+.\"    notice, this list of conditions and the following disclaimer.
 .\"
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in
diff --git a/src/lib/libcrypto/man/BUF_MEM_new.3 b/src/lib/libcrypto/man/BUF_MEM_new.3
index 609df41457..f658048a93 100644
--- a/src/lib/libcrypto/man/BUF_MEM_new.3
+++ b/src/lib/libcrypto/man/BUF_MEM_new.3
@@ -1,6 +1,6 @@
-.\"     $OpenBSD: BUF_MEM_new.3,v 1.4 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: BUF_MEM_new.3,v 1.5 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt BUF_MEM_NEW 3
 .Os
 .Sh NAME
@@ -46,12 +46,10 @@ typedef struct buf_mem_st
 .Ed
 .Pp
 .Fa length
-is the current size of the buffer in bytes,
+is the current size of the buffer in bytes;
 .Fa max
 is the amount of memory allocated to the buffer.
-There are three functions which handle these and one
-.Dq miscellaneous
-function.
+There are three functions which handle these and one miscellaneous function.
 .Pp
 .Fn BUF_MEM_new
 allocates a new buffer of zero size.
@@ -92,7 +90,7 @@ returns the buffer or
 on error.
 .Pp
 .Fn BUF_MEM_grow
-returns zero on error or the new size (i.e.
+returns zero on error or the new size (i.e.\&
 .Fa len ) .
 .Sh SEE ALSO
 .Xr bio 3
diff --git a/src/lib/libcrypto/man/CONF_modules_free.3 b/src/lib/libcrypto/man/CONF_modules_free.3
index 2735db8d3b..bc20fdab0d 100644
--- a/src/lib/libcrypto/man/CONF_modules_free.3
+++ b/src/lib/libcrypto/man/CONF_modules_free.3
@@ -1,6 +1,6 @@
-.\"     $OpenBSD: CONF_modules_free.3,v 1.2 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: CONF_modules_free.3,v 1.3 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt CONF_MODULES_FREE 3
 .Os
 .Sh NAME
@@ -26,6 +26,8 @@
 .Fn CONF_modules_free
 closes down and frees up all memory allocated by all configuration
 modules.
+Normally applications will only call this function
+at application to tidy up any configuration performed.
 .Pp
 .Fn CONF_modules_finish
 calls the configuration
@@ -41,10 +43,6 @@ is set to 0, only modules loaded from DSOs will be unloaded.
 If
 .Fa all
 is 1, all modules, including builtin modules, will be unloaded.
-.Sh NOTES
-Normally applications will only call
-.Fn CONF_modules_free
-at application to tidy up any configuration performed.
 .Sh RETURN VALUES
 None of the functions return a value.
 .Sh SEE ALSO
diff --git a/src/lib/libcrypto/man/CONF_modules_load_file.3 b/src/lib/libcrypto/man/CONF_modules_load_file.3
index 9fbd1aba47..6e1a026727 100644
--- a/src/lib/libcrypto/man/CONF_modules_load_file.3
+++ b/src/lib/libcrypto/man/CONF_modules_load_file.3
@@ -1,6 +1,6 @@
-.\"     $OpenBSD: CONF_modules_load_file.3,v 1.2 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: CONF_modules_load_file.3,v 1.3 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt CONF_MODULES_LOAD_FILE 3
 .Os
 .Sh NAME
@@ -74,7 +74,7 @@ failure.
 If module errors are not ignored, the return code will reflect the return
 value of the failing module (this will always be zero or negative).
 .Sh SEE ALSO
-.Xr CONF_free 3 ,
+.Xr CONF_modules_free 3 ,
 .Xr ERR 3 ,
 .Xr OPENSSL_config 3
 .Sh HISTORY
diff --git a/src/lib/libcrypto/man/CRYPTO_set_ex_data.3 b/src/lib/libcrypto/man/CRYPTO_set_ex_data.3
index d7a88b5293..afdaa7a418 100644
--- a/src/lib/libcrypto/man/CRYPTO_set_ex_data.3
+++ b/src/lib/libcrypto/man/CRYPTO_set_ex_data.3
@@ -1,6 +1,6 @@
-.\"     $OpenBSD: CRYPTO_set_ex_data.3,v 1.2 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: CRYPTO_set_ex_data.3,v 1.3 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt CRYPTO_SET_EX_DATA 3
 .Os
 .Sh NAME
@@ -33,18 +33,19 @@ structures passed to the
 .Fn free_func ,
 and
 .Fn dup_func
-callbacks: as passed to
-.Xr RSA_get_ex_new_index 3
+callbacks, as passed to
+.Xr RSA_get_ex_new_index 3 ,
 for example.
 .Pp
 .Fn CRYPTO_set_ex_data
-is used to set application specific data, the data is supplied in the
+is used to set application specific data.
+The data is supplied in the
 .Fa arg
 parameter and its precise meaning is up to the application.
 .Pp
 .Fn CRYPTO_get_ex_data
 is used to retrieve application specific data.
-The data is returned to the application, this will be the same value as
+The data is returned to the application; this will be the same value as
 supplied to a previous
 .Fn CRYPTO_set_ex_data
 call.
diff --git a/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3 b/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
index eb99f30d23..6fdb68c005 100644
--- a/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
+++ b/src/lib/libcrypto/man/CRYPTO_set_locking_callback.3
@@ -1,16 +1,17 @@
-.\"     $OpenBSD: CRYPTO_set_locking_callback.3,v 1.3 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: CRYPTO_set_locking_callback.3,v 1.4 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt CRYPTO_SET_LOCKING_CALLBACK 3
 .Os
 .Sh NAME
+.Nm CRYPTO_THREADID_set_numeric ,
+.Nm CRYPTO_THREADID_set_pointer ,
 .Nm CRYPTO_THREADID_set_callback ,
 .Nm CRYPTO_THREADID_get_callback ,
 .Nm CRYPTO_THREADID_current ,
 .Nm CRYPTO_THREADID_cmp ,
 .Nm CRYPTO_THREADID_cpy ,
 .Nm CRYPTO_THREADID_hash ,
-.Nm CRYPTO_set_locking_callback ,
 .Nm CRYPTO_num_locks ,
 .Nm CRYPTO_set_dynlock_create_callback ,
 .Nm CRYPTO_set_dynlock_lock_callback ,
@@ -22,9 +23,7 @@
 .Nm CRYPTO_w_unlock ,
 .Nm CRYPTO_r_lock ,
 .Nm CRYPTO_r_unlock ,
-.Nm CRYPTO_add ,
-.Nm CRYPTO_add_lock ,
-.Nm CRYPTO_set_id_callback
+.Nm CRYPTO_add
 .Nd OpenSSL thread support
 .Sh SYNOPSIS
 .In openssl/crypto.h
@@ -211,7 +210,7 @@ value even though it is not as wide as the platform's true thread
 IDs.
 .El
 .Pp
-Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
+Additionally, OpenSSL supports dynamic locks and, sometimes, some parts
 of OpenSSL need it for better performance.
 To enable this, the following is required:
 .Bl -bullet
@@ -286,15 +285,7 @@ CRYPTO_UNLOCK	0x02
 CRYPTO_READ     0x04
 CRYPTO_WRITE    0x08
 .Ed
-.Sh RETURN VALUES
-.Fn CRYPTO_num_locks
-returns the required number of locks.
-.Pp
-.Fn CRYPTO_get_new_dynlockid
-returns the index to the newly created lock.
 .Pp
-The other functions return no values.
-.Sh NOTES
 You can find out if OpenSSL was configured with thread support:
 .Bd -literal -offset indent
 #define OPENSSL_THREAD_DEFINES
@@ -308,6 +299,14 @@ You can find out if OpenSSL was configured with thread support:
 .Pp
 Also, dynamic locks are currently not used internally by OpenSSL, but
 may do so in the future.
+.Sh RETURN VALUES
+.Fn CRYPTO_num_locks
+returns the required number of locks.
+.Pp
+.Fn CRYPTO_get_new_dynlockid
+returns the index to the newly created lock.
+.Pp
+The other functions return no values.
 .Sh EXAMPLES
 .Pa crypto/threads/mttest.c
 shows examples of the callback functions on Solaris, Irix and Win32.
diff --git a/src/lib/libcrypto/man/DES_set_key.3 b/src/lib/libcrypto/man/DES_set_key.3
index 1e4de6255f..804754e2ce 100644
--- a/src/lib/libcrypto/man/DES_set_key.3
+++ b/src/lib/libcrypto/man/DES_set_key.3
@@ -1,6 +1,6 @@
-.\"     $OpenBSD: DES_set_key.3,v 1.2 2016/11/06 15:52:50 jmc Exp $
+.\"     $OpenBSD: DES_set_key.3,v 1.3 2016/11/10 14:34:18 jmc Exp $
 .\"
-.Dd $Mdocdate: November 6 2016 $
+.Dd $Mdocdate: November 10 2016 $
 .Dt DES_SET_KEY 3
 .Os
 .Sh NAME
@@ -300,10 +300,10 @@ algorithm.
 There are two phases to the use of DES encryption.
 The first is the generation of a
 .Vt DES_key_schedule
-from a key, the second is the actual encryption.
+from a key, and the second is the actual encryption.
 A DES key is of type
 .Vt DES_cblock .
-This type is consists of 8 bytes with odd parity.
+This type consists of 8 bytes with odd parity.
 The least significant bit in each byte is the parity bit.
 The key schedule is an expanded form of the key; it is used to speed the
 encryption process.
@@ -343,7 +343,7 @@ sets the parity of the passed
 to odd.
 .Pp
 .Fn DES_is_weak_key
-returns 1 is the passed key is a weak key, 0 if it is ok.
+returns 1 if the passed key is a weak key or 0 if it is ok.
 .Pp
 The following routines mostly operate on an input and output stream of
 .Vt DES_cblock Ns s.
@@ -364,7 +364,7 @@ argument is non-zero
 .Pq Dv DES_ENCRYPT ,
 the
 .Fa input
-(cleartext) is encrypted in to the
+(cleartext) is encrypted into the
 .Fa output
 (ciphertext) using the key_schedule specified by the
 .Fa schedule
@@ -435,7 +435,7 @@ It uses
 .Fa inw
 and
 .Fa outw
-to 'whiten' the encryption.
+to "whiten" the encryption.
 .Fa inw
 and
 .Fa outw
@@ -465,7 +465,7 @@ Its parameters are the same as
 .Pp
 .Fn DES_cfb_encrypt
 encrypt/decrypts using cipher feedback mode.
-This method takes an array of characters as input and outputs and array
+This method takes an array of characters as input and outputs an array
 of characters.
 It does not require any padding to 8 character groups.
 Note: the
@@ -484,7 +484,7 @@ Because this routine will allow you to encrypt an arbitrary number of
 bytes, no 8 byte padding.
 Each call to this routine will encrypt the input bytes to output and
 then update ivec and num.
-num contains 'how far' we are though ivec.
+num contains "how far" we are though ivec.
 If this does not make much sense, read more about cfb mode of DES :-).
 .Pp
 .Fn DES_ede3_cfb64_encrypt
@@ -496,7 +496,7 @@ except that Triple-DES is used.
 .Pp
 .Fn DES_ofb_encrypt
 encrypts using output feedback mode.
-This method takes an array of characters as input and outputs and array
+This method takes an array of characters as input and outputs an array
 of characters.
 It does not require any padding to 8 character groups.
 Note: the
@@ -523,7 +523,7 @@ The following functions are included in the DES library for
 compatibility with the MIT Kerberos library.
 .Pp
 .Fn DES_cbc_cksum
-produces an 8 byte checksum based on the input stream (via CBC
+produces an 8-byte checksum based on the input stream (via CBC
 encryption).
 The last 4 bytes of the checksum are returned and the complete 8 bytes
 are placed in
@@ -535,7 +535,7 @@ etc. instead.
 .Pp
 .Fn DES_quad_cksum
 is a Kerberos v4 function.
-It returns a 4 byte checksum from the input bytes.
+It returns a 4-byte checksum from the input bytes.
 The algorithm can be iterated over the input, depending on
 .Fa out_count ,
 1, 2, 3 or 4 times.
@@ -606,12 +606,12 @@ for the key schedule and
 .Fa iv
 for the initial vector.
 .Pp
-.Sy Warning:
+.Sy Warning :
 The data format used by
 .Fn DES_enc_write
 and
 .Fn DES_enc_read
-has a cryptographic weakness: When asked to write more than
+has a cryptographic weakness: when asked to write more than
 .Dv MAXWRITE
 bytes,
 .Fn DES_enc_write
@@ -657,7 +657,7 @@ were added in OpenSSL 0.9.5.
 .Fn des_init_random_number_generator ,
 .Fn des_new_random_key ,
 .Fn des_set_random_generator_seed ,
-.Xr des_set_sequence_number ,
+.Fn des_set_sequence_number ,
 and
 .Fn des_rand_data 3
 are used in newer versions of Kerberos but are not implemented here.
@@ -671,8 +671,7 @@ prior version 0.9.5, as well as in the original MIT library.
 Single-key DES is insecure due to its short key size.
 ECB mode is not suitable for most applications.
 .Sh BUGS
-.Xr DES_cbc_encrypt 3
-does not modify
+DES_cbc_encrypt does not modify
 .Fa ivec ;
 use
 .Fn DES_ncbc_encrypt
@@ -689,7 +688,7 @@ The second 12 bits will have the low 8 bits taken from the 3rd input
 byte and the top 4 bits taken from the 4th input byte.
 The same holds for output.
 This function has been implemented this way because most people will be
-using a multiple of 8 and because once you get into pulling bytes input
+using a multiple of 8 and because once you get into pulling input
 bytes apart things get ugly!
 .Pp
 .Fn DES_string_to_key