diff --git a/admin/ktutil.8 b/admin/ktutil.8 index 52a95f90f..36005a220 100644 --- a/admin/ktutil.8 +++ b/admin/ktutil.8 @@ -9,13 +9,13 @@ .Sh SYNOPSIS .Nm .Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab +.Fl -keytab= Ns Ar keytab .Xc .Oc .Op Fl v | Fl -verbose .Op Fl -version .Op Fl h | Fl -help -.Ar command +.Ar command .Op Ar args .Sh DESCRIPTION .Nm @@ -110,14 +110,14 @@ removes keys of any type. .Xc Renames all entries in the keytab that match the .Ar from-principal -to +to .Ar to-principal . .It purge Xo .Op Fl -age= Ns Ar age .Xc Removes all old entries (for which there is a newer version) that are older than -.Ar age +.Ar age (default one week). .It srvconvert .It srv2keytab Xo @@ -127,12 +127,12 @@ older than Converts the version 4 srvtab in .Ar srvtab to a version 5 keytab and stores it in -.Ar keytab . +.Ar keytab . Identical to: .Bd -ragged -offset indent -.Li ktutil copy +.Li ktutil copy .Li krb4: Ns Ar srvtab -.Ar keytab +.Ar keytab .Ed .It srvcreate .It key2srvtab Xo @@ -145,8 +145,8 @@ to a version 4 srvtab and stores it in .Ar srvtab . Identical to: .Bd -ragged -offset indent -.Li ktutil copy -.Ar keytab +.Li ktutil copy +.Ar keytab .Li krb4: Ns Ar srvtab .Ed .El diff --git a/appl/ftp/ftp/ftp.1 b/appl/ftp/ftp/ftp.1 index f76ebd600..7e2d95b59 100644 --- a/appl/ftp/ftp/ftp.1 +++ b/appl/ftp/ftp/ftp.1 @@ -923,10 +923,10 @@ A synonym for help. The following command can be used with ftpsec-aware servers. .Bl -tag -width Fl .It Xo -.Ic prot -.Ar clear | -.Ar safe | -.Ar confidential | +.Ic prot +.Ar clear | +.Ar safe | +.Ar confidential | .Ar private .Xc Set the data protection level to the requested level. diff --git a/appl/ftp/ftpd/ftpd.8 b/appl/ftp/ftpd/ftpd.8 index 8c6a93921..5539d563d 100644 --- a/appl/ftp/ftpd/ftpd.8 +++ b/appl/ftp/ftpd/ftpd.8 @@ -44,7 +44,7 @@ .Op Fl a Ar authmode .Op Fl dilvU .Op Fl g Ar umask -.Op Fl p Ar port +.Op Fl p Ar port .Op Fl T Ar maxtimeout .Op Fl t Ar timeout .Op Fl u Ar default umask @@ -89,7 +89,7 @@ The following combination modes exists for backwards compatibility: Same as .Ar plain,ftp . .It Ar safe -Same as +Same as .Ar ftp . .It Ar user Ignored. @@ -103,7 +103,7 @@ Anonymous users will get a umask of Open a socket and wait for a connection. This is mainly used for debugging when ftpd isn't started by inetd. .It Fl l -Each successful and failed +Each successful and failed .Xr ftp 1 session is logged using syslog with a facility of LOG_FTP. If this option is specified twice, the retrieve (get), store (put), append, @@ -112,7 +112,7 @@ their filename arguments are also logged. .It Fl p Use .Ar port -(a service name or number) instead of the default +(a service name or number) instead of the default .Ar ftp/tcp . .It Fl T A client may also request a different timeout period; @@ -131,11 +131,11 @@ Set the initial umask to something else than the default 027. .It Fl U In previous versions of .Nm ftpd , -when a passive mode client requested a data connection to the server, the -server would use data ports in the range 1024..4999. Now, by default, +when a passive mode client requested a data connection to the server, the +server would use data ports in the range 1024..4999. Now, by default, if the system supports the IP_PORTRANGE socket option, the server will use data ports in the range 49152..65535. Specifying this option will -revert to the old behavior. +revert to the old behavior. .It Fl v Verbose mode. .It Xo @@ -159,7 +159,7 @@ If the file .Pa /etc/ftpwelcome exists, .Nm -prints it before issuing the +prints it before issuing the .Dq ready message. If the file @@ -231,13 +231,13 @@ by the SITE request. .Pp .Bl -column Request -offset indent -.It UMASK Ta change umask, (e.g. +.It UMASK Ta change umask, (e.g. .Ic "SITE UMASK 002" ) -.It IDLE Ta set idle-timer, (e.g. +.It IDLE Ta set idle-timer, (e.g. .Ic "SITE IDLE 60" ) -.It CHMOD Ta change mode of a file (e.g. +.It CHMOD Ta change mode of a file (e.g. .Ic "SITE CHMOD 755 filename" ) -.It FIND Ta quickly find a specific file with GNU +.It FIND Ta quickly find a specific file with GNU .Xr locate 1 . .It HELP Ta give help information. .El @@ -273,7 +273,7 @@ This allows users to utilize the metacharacters .Dq Li \&*?[]{}~ . .Pp .Nm Ftpd -authenticates users according to these rules. +authenticates users according to these rules. .Pp .Bl -enum -offset indent .It @@ -295,7 +295,7 @@ for more information on OTP authentication. The login name must not appear in the file .Pa /etc/ftpusers . .It -The user must have a standard shell returned by +The user must have a standard shell returned by .Xr getusershell 3 . .It If the user name appears in the file @@ -307,7 +307,7 @@ as for an or .Dq ftp account (see next item). However, the user must still supply a password. -This feature is intended as a compromise between a fully anonymous account +This feature is intended as a compromise between a fully anonymous account and a fully privileged account. The account should also be set up as for an anonymous account. .It @@ -324,10 +324,10 @@ to log in by specifying any password (by convention an email address for the user should be used as the password). .El .Pp -In the last case, +In the last case, .Nm ftpd takes special measures to restrict the client's access privileges. -The server performs a +The server performs a .Xr chroot 2 to the home directory of the .Dq ftp @@ -348,14 +348,14 @@ file). No files should be owned or writable by as specified below). .Bl -tag -width "~ftp/pub" -offset indent .It Pa ~ftp -The +The .Dq ftp homedirectory should be owned by root. .It Pa ~ftp/bin -The directory for external programs (such as +The directory for external programs (such as .Xr ls 1 ) . These programs must either be statically linked, or you must setup an -environment for dynamic linking when running chrooted. +environment for dynamic linking when running chrooted. These programs will be used if present: .Bl -tag -width "locate" -offset indent .It ls @@ -376,30 +376,30 @@ Enables retrieval of whole directories as files ending in .Pa .tar . Can also be combined with compression. You must use GNU Tar (or some other that supports the -.Fl z +.Fl z and .Fl Z flags). .It locate -Will enable ``fast find'' with the +Will enable ``fast find'' with the .Ic SITE FIND -command. You must also create a +command. You must also create a .Pa locatedb -file in +file in .Pa ~ftp/etc . .El .It Pa ~ftp/etc If you put copies of the .Xr passwd 5 -and +and .Xr group 5 files here, ls will be able to produce owner names rather than -numbers. Remember to remove any passwords from these files. +numbers. Remember to remove any passwords from these files. .Pp The file .Pa motd , if present, will be printed after a successful login. -.It Pa ~ftp/dev +.It Pa ~ftp/dev Put a copy of .Xr /dev/null 7 here. @@ -409,12 +409,12 @@ Traditional place to put whatever you want to make public. .Pp If you want guests to be able to upload files, create a .Pa ~ftp/incoming -directory owned by +directory owned by .Dq root , and group .Dq ftp -with mode 730 (make sure -.Dq ftp +with mode 730 (make sure +.Dq ftp is member of group .Dq ftp ) . The following restrictions apply to anonymous users: @@ -427,25 +427,25 @@ with the .Fl g option. .It -These command are not accessible: -.Ic DELE , RMD , RNTO , RNFR , +These command are not accessible: +.Ic DELE , RMD , RNTO , RNFR , .Ic SITE UMASK , and .Ic SITE CHMOD . .It Filenames must start with an alpha-numeric character, and consist of -alpha-numeric characters or any of the following: -.Li \&+ +alpha-numeric characters or any of the following: +.Li \&+ (plus), -.Li \&- +.Li \&- (minus), -.Li \&= +.Li \&= (equal), -.Li \&_ +.Li \&_ (underscore), -.Li \&. +.Li \&. (period), and -.Li \&, +.Li \&, (comma). .El .Sh FILES diff --git a/appl/ftp/ftpd/ftpusers.5 b/appl/ftp/ftpd/ftpusers.5 index 9336a9ce1..2e00a2b26 100644 --- a/appl/ftp/ftpd/ftpusers.5 +++ b/appl/ftp/ftpd/ftpusers.5 @@ -10,7 +10,7 @@ .Pa /etc/ftpusers contains a list of users that should be allowed or denied FTP access. Each line contains a user, optionally followed by -.Dq allow +.Dq allow (anything but .Dq allow is ignored). The semi-user diff --git a/appl/kx/rxtelnet.1 b/appl/kx/rxtelnet.1 index 0c0899b4f..fc21e2dd5 100644 --- a/appl/kx/rxtelnet.1 +++ b/appl/kx/rxtelnet.1 @@ -76,7 +76,7 @@ to host you might do the following. .Bl -enum .It -On foo: +On foo: .Nm .Va bar .It diff --git a/appl/kx/rxterm.1 b/appl/kx/rxterm.1 index f69769717..e739a16cc 100644 --- a/appl/kx/rxterm.1 +++ b/appl/kx/rxterm.1 @@ -72,7 +72,7 @@ to host you might do the following. .Bl -enum .It -On foo: +On foo: .Nm .Va bar .It diff --git a/appl/kx/tenletxr.1 b/appl/kx/tenletxr.1 index fba460f1b..d4b873c60 100644 --- a/appl/kx/tenletxr.1 +++ b/appl/kx/tenletxr.1 @@ -40,7 +40,7 @@ to host you might do the following. .Bl -enum .It -On foo: +On foo: .Nm .Va bar .It diff --git a/appl/push/push.8 b/appl/push/push.8 index 27a9176ef..231f36880 100644 --- a/appl/push/push.8 +++ b/appl/push/push.8 @@ -42,7 +42,7 @@ can have any of the following formats: .Pp If no username is specified, .Nm -assumes that it's the same as on the local machine; +assumes that it's the same as on the local machine; .Ar hostname defaults to the value of the .Ev MAILHOST @@ -88,7 +88,7 @@ a list of comma-separated headers that should get printed. .Fl -port Ns = Ns Ar port-spec .Xc use this port instead of the default -.Ql kpop +.Ql kpop or .Ql 1109 . .El @@ -117,8 +117,8 @@ and stores the mail in $ push --from -5 havregryn .Ed .Pp -tries to fetch -.Sy From: +tries to fetch +.Sy From: lines for current user at post office .Dq havregryn using Kerberos 5. diff --git a/appl/rsh/rsh.1 b/appl/rsh/rsh.1 index bc2f3aed2..7a4c32d84 100644 --- a/appl/rsh/rsh.1 +++ b/appl/rsh/rsh.1 @@ -10,17 +10,17 @@ remote shell .Sh SYNOPSIS .Nm .Op Fl 45FGKdefnuxz -.Op Fl U Pa string +.Op Fl U Pa string .Op Fl p Ar port .Op Fl l Ar username .Ar host [command] .Sh DESCRIPTION .Nm -authenticates to the -.Xr rshd 8 +authenticates to the +.Xr rshd 8 daemon on the remote .Ar host , -and then executes the specified +and then executes the specified .Ar command . .Pp .Nm @@ -33,8 +33,8 @@ Valid options are: .Fl 4 , .Fl -krb4 .Xc -The -.Fl 4 +The +.Fl 4 option requests Kerberos 4 authentication. Normally all supported authentication mechanisms will be tried, but in some cases more explicit control is desired. @@ -42,16 +42,16 @@ explicit control is desired. .Fl 5 , .Fl -krb5 .Xc -The +The .Fl 5 -option requests Kerberos 5 authentication. This is analogous to the +option requests Kerberos 5 authentication. This is analogous to the .Fl 4 option. .It Xo .Fl K , .Fl -broken .Xc -The +The .Fl K option turns off all Kerberos authentication. The long name implies that this is more or less totally unsecure. The security in this mode @@ -60,9 +60,9 @@ relies on reserved ports, which is not very secure. .Fl n , .Fl -no-input .Xc -The +The .Fl n -option directs the input from the +option directs the input from the .Pa /dev/null device (see the .Sx BUGS @@ -89,7 +89,7 @@ section for limitations). The opposite of .Fl x . This is the default, but encryption can be enabled when using -Kerberos 5, by setting the +Kerberos 5, by setting the .Li libdefaults/encrypt option in .Xr krb5.conf 5 . @@ -97,22 +97,22 @@ option in .Fl f , .Fl -forward .Xc -Forward Kerberos 5 credentials to the remote host. Also controlled by +Forward Kerberos 5 credentials to the remote host. Also controlled by .Li libdefaults/forward -in +in .Xr krb5.conf 5 . .It Xo .Fl G .Xc -The opposite of +The opposite of .Fl f . .It Xo .Fl F , .Fl -forwardable .Xc -Make the forwarded credentials re-forwardable. Also controlled by +Make the forwarded credentials re-forwardable. Also controlled by .Li libdefaults/forwardable -in +in .Xr krb5.conf 5 . .It Xo .Fl u , @@ -147,8 +147,8 @@ option or the format allow the remote name to be specified. .El .\".Pp -.\"Without a -.\".Ar command +.\"Without a +.\".Ar command .\".Nm .\"will just exec .\".Xr rlogin 1 @@ -200,13 +200,13 @@ was written as part of the Heimdal Kerberos 5 implementation. .Sh BUGS Some shells (notably .Xr csh 1 ) -will cause -.Nm -to block if run in the background, unless the standard input is directed away from the terminal. This is what the +will cause +.Nm +to block if run in the background, unless the standard input is directed away from the terminal. This is what the .Fl n option is for. .Pp -The +The .Fl x options enables encryption for the session, but for both Kerberos 4 and 5 the actual command is sent unencrypted, so you should not send diff --git a/appl/rsh/rshd.8 b/appl/rsh/rshd.8 index ba4e0fa85..22ad0fcc8 100644 --- a/appl/rsh/rshd.8 +++ b/appl/rsh/rshd.8 @@ -35,8 +35,8 @@ doesn't send any data. Assume that clients connecting to this server will use some form of Kerberos authentication. See the .Sx EXAMPLES -section for a sample -.Xr inetd.conf 5 +section for a sample +.Xr inetd.conf 5 configuration. .It Xo .Fl x , @@ -74,18 +74,18 @@ peculiar environments, such as some batch systems. .Fl i , .Fl -no-inetd .Xc -The -.Fl i +The +.Fl i option will cause -.Nm -to create a socket, instead of assuming that its stdin came from +.Nm +to create a socket, instead of assuming that its stdin came from .Xr inetd 8 . This is mostly useful for debugging. .It Xo .Fl p Ar port , .Fl -port= Ns Ar port .Xc -Port to use with +Port to use with .Fl i . .It Xo .Fl a @@ -95,7 +95,7 @@ This flag is for backwards compatibility only. .Fl L .Xc This flag enables logging of connections to -.Xr syslogd 8 . +.Xr syslogd 8 . This option is always on in this implementation. .El .\".Sh ENVIRONMENT @@ -106,7 +106,7 @@ This option is always on in this implementation. .El .Sh EXAMPLES The following can be used to enable Kerberised rsh in -.Xr inetd.cond 5 , +.Xr inetd.cond 5 , while disabling non-Kerberised connections: .Bd -literal shell stream tcp nowait root /usr/libexec/rshd rshd -v diff --git a/appl/telnet/telnet/telnet.1 b/appl/telnet/telnet/telnet.1 index 0e037b7b5..82852a732 100644 --- a/appl/telnet/telnet/telnet.1 +++ b/appl/telnet/telnet/telnet.1 @@ -36,7 +36,7 @@ .Os BSD 4.2 .Sh NAME .Nm telnet -.Nd user interface to the +.Nd user interface to the .Tn TELNET protocol .Sh SYNOPSIS @@ -56,7 +56,7 @@ protocol The .Nm telnet command -is used to communicate with another host using the +is used to communicate with another host using the .Tn TELNET protocol. If @@ -102,7 +102,7 @@ connection to the value which can be a numeric TOS value or, on systems that support it, a symbolic TOS name found in the /etc/iptos file. -.It Fl X Ar atype +.It Fl X Ar atype Disables the .Ar atype type of authentication. @@ -129,7 +129,7 @@ Sets the initial value of the .Ic debug toggle to .Dv TRUE -.It Fl e Ar escape char +.It Fl e Ar escape char Sets the initial .Nm .Nm telnet @@ -150,7 +150,7 @@ option requests that telnet obtain tickets for the remote host in realm realm instead of the remote host's realm, as determined by .Xr krb_realmofhost 3 . -.It Fl l Ar user +.It Fl l Ar user When connecting to the remote system, if the remote system understands the .Ev ENVIRON @@ -163,7 +163,7 @@ option. This option may also be used with the .Ic open command. -.It Fl n Ar tracefile +.It Fl n Ar tracefile Opens .Ar tracefile for recording trace information. @@ -208,7 +208,7 @@ either \*(Lqcharacter at a time\*(Rq or \*(Lqold line by line\*(Rq depending on what the remote system supports. .Pp -When +When .Dv LINEMODE is enabled, character processing is done on the local system, under the control of the remote system. When input @@ -227,7 +227,7 @@ to turn off and on the local echo (this would mostly be used to enter passwords without the password being echoed). .Pp -If the +If the .Dv LINEMODE option is enabled, or if the .Ic localchars @@ -242,7 +242,7 @@ and characters are trapped locally, and sent as .Tn TELNET protocol sequences to the remote side. -If +If .Dv LINEMODE has ever been enabled, then the user's .Ic susp @@ -253,9 +253,9 @@ are also sent as protocol sequences, and .Ic quit -is sent as a +is sent as a .Dv TELNET ABORT -instead of +instead of .Dv BREAK There are options (see .Ic toggle @@ -296,7 +296,7 @@ and commands). .Pp .Bl -tag -width "mode type" -.It Ic auth Ar argument ... +.It Ic auth Ar argument ... The auth command manipulates the information sent through the .Dv TELNET AUTHENTICATE option. Valid arguments for the @@ -320,7 +320,7 @@ authentication. Close a .Tn TELNET session and return to command mode. -.It Ic display Ar argument ... +.It Ic display Ar argument ... Displays all, or some, of the .Ic set and @@ -417,7 +417,7 @@ Valid arguments for the .Ic environ command are: .Bl -tag -width Fl -.It Ic define Ar variable value +.It Ic define Ar variable value Define the variable .Ar variable to have a value of @@ -427,15 +427,15 @@ The .Ar value may be enclosed in single or double quotes so that tabs and spaces may be included. -.It Ic undefine Ar variable +.It Ic undefine Ar variable Remove .Ar variable from the list of environment variables. -.It Ic export Ar variable +.It Ic export Ar variable Mark the variable .Ar variable to be exported to the remote side. -.It Ic unexport Ar variable +.It Ic unexport Ar variable Mark the variable .Ar variable to not be exported unless @@ -469,7 +469,7 @@ If the remote side also supports the concept of suspending a user's session for later reattachment, the logout argument indicates that you should terminate the session immediately. -.It Ic mode Ar type +.It Ic mode Ar type .Ar Type is one of several options, depending on the state of the .Tn TELNET @@ -490,40 +490,40 @@ Enable the option, or, if the remote side does not understand the .Dv LINEMODE option, then attempt to enter \*(Lqold-line-by-line\*(Lq mode. -.It Ic isig Pq Ic \-isig -Attempt to enable (disable) the +.It Ic isig Pq Ic \-isig +Attempt to enable (disable) the .Dv TRAPSIG -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic edit Pq Ic \-edit -Attempt to enable (disable) the +.It Ic edit Pq Ic \-edit +Attempt to enable (disable) the .Dv EDIT -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic softtabs Pq Ic \-softtabs -Attempt to enable (disable) the +.It Ic softtabs Pq Ic \-softtabs +Attempt to enable (disable) the .Dv SOFT_TAB -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. -.It Ic litecho Pq Ic \-litecho -Attempt to enable (disable) the +.It Ic litecho Pq Ic \-litecho +Attempt to enable (disable) the .Dv LIT_ECHO -mode of the +mode of the .Dv LINEMODE option. -This requires that the +This requires that the .Dv LINEMODE option be enabled. .It Ic ?\& @@ -579,7 +579,7 @@ Close any open session and exit .Nm telnet . An end of file (in command mode) will also close a session and exit. -.It Ic send Ar arguments +.It Ic send Ar arguments Sends one or more special character sequences to the remote host. The following are the arguments which may be specified (more than one argument may be specified at a time): @@ -701,8 +701,8 @@ Prints out help information for the .Ic send command. .El -.It Ic set Ar argument value -.It Ic unset Ar argument value +.It Ic set Ar argument value +.It Ic unset Ar argument value The .Ic set command will set any one of a number of @@ -1002,16 +1002,16 @@ Displays the legal .Pq Ic unset commands. .El -.It Ic slc Ar state +.It Ic slc Ar state The .Ic slc command (Set Local Characters) is used to set or change the state of the the special -characters when the +characters when the .Dv TELNET LINEMODE option has been enabled. Special characters are characters that get -mapped to +mapped to .Tn TELNET commands sequences (like .Ic ip @@ -1037,7 +1037,7 @@ was started. .It Ic import Switch to the remote defaults for the special characters. The remote default characters are those of the remote system -at the time when the +at the time when the .Tn TELNET connection was established. .It Ic ?\& @@ -1050,7 +1050,7 @@ Show the current status of .Nm telnet . This includes the peer one is connected to, as well as the current mode. -.It Ic toggle Ar arguments ... +.It Ic toggle Ar arguments ... Toggle (between .Dv TRUE and @@ -1319,13 +1319,13 @@ Suspend .Nm telnet . This command only works when the user is using the .Xr csh 1 . -.It Ic \&! Op Ar command +.It Ic \&! Op Ar command Execute a single command in a subshell on the local system. If .Ic command is omitted, then an interactive subshell is invoked. -.It Ic ?\& Op Ar command +.It Ic ?\& Op Ar command Get help. With no arguments, .Nm telnet prints a help summary. @@ -1361,7 +1361,7 @@ command appeared in On some remote systems, echo has to be turned off manually when in \*(Lqold line by line\*(Rq mode. .Pp -In \*(Lqold line by line\*(Rq mode or +In \*(Lqold line by line\*(Rq mode or .Dv LINEMODE the terminal's .Ic eof diff --git a/appl/telnet/telnetd/telnetd.8 b/appl/telnet/telnetd/telnetd.8 index 56b6191c7..fd7d0bde4 100644 --- a/appl/telnet/telnetd/telnetd.8 +++ b/appl/telnet/telnetd/telnetd.8 @@ -75,7 +75,7 @@ option may be used to start up .Nm telnetd manually, instead of through .Xr inetd 8 . -If started up this way, +If started up this way, .Ar port may be specified to run .Nm telnetd @@ -153,7 +153,7 @@ to print out debugging information to the connection, allowing the user to see what .Nm telnetd is doing. -There are several possible values for +There are several possible values for .Ar debugmode : .Bl -tag -width exercise .It Cm options @@ -161,7 +161,7 @@ Prints information about the negotiation of .Tn TELNET options. .It Cm report -Prints the +Prints the .Cm options information, plus some additional information about what processing is going on. @@ -261,7 +261,7 @@ not warn when a user is trying to login with a cleartext password. operates by allocating a pseudo-terminal device (see .Xr pty 4 ) for a client, then creating a login process which has -the slave side of the pseudo-terminal as +the slave side of the pseudo-terminal as .Dv stdin , .Dv stdout and @@ -275,7 +275,7 @@ between the remote client and the login process. .Pp When a .Tn TELNET -session is started up, +session is started up, .Nm telnetd sends .Tn TELNET diff --git a/kadmin/kadmin.8 b/kadmin/kadmin.8 index 4f15acc4e..992645b2b 100644 --- a/kadmin/kadmin.8 +++ b/kadmin/kadmin.8 @@ -43,10 +43,10 @@ .Sh DESCRIPTION The .Nm -program is used to make modification to the Kerberos database, either remotely via the +program is used to make modification to the Kerberos database, either remotely via the .Xr kadmind 8 -daemon, or locally (with the -.Fl l +daemon, or locally (with the +.Fl l option). .Pp Supported options: @@ -93,12 +93,12 @@ port to use local admin mode .El .Pp -If no +If no .Ar command is given on the command line, -.Nm +.Nm will prompt for commands to process. Commands include: -.\" not using a list here, since groff apparently gets confused +.\" not using a list here, since groff apparently gets confused .\" with nested Xo/Xc .Bd -ragged -offset indent .Nm add @@ -236,7 +236,7 @@ reads a previously dumped database, and re-creates that database from scratch .Ar file .Pp .Bd -ragged -offset indent -similar to +similar to .Nm list but just modifies the database with the entries in the dump file .Ed diff --git a/kadmin/kadmind.8 b/kadmin/kadmind.8 index a99b1aa7b..0d5622f28 100644 --- a/kadmin/kadmind.8 +++ b/kadmin/kadmind.8 @@ -29,21 +29,22 @@ .Sh DESCRIPTION .Nm listens for requests for changes to the Kerberos database and performs -these, subject to permissions. When starting, if stdin is a socket it assumes that it has been started by +these, subject to permissions. When starting, if stdin is a socket it +assumes that it has been started by .Xr inetd 8 , otherwise it behaves as a daemon, forking processes for each new -connection. The +connection. The .Fl -debug -option causes +option causes .Nm -to accept exactly one connection, which is useful for debugging. +to accept exactly one connection, which is useful for debugging. .Pp If built with krb4 support, it implements both the Heimdal Kerberos 5 administrative protocol and the Kerberos 4 protocol. Password changes via the Kerberos 4 protocol are also performed by .Nm kadmind , but the -.Xr kpasswdd 8 +.Xr kpasswdd 8 daemon is responsible for the Kerberos 5 password changing protocol (used by .Xr kpasswd 1 ) @@ -119,7 +120,7 @@ enable debugging ports to listen to. By default, if run as a daemon, it listen to ports 749, and 751 (if built with Kerberos 4 support), but you can add any number of ports with this option. The port string is a whitespace -separated list of port specifications, with the special string +separated list of port specifications, with the special string .Dq + representing the default set of ports. .El @@ -142,7 +143,7 @@ mallory/admin@EXAMPLE.COM add,get host/*@EXAMPLE.COM .Ed .\".Sh DIAGNOSTICS .Sh SEE ALSO -.Xr kadmin 1 , .Xr kpasswd 1 , +.Xr kadmin 8 , .Xr kdc 8 , .Xr kpasswdd 8 diff --git a/kdc/hprop.8 b/kdc/hprop.8 index db24d3745..631abc2fd 100644 --- a/kdc/hprop.8 +++ b/kdc/hprop.8 @@ -70,7 +70,7 @@ The database to be propagated. .It Xo .Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|krb4-db|kaserver .Xc -Specifies the type of the source database. Alternatives include: +Specifies the type of the source database. Alternatives include: .Bl -tag -width krb4-dump -compact -offset indent .It heimdal @@ -140,13 +140,13 @@ Also dump the principals marked as special in the kaserver database. .Fl 4 , .Fl -v4-db .Xc -Deprecated, identical to +Deprecated, identical to .Sq --source=krb4-db . .It Xo .Fl K , .Fl -ka-db .Xc -Deprecated, identical to +Deprecated, identical to .Sq --source=kaserver . .El .Sh EXAMPLES diff --git a/kdc/kdc.8 b/kdc/kdc.8 index 5d51e8043..538ffc581 100644 --- a/kdc/kdc.8 +++ b/kdc/kdc.8 @@ -89,14 +89,14 @@ will listen on all the locally configured addresses. If only a subset is desired, or the automatic detection fails, this option might be used. .El .Pp -All activities , are logged to one or more destinations, see +All activities , are logged to one or more destinations, see .Xr krb5.conf 5 , and .Xr krb5_openlog 3 . The entity used for logging is .Nm kdc . .Sh CONFIGURATION FILE -The configuration file has the same syntax as the +The configuration file has the same syntax as the .Pa krb5.conf file (you can actually put the configuration in .Pa /etc/krb5.conf , diff --git a/kuser/kinit.1 b/kuser/kinit.1 index 864e6f823..653613299 100644 --- a/kuser/kinit.1 +++ b/kuser/kinit.1 @@ -90,8 +90,8 @@ Get ticket that can be forwarded to another host. .Xc Don't ask for a password, but instead get the key from the specified keytab. -.It Xo -.Fl l Ar time Ns , +.It Xo +.Fl l Ar time Ns , .Fl -lifetime= Ns Ar time .Xc Specifies the lifetime of the ticket. The argument can either be in @@ -174,13 +174,13 @@ Request a ticket with no addresses. .Fl -anonymous .Xc Request an anonymous ticket (which means that the ticket will be -issued to an anonymous principal, typically +issued to an anonymous principal, typically .Dq anonymous@REALM). .El .Pp The following options are only available if -.Nm -has been compiled with support for Kerberos 4. +.Nm +has been compiled with support for Kerberos 4. .Bl -tag -width Ds .It Xo .Fl 4 , @@ -199,12 +199,12 @@ Gets AFS tickets, converts them to version 4 format, and stores them in the kernel. Only useful if you have AFS. .El .Pp -The +The .Ar forwardable , .Ar proxiable , .Ar ticket_life , and -.Ar renewable_life +.Ar renewable_life options can be set to a default value from the .Dv appdefaults section in krb5.conf, see @@ -212,7 +212,7 @@ section in krb5.conf, see .Pp If a .Ar command -is given, +is given, .Nm kinit will setup new credentials caches, and AFS PAG, and then run the given command. When it finishes the credentials will be removed. diff --git a/kuser/klist.1 b/kuser/klist.1 index 404e3c15d..be8dd0446 100644 --- a/kuser/klist.1 +++ b/kuser/klist.1 @@ -82,7 +82,7 @@ pre-authenticated hardware authenticated .El .Pp -This information is also output with the +This information is also output with the .Fl -verbose option, but in a more verbose way. .It Xo diff --git a/lib/des/des.1 b/lib/des/des.1 index 734119906..2a0b02dd7 100644 --- a/lib/des/des.1 +++ b/lib/des/des.1 @@ -1,4 +1,4 @@ -.TH DES 1 +.TH DES 1 .SH NAME des - encrypt or decrypt data using Data Encryption Standard .SH SYNOPSIS @@ -134,7 +134,7 @@ Does nothing - allowed for compatibility with sunOS des(1) command. Does nothing - allowed for compatibility with sunOS des(1) command. .TP .B "\-k \fIkey\fP" -Use the encryption +Use the encryption .I key specified. .TP diff --git a/lib/kafs/kafs.3 b/lib/kafs/kafs.3 index e147116c2..005751b33 100644 --- a/lib/kafs/kafs.3 +++ b/lib/kafs/kafs.3 @@ -49,26 +49,26 @@ obtains new tokens (and possibly tickets) for the specified .Fa cell and .Fa realm . -If +If .Fa cell -is +is .Dv NULL , -the local cell is used. If -.Fa realm +the local cell is used. If +.Fa realm is .Dv NULL , the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass -.Dv NULL . -.Fn krb_afslog +.Dv NULL . +.Fn krb_afslog will use the real user-id for the .Dv ViceId -field in the token, +field in the token, .Fn krb_afslog_uid will use .Fa uid . .Pp .\" .Fn krb5_afslog , -.\" and +.\" and .\" .Fn krb5_afslog_uid .\" are the Kerberos 5 equivalents of .\" .Fn krb_afslog , @@ -83,15 +83,15 @@ will use .\" function will be used. .\" .Pp .Fn k_afs_cell_of_file -will in +will in .Fa cell return the cell of a specified file, no more than .Fa len -characters is put in +characters is put in .Fa cell . .Pp .Fn k_pioctl -does a +does a .Fn pioctl syscall with the specified arguments. This function is equivalent to .Fn lpioctl . @@ -121,14 +121,14 @@ and .Fn krb_afslog_uid returns 0 on success, or a kerberos error number on failure. .Fn k_afs_cell_of_file , -.Fn k_pioctl , +.Fn k_pioctl , .Fn k_setpag , and .Fn k_unlog all return the value of the underlaying system call, 0 on success. .Sh EXAMPLES The following code from -.Nm login +.Nm login will obtain a new PAG and tokens for the local cell and the cell of the users home directory. .Bd -literal @@ -141,7 +141,7 @@ if (k_hasafs()) { } .Ed .Sh ERRORS -If any of these functions (apart from +If any of these functions (apart from .Fn k_hasafs ) is called without AFS beeing present in the kernel, the process will usually (depending on the operating system) receive a SIGSYS signal. diff --git a/lib/krb5/kerberos.8 b/lib/krb5/kerberos.8 index c1cd5cbd9..b2df11dde 100644 --- a/lib/krb5/kerberos.8 +++ b/lib/krb5/kerberos.8 @@ -9,14 +9,14 @@ .Sh DESCRIPTION Kerberos is a network authentication system. Its purpose is to securely authenticate users and services in an insecure network -environment. +environment. .Pp This is done with a Kerberos server acting as a trusted third party, keeping a database with secret keys for all users and services (collectively called .Em principals ) . .Pp -Each principal belongs to exactly one +Each principal belongs to exactly one .Em realm , which is the administrative domain in Kerberos. A realm usually corresponds to an organisation, and the realm should normally be @@ -25,14 +25,14 @@ or more Kerberos servers. .Pp The authentication process involves exchange of .Sq tickets -and -.Sq authenticators +and +.Sq authenticators which together prove the principal's identity. .Pp When you login to the Kerberos system, either through the normal system login or with the .Xr kinit 1 -program, you acquire a +program, you acquire a .Em ticket granting ticket which allows you to get new tickets for other services, such as .Ic telnet diff --git a/lib/krb5/krb5.conf.5 b/lib/krb5/krb5.conf.5 index 622be5aa4..b4ca4b411 100644 --- a/lib/krb5/krb5.conf.5 +++ b/lib/krb5/krb5.conf.5 @@ -7,7 +7,7 @@ .Nm /etc/krb5.conf .Nd configuration file for Kerberos 5 .Sh DESCRIPTION -The +The .Nm file specifies several configuration parameters for the Kerberos 5 library, as well as for some programs. @@ -78,7 +78,7 @@ Default renewable ticket lifetime. .It Li [libdefaults] .Bl -tag -width "xxx" -offset indent .It Li default_realm = Va REALM -Default realm to use, this is also known as your +Default realm to use, this is also known as your .Dq local realm . The default is the result of .Fn krb5_get_host_realm "local hostname" . @@ -89,7 +89,7 @@ times. Default is 300 seconds (five minutes). Maximum time to wait for a reply from the kdc, default is 3 seconds. .It v4_name_convert .It v4_instance_resolve -These are decribed in the +These are decribed in the .Xr krb5_425_conv_principal 3 manual page. .It Li capath = { @@ -263,12 +263,12 @@ verify the addresses in the tickets used in tgs requests. .\" XXX .It allow-null-ticket-addresses = Va BOOL allow addresses-less tickets. -.\" XXX +.\" XXX .It allow-anonymous = Va BOOL if the kdc is allowed to hand out anonymous tickets. .It encode_as_rep_as_tgs_rep = Va BOOL encode as-rep as tgs-rep tobe compatible with mistakes older DCE secd did. -.\" XXX +.\" XXX .It kdc_warn_pwexpire = Va TIME the time before expiration that the user should be warned that her password is about to expire. @@ -292,7 +292,7 @@ if .Ar etype is omitted it means everything, and if string is omitted is means the default string (for that principal). Additional special values of keyttypes are: .Bl -tag -width "xxx" -offset indent -.It v5 +.It v5 The kerberos 5 salt .Va pw-salt .It v4 diff --git a/lib/krb5/krb5_425_conv_principal.3 b/lib/krb5/krb5_425_conv_principal.3 index 33201f5e8..a8c48b339 100644 --- a/lib/krb5/krb5_425_conv_principal.3 +++ b/lib/krb5/krb5_425_conv_principal.3 @@ -42,11 +42,11 @@ is non-NULL, it will be called for each candidate principal. .Fa func should return true if the principal was .Dq good . -To accomplish this, -.Fn krb5_425_conv_principal_ext +To accomplish this, +.Fn krb5_425_conv_principal_ext will look up the name in .Pa krb5.conf . -It first looks in the +It first looks in the .Li v4_name_convert/host subsection, which should contain a list of version 4 names whose instance should be treated as a hostname. This list can be specified @@ -57,7 +57,7 @@ section), or in the section. If the name is found the resulting name of the principal will be the value of this binding. The instance is then first looked up in -.Li v4_instance_convert +.Li v4_instance_convert for the specified realm. If found the resulting value will be used as instance (this can be used for special cases), no further attempts will be made to find a conversion if this fails (with @@ -74,7 +74,7 @@ specific realm. .Pp On the other hand, if the name is not found in a .Li host -section, it is looked up in a +section, it is looked up in a .Li v4_name_convert/plain binding. If found here the name will be converted, but the instance will be untouched. @@ -99,9 +99,9 @@ config file, so you can override these defaults. .Fn krb5_425_conv_principal will call .Fn krb5_425_conv_principal_ext -with +with .Dv NULL -as +as .Fa func , and the value of .Li v4_instance_resolve @@ -111,24 +111,24 @@ section) as .Fa resolve . .Pp .Fn krb5_524_conv_principal -basically does the opposite of +basically does the opposite of .Fn krb5_425_conv_principal , it just doesn't have to look up any names, but will instead truncate instances found to belong to a host principal. The -.Fa name , -.Fa instance , -and +.Fa name , +.Fa instance , +and .Fa realm should be at least 40 characters long. .Sh EXAMPLES Since this is confusing an example is in place. .Pp -Assume that we have the -.Dq foo.com , -and -.Dq bar.com -domains that have shared a single version 4 realm, FOO.COM. The version 4 -.Pa krb.realms +Assume that we have the +.Dq foo.com , +and +.Dq bar.com +domains that have shared a single version 4 realm, FOO.COM. The version 4 +.Pa krb.realms file looked like: .Bd -literal -offset indent foo.com FOO.COM @@ -167,19 +167,19 @@ ftp.other \(-> ftp/other.foo.com other.a-host \(-> other/a-host .Ed .Pp -The first three are what you expect. If you remove the +The first three are what you expect. If you remove the .Dq v4_domains , the fourth entry will result in an error (since the host .Dq other -can't be found). Even if -.Dq a-host +can't be found). Even if +.Dq a-host is a valid host name, the last entry will not be converted, since the .Dq other name is not known to represent a host-type principal. If you turn off .Dq v4_instance_resolve the second example will result in -.Dq ftp/b-host.foo.com +.Dq ftp/b-host.foo.com (because of the default domain). And all of this is of course only valid if you have working name resolving. .Sh SEE ALSO diff --git a/lib/krb5/krb5_appdefault.3 b/lib/krb5/krb5_appdefault.3 index 962fa892b..db7e3804b 100644 --- a/lib/krb5/krb5_appdefault.3 +++ b/lib/krb5/krb5_appdefault.3 @@ -17,14 +17,14 @@ .Ft void .Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val" .Sh DESCRIPTION -These functions get application application defaults from the +These functions get application application defaults from the .Dv appdefaults section of the -.Xr krb5.conf 5 +.Xr krb5.conf 5 configuration file. These defaults can be specified per application, and/or per realm. .Pp -These values will be looked for in +These values will be looked for in .Xr krb5.conf 5 , in order of descending importance. .Bd -literal -offset indent @@ -46,7 +46,7 @@ in order of descending importance. is the name of the application, and .Fa realm is the realm name. If the realm is omitted it will not be used for -resolving values. +resolving values. .Fa def_val is the value to return if no value is found in .Xr krb5.conf 5 . diff --git a/lib/krb5/krb5_auth_context.3 b/lib/krb5/krb5_auth_context.3 index b14b8d4de..745508def 100644 --- a/lib/krb5/krb5_auth_context.3 +++ b/lib/krb5/krb5_auth_context.3 @@ -119,9 +119,9 @@ The .Nm krb5_auth_context structure holds all context related to an authenticated connection, in -a similar way to +a similar way to .Nm krb5_context -that holds the context for the thread or process. +that holds the context for the thread or process. .Nm krb5_auth_context is used by various functions that are directly related to authentication between the server/client. Example of data that this @@ -138,18 +138,18 @@ and .Fn krb5_auth_con_setflags . The .Nm auth_context -structure must be freed by +structure must be freed by .Fn krb5_auth_con_free . .Pp .Fn krb5_auth_con_getflags and .Fn krb5_auth_con_setflags -gets and modifies the flags for a +gets and modifies the flags for a .Nm krb5_auth_context structure. Possible flags to set are: .Bl -tag -width Ds .It Dv KRB5_AUTH_CONTEXT_DO_TIME -check timestamp on incoming packets. +check timestamp on incoming packets. .\".It Dv KRB5_AUTH_CONTEXT_RET_TIME .It Dv KRB5_AUTH_CONTEXT_DO_SEQUENCE Generate and check sequence-number on each packet. @@ -186,7 +186,7 @@ fetches the addresses from a file descriptor. .Pp .Fn krb5_auth_con_genaddrs fetches the address information from the given file descriptor -.Fa fd +.Fa fd depending on the bitmap argument .Fa flags . .Pp @@ -219,7 +219,7 @@ and thus no special handling is needed. is not a valid keyblock to .Fn krb5_auth_con_setkey . .Pp -.Fn krb5_auth_con_setuserkey +.Fn krb5_auth_con_setuserkey is only useful when doing user to user authentication. .Fn krb5_auth_con_setkey is equivalent to @@ -230,7 +230,7 @@ is equivalent to .Fn krb5_auth_con_getremotesubkey and .Fn krb5_auth_con_setremotesubkey -gets and sets the keyblock for the local and remote subkey. The keyblock returned by +gets and sets the keyblock for the local and remote subkey. The keyblock returned by .Fn krb5_auth_con_getlocalsubkey and .Fn krb5_auth_con_getremotesubkey @@ -259,7 +259,7 @@ gets and gets the keytype of the keyblock in .Pp .Fn krb5_auth_getauthenticator Retrieves the authenticator that was used during mutual -authentication. The +authentication. The .Dv authenticator returned should be freed by calling .Fn krb5_free_authenticator . @@ -275,7 +275,7 @@ allocates memory for and zeros the initial vector in the keyblock. .Pp .Fn krb5_auth_con_setivector -sets the i_vector portion of +sets the i_vector portion of .Fa auth_context to .Fa ivector . diff --git a/lib/krb5/krb5_build_principal.3 b/lib/krb5/krb5_build_principal.3 index ebc6a05ac..6cd7c3499 100644 --- a/lib/krb5/krb5_build_principal.3 +++ b/lib/krb5/krb5_build_principal.3 @@ -25,7 +25,7 @@ .Sh DESCRIPTION These functions create a Kerberos 5 principal from a realm and a list of components. -All of these functions return an allocated principal in the +All of these functions return an allocated principal in the .Fa principal parameter, this should be freed with .Fn krb5_free_principal @@ -36,22 +36,22 @@ The functions take a .Fa realm and the length of the realm. The -.Fn krb5_build_principal +.Fn krb5_build_principal and .Fn krb5_build_principal_va also takes a list of components (zero-terminated strings), terminated with .Dv NULL . The -.Fn krb5_build_principal_ext -and -.Fn krb5_build_principal_va_ext +.Fn krb5_build_principal_ext +and +.Fn krb5_build_principal_va_ext takes a list of length-value pairs, the list is terminated with a zero length. .Pp -The +The .Fn krb5_make_principal -is a wrapper around +is a wrapper around .Fn krb5_build_principal . If the realm is .Dv NULL , diff --git a/lib/krb5/krb5_config.3 b/lib/krb5/krb5_config.3 index a27ee6e63..4e0907d0e 100644 --- a/lib/krb5/krb5_config.3 +++ b/lib/krb5/krb5_config.3 @@ -20,8 +20,8 @@ .Ft int .Fn krb5_config_get_time_default "krb5_context context" "krb5_config_section *c" "int def_value" "..." .Sh DESCRIPTION -These functions get values from the -.Xr krb5.conf 5 +These functions get values from the +.Xr krb5.conf 5 configuration file, or another configuration database specified by the .Fa c parameter. @@ -39,11 +39,11 @@ option, defaulting to .Pp .Fn krb5_config_get_bool_default will convert the option value to a boolean value, where -.Sq yes , +.Sq yes , .Sq true , and any non-zero number means .Dv TRUE , -and any other value +and any other value .Dv FALSE . .Pp .Fn krb5_config_get_int_default diff --git a/lib/krb5/krb5_create_checksum.3 b/lib/krb5/krb5_create_checksum.3 index 56a8cf6d7..6a6c455bb 100644 --- a/lib/krb5/krb5_create_checksum.3 +++ b/lib/krb5/krb5_create_checksum.3 @@ -4,10 +4,10 @@ .Dt NAME 3 .Os HEIMDAL .Sh NAME -.Nm krb5_checksum_is_collision_proof , -.Nm krb5_checksum_is_keyed , -.Nm krb5_checksumsize , -.Nm krb5_create_checksum , +.Nm krb5_checksum_is_collision_proof , +.Nm krb5_checksum_is_keyed , +.Nm krb5_checksumsize , +.Nm krb5_create_checksum , .Nm krb5_verify_checksum .Nd creates and verifies checksums .Sh SYNOPSIS @@ -22,15 +22,15 @@ .Fn krb5_checksum_is_keyed "krb5_context context" "krb5_cksumtype type" .Sh DESCRIPTION These functions are used to create and verify checksums. -.Fn krb5_create_checksum +.Fn krb5_create_checksum creates a checksum of the specified data, and puts it in .Fa result . If .Fa crypto -is +is .Dv NULL , -.Fa usage_or_type -specifies the checksum type to use; it must not be keyed. Otherwise +.Fa usage_or_type +specifies the checksum type to use; it must not be keyed. Otherwise .Fa crypto is an encryption context created by .Fn krb5_crypto_init , @@ -41,7 +41,7 @@ specifies a key-usage. .Fn krb5_verify_checksum verifies the .Fa checksum , -against the provided data. +against the provided data. .Pp .Fn krb5_checksum_is_collision_proof returns true is the specified checksum is collision proof (that it's @@ -52,7 +52,7 @@ collision proof checksums are MD5, and SHA1, while CRC32 is not. .Fn krb5_checksum_is_keyed returns true if the specified checksum type is keyed (that the hash value is a function of both the data, and a separate key). Examples of -keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The +keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The .Dq plain hash functions MD5, and SHA1 are not keyed. .\" .Sh EXAMPLE diff --git a/lib/krb5/krb5_crypto_init.3 b/lib/krb5/krb5_crypto_init.3 index 407dfb24e..4f079451d 100644 --- a/lib/krb5/krb5_crypto_init.3 +++ b/lib/krb5/krb5_crypto_init.3 @@ -4,7 +4,7 @@ .Dt NAME 3 .Os HEIMDAL .Sh NAME -.Nm krb5_crypto_init , +.Nm krb5_crypto_init , .Nm krb5_crypto_destroy .Nd initialize encryption context .Sh SYNOPSIS diff --git a/lib/krb5/krb5_encrypt.3 b/lib/krb5/krb5_encrypt.3 index 1ccb0c514..96c768848 100644 --- a/lib/krb5/krb5_encrypt.3 +++ b/lib/krb5/krb5_encrypt.3 @@ -4,9 +4,9 @@ .Dt KRB5_ENCRYPT 3 .Os HEIMDAL .Sh NAME -.Nm krb5_decrypt , -.Nm krb5_decrypt_EncryptedData , -.Nm krb5_encrypt , +.Nm krb5_decrypt , +.Nm krb5_decrypt_EncryptedData , +.Nm krb5_encrypt , .Nm krb5_encrypt_EncryptedData .Nd encrypt and decrypt data .Sh SYNOPSIS @@ -23,23 +23,23 @@ These functions are used to encrypt and decrypt data. .Pp .Fn krb5_encrypt -puts the encrypted version of +puts the encrypted version of .Fa data (of size .Fa len ) in .Fa result . -If the encryption type supports using derived keys, +If the encryption type supports using derived keys, .Fa usage should be the appropriate key-usage. .Fn krb5_encrypt_EncryptedData does the same as .Fn krb5_encrypt , but it puts the encrypted data in a -.Fa EncryptedData -structure instead. If -.Fa kvno -is not zero, it will be put in the +.Fa EncryptedData +structure instead. If +.Fa kvno +is not zero, it will be put in the .Fa kvno field in the .Fa EncryptedData . .Pp diff --git a/lib/krb5/krb5_free_addresses.3 b/lib/krb5/krb5_free_addresses.3 index ea5e3075d..1c8ae1267 100644 --- a/lib/krb5/krb5_free_addresses.3 +++ b/lib/krb5/krb5_free_addresses.3 @@ -11,10 +11,10 @@ .Ft void .Fn krb5_free_addresses "krb5_context context" "krb5_addresses *addresses" .Sh DESCRIPTION -The +The .Fn krb5_free_addresses will free a list of addresses that has been created with .Fn krb5_get_all_client_addrs -or with some other function. +or with some other function. .Sh SEE ALSO .Xr krb5_get_all_client_addrs 3 diff --git a/lib/krb5/krb5_free_principal.3 b/lib/krb5/krb5_free_principal.3 index 7ae261bcc..8d042a901 100644 --- a/lib/krb5/krb5_free_principal.3 +++ b/lib/krb5/krb5_free_principal.3 @@ -11,12 +11,12 @@ .Ft void .Fn krb5_free_principal "krb5_context context" "krb5_principal principal" .Sh DESCRIPTION -The +The .Fn krb5_free_principal will free a principal that has been created with .Fn krb5_build_principal , .Fn krb5_parse_name , -or with some other function. +or with some other function. .Sh SEE ALSO .Xr krb5_425_conv_principal 3 , .Xr krb5_build_principal 3 , diff --git a/lib/krb5/krb5_get_all_client_addrs.3 b/lib/krb5/krb5_get_all_client_addrs.3 index f438fd1ab..47c61bc9e 100644 --- a/lib/krb5/krb5_get_all_client_addrs.3 +++ b/lib/krb5/krb5_get_all_client_addrs.3 @@ -8,11 +8,11 @@ .Sh SYNOPSIS .Fd #include .Ft "krb5_error_code" -.Fn krb5_get_all_client_addrs "krb5_context context" "krb5_addresses *addrs" +.Fn krb5_get_all_client_addrs "krb5_context context" "krb5_addresses *addrs" .Ft "krb5_error_code" -.Fn krb5_get_all_server_addrs "krb5_context context" "krb5_addresses *addrs" +.Fn krb5_get_all_server_addrs "krb5_context context" "krb5_addresses *addrs" .Sh DESCRIPTION -These functions return in +These functions return in .Fa addrs a list of addresses associated with the local host. @@ -24,15 +24,15 @@ to create sockets to listen to. The client version will also scan local interfaces (can be turned off by setting .Li libdefaults/scan_interfaces -to false in -.Pa krb5.conf ) , +to false in +.Pa krb5.conf ) , but will not include loop-back addresses, unless there are no other addresses found. It will remove all addresses included in .Li libdefaults/ignore_addresses but will unconditionally include addresses in .Li libdefaults/extra_addresses . .Pp -The returned addresses should be freed by calling +The returned addresses should be freed by calling .Fn krb5_free_addresses . .\".Sh EXAMPLE .Sh SEE ALSO diff --git a/lib/krb5/krb5_get_krbhst.3 b/lib/krb5/krb5_get_krbhst.3 index d5c21736d..bc3c1f77e 100644 --- a/lib/krb5/krb5_get_krbhst.3 +++ b/lib/krb5/krb5_get_krbhst.3 @@ -26,21 +26,21 @@ .Sh DESCRIPTION These functions implement the old API to get a list of Kerberos hosts, and are thus similar to the -.Fn krb5_krbhst_init -functions. However, since these functions returns +.Fn krb5_krbhst_init +functions. However, since these functions returns .Em all hosts in one go, they potentially have to do more lookups than necessary. These functions remain for compatibility reasons. .Pp After a call to one of these functions, -.Fa hostlist +.Fa hostlist is a .Dv NULL terminated list of strings, pointing to the requested Kerberos hosts. These should be freed with -.Fn krb5_free_krbhst +.Fn krb5_free_krbhst when done with. .Sh EXAMPLE -The following code will print the KDCs of the realm +The following code will print the KDCs of the realm .Dq MY.REALM . .Bd -literal -offset indent char **hosts, **p; diff --git a/lib/krb5/krb5_keytab.3 b/lib/krb5/krb5_keytab.3 index 4d493dda9..49497ec37 100644 --- a/lib/krb5/krb5_keytab.3 +++ b/lib/krb5/krb5_keytab.3 @@ -142,7 +142,7 @@ the default keytab is used. The current default type is .Nm file . The default value can be changed in the configuration file .Pa /etc/krb5.conf -by setting the variable +by setting the variable .Li [defaults]default_keytab_name . .Pp The keytab types that are implemented in Heimdal @@ -154,7 +154,7 @@ store the keytab in a file, the type's name is The residual part is a filename. .It Nm keyfile store the keytab in a -.Li AFS +.Li AFS keyfile (usually .Pa /usr/afs/etc/KeyFile ) , the type's name is @@ -182,7 +182,7 @@ key-type, key, key-version number, etc. .Nm krb5_kt_cursor holds the current position that is used when iterating through a keytab entry with -.Fn krb5_kt_start_seq_get , +.Fn krb5_kt_start_seq_get , .Fn krb5_kt_next_entry , and .Fn krb5_kt_end_seq_get . @@ -195,19 +195,19 @@ implementation. .Fn krb5_kt_resolve is the equvalent of an .Xr open 2 -on keytab. Resolve the keytab name in +on keytab. Resolve the keytab name in .Fa name -into a keytab in +into a keytab in .Fa id . Returns 0 or an error. The opposite of -.Fn krb5_kt_resolve -is +.Fn krb5_kt_resolve +is .Fn krb5_kt_close . .Fn krb5_kt_close frees all resources allocated to the keytab. .Pp .Fn krb5_kt_default -sets the argument +sets the argument .Fa id to the default keytab. Returns 0 or an error. @@ -215,27 +215,27 @@ Returns 0 or an error. .Fn krb5_kt_default_name copy the name of the default keytab into .Fa name . -Return 0 or KRB5_CONFIG_NOTENUFSPACE if +Return 0 or KRB5_CONFIG_NOTENUFSPACE if .Fa namesize is too short. .Pp .Fn krb5_kt_add_entry Add a new .Fa entry -to the keytab +to the keytab .Fa id . .Li KRB5_KT_NOWRITE is returned if the keytab is a readonly keytab. .Pp .Fn krb5_kt_compare -compares the passed in +compares the passed in .Fa entry against .Fa principal , .Fa vno , and .Fa enctype . -Any of +Any of .Fa principal , .Fa vno or @@ -244,52 +244,52 @@ might be 0 which acts as a wildcard. Return TRUE if they compare the same, FALSE otherwise. .Pp .Fn krb5_kt_copy_entry_contents -copies the contents of +copies the contents of .Fa in -into +into .Fa out . Returns 0 or an error. .Pp .Fn krb5_kt_get_name -retrieves the name of the keytab +retrieves the name of the keytab .Fa keytab -into +into .Fa name , .Fa namesize . Returns 0 or an error. .Pp .Fn krb5_kt_free_entry -frees the contents of +frees the contents of .Fa entry . .Pp .Fn krb5_kt_start_seq_get sets .Fa cursor -to point at the beginning of +to point at the beginning of .Fa id . Returns 0 or an error. .Pp .Fn krb5_kt_next_entry -gets the next entry from +gets the next entry from .Fa id -pointed to by +pointed to by .Fa cursor and advance the .Fa cursor . Returns 0 or an error. .Pp .Fn krb5_kt_end_seq_get -releases all resources associated with +releases all resources associated with .Fa cursor . .Pp .Fn krb5_kt_get_entry -retrieves the keytab entry for +retrieves the keytab entry for .Fa principal , -.Fa kvno, +.Fa kvno, .Fa enctype -into +into .Fa entry -from the keytab +from the keytab .Fa id . Returns 0 or an error. .Pp @@ -298,16 +298,16 @@ reads the key identified by .Ns ( Fa principal , .Fa vno , .Fa enctype ) -from the keytab in +from the keytab in .Fa keyprocarg -(the default if == NULL) into +(the default if == NULL) into .Fa *key . Returns 0 or an error. .Pp .Fn krb5_kt_remove_entry -removes the entry +removes the entry .Fa entry -from the keytab +from the keytab .Fa id . Returns 0 or an error. .Pp @@ -332,14 +332,14 @@ main (int argc, char **argv) if (krb5_init_context (&context) != 0) errx(1, "krb5_context"); - + ret = krb5_kt_default (context, &keytab); if (ret) krb5_err(context, 1, ret, "krb5_kt_default"); ret = krb5_kt_start_seq_get(context, keytab, &cursor); if (ret) - krb5_err(context, 1, ret, "krb5_kt_start_seq_get"); + krb5_err(context, 1, ret, "krb5_kt_start_seq_get"); while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ krb5_unparse_name_short(context, entry.principal, &principal); printf("principal: %s\\n", principal); @@ -348,7 +348,7 @@ main (int argc, char **argv) } ret = krb5_kt_end_seq_get(context, keytab, &cursor); if (ret) - krb5_err(context, 1, ret, "krb5_kt_end_seq_get"); + krb5_err(context, 1, ret, "krb5_kt_end_seq_get"); krb5_free_context(context); return 0; } diff --git a/lib/krb5/krb5_krbhst_init.3 b/lib/krb5/krb5_krbhst_init.3 index bf13ea496..d8115f4ce 100644 --- a/lib/krb5/krb5_krbhst_init.3 +++ b/lib/krb5/krb5_krbhst_init.3 @@ -36,10 +36,10 @@ administrative servers, the password changing servers, or the servers for Kerberos 4 ticket conversion. .Pp First a handle to a particular service is obtained by calling -.Fn krb5_krbhst_init -with the +.Fn krb5_krbhst_init +with the .Fa realm -of interest and the type of service to lookup. The +of interest and the type of service to lookup. The .Fa type can be one of: .Pp @@ -55,7 +55,7 @@ The is returned to the caller, and should be passed to the other functions. .Pp -For each call to +For each call to .Fn krb5_krbhst_next information a new host is returned. The former function returns in .Fa host @@ -73,7 +73,7 @@ typedef struct krb5_krbhst_info { } krb5_krbhst_info; .Ed .Pp -The related function, +The related function, .Fn krb5_krbhst_next_as_string , return the same information as a url-like string. .Pp @@ -82,11 +82,11 @@ When there are no more hosts, these functions return .Pp To re-iterate over all hosts, call .Fn krb5_krbhst_reset -and the next call to +and the next call to .Fn krb5_krbhst_next will return the first host. .Pp -When done with the handle, +When done with the handle, .Fn krb5_krbhst_free should be called. .Pp @@ -101,13 +101,13 @@ that will return a .Va struct addrinfo that can then be used for communicating with the server mentioned. .Sh EXAMPLE -The following code will print the KDCs of the realm +The following code will print the KDCs of the realm .Dq MY.REALM . .Bd -literal -offset indent krb5_krbhst_handle handle; char host[MAXHOSTNAMELEN]; krb5_krbhst_init(context, "MY.REALM", KRB5_KRBHST_KDC, &handle); -while(krb5_krbhst_next_as_string(context, handle, +while(krb5_krbhst_next_as_string(context, handle, host, sizeof(host)) == 0) printf("%s\\n", host); krb5_krbhst_free(context, handle); diff --git a/lib/krb5/krb5_openlog.3 b/lib/krb5/krb5_openlog.3 index 0e2fb0082..a07b2e4a4 100644 --- a/lib/krb5/krb5_openlog.3 +++ b/lib/krb5/krb5_openlog.3 @@ -12,14 +12,14 @@ .Nm krb5_log , .Nm krb5_vlog , .Nm krb5_log_msg , -.Nm krb5_vlog_msg +.Nm krb5_vlog_msg .Nd Heimdal logging functions .Sh SYNOPSIS .Fd #include .Ft "typedef void" -.Fn "\*(lp*krb5_log_log_func_t\*(rp" "const char *time" "const char *message" "void *data" +.Fn "\*(lp*krb5_log_log_func_t\*(rp" "const char *time" "const char *message" "void *data" .Ft "typedef void" -.Fn "\*(lp*krb5_log_close_func_t\*(rp" "void *data" +.Fn "\*(lp*krb5_log_close_func_t\*(rp" "void *data" .Ft krb5_error_code .Fn krb5_addlog_dest "krb5_context context" "krb5_log_facility *facility" "const char *destination" .Ft krb5_error_code @@ -43,7 +43,7 @@ These functions logs messages to one or more destinations. .Pp The .Fn krb5_openlog -function creates a logging +function creates a logging .Fa facility , that is used to log messages. A facility consists of one or more destinations (which can be files or syslog or some other device). The @@ -59,7 +59,7 @@ configuration file. If no entry is found for the entry for .Li default is used, or if that is missing too, -.Li SYSLOG +.Li SYSLOG will be used as destination. .Pp To close a logging facility, use the @@ -72,7 +72,7 @@ To log a message to a facility use one of the functions .Fn krb5_vlog , or .Fn krb5_vlog_msg . -The functions ending in +The functions ending in .Li _msg return in .Fa reply @@ -81,45 +81,45 @@ and should be freed with .Fn free . The .Fa format -is a standard +is a standard .Fn printf style format string (but see the BUGS section). .Pp -If you want better control of where things gets logged, you can instead of using +If you want better control of where things gets logged, you can instead of using .Fn krb5_openlog -call +call .Fn krb5_initlog , which just initializes a facility, but doesn't define any actual logging destinations. You can then add destinations with the .Fn krb5_addlog_dest and -.Fn krb5_addlog_func +.Fn krb5_addlog_func functions. The first of these takes a string specifying a logging destination, and adds this to the facility. If you want to do some non-standard logging you can use the .Fn krb5_addlog_func function, which takes a function to use when logging. -The +The .Fa log function is called for each message with .Fa time being a string specifying the current time, and .Fa message -the message to log. +the message to log. .Fa close -is called when the facility is closed. You can pass application specific data in the -.Fa data +is called when the facility is closed. You can pass application specific data in the +.Fa data parameter. The .Fa min -and +and .Fa max parameter are the same as in a destination (defined below). To specify a max of infinity, pass -1. .Pp .Fn krb5_openlog -calls +calls .Fn krb5_initlog -and then calls +and then calls .Fn krb5_addlog_dest for each destination found. .Ss Destinations @@ -148,9 +148,9 @@ get the name for one of these, you take the name of the macro passed to .Xr syslog 3 , and remove the leading -.Li LOG_ +.Li LOG_ .No ( Li LOG_NOTICE -becomes +becomes .Li NOTICE ) . The default values (as well as the values used for unrecognised values), are @@ -182,8 +182,8 @@ specified value. If no range is specified, all messages gets logged. default = STDERR .Ed .Pp -This will log all messages from the -.Nm kdc +This will log all messages from the +.Nm kdc program with level 0 to .Pa /var/log/kdc.log , other messages will be logged to syslog with priority diff --git a/lib/krb5/krb5_parse_name.3 b/lib/krb5/krb5_parse_name.3 index 302fe1228..867f45989 100644 --- a/lib/krb5/krb5_parse_name.3 +++ b/lib/krb5/krb5_parse_name.3 @@ -15,12 +15,12 @@ converts a string representation of a princpal name to .Nm krb5_principal . The -.Fa principal +.Fa principal will point to allocated data that should be freed with .Fn krb5_free_principal . .Pp The string should consist of one or more name components separated with slashes -.Pq Dq / , +.Pq Dq / , optionally followed with an .Dq @ and a realm name. A slash or @ may be contained in a name component by diff --git a/lib/krb5/krb5_principal_get_realm.3 b/lib/krb5/krb5_principal_get_realm.3 index 8447801d2..d98d7b618 100644 --- a/lib/krb5/krb5_principal_get_realm.3 +++ b/lib/krb5/krb5_principal_get_realm.3 @@ -20,24 +20,24 @@ either the realm or a specific component. The returned string points to data inside the principal, so they are valid only as long as the principal exists. .Pp -The +The .Fa component argument to .Fn krb5_principal_get_comp_string is the component number to return, from zero to the total number of -components minus one. If a the requested component number is out of range, +components minus one. If a the requested component number is out of range, .Dv NULL is returned. .Pp -These functions can be seen as a replacement for the +These functions can be seen as a replacement for the .Fn krb5_princ_realm , .Fn krb5_princ_component and related macros, described as intermal in the MIT API specification. A difference is that these functions return strings, not .Dv krb5_data . -A reason to return -.Dv krb5_data +A reason to return +.Dv krb5_data was that it was believed that principal components could contain binary data, but this belief was unfounded, and it has been decided that principal components are infact UTF8, so it's safe to use zero diff --git a/lib/krb5/krb5_sname_to_principal.3 b/lib/krb5/krb5_sname_to_principal.3 index 38fed6d3d..2f4d6f4c0 100644 --- a/lib/krb5/krb5_sname_to_principal.3 +++ b/lib/krb5/krb5_sname_to_principal.3 @@ -14,30 +14,30 @@ .Ft krb5_error_code .Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal" .Sh DESCRIPTION -These functions create a +These functions create a .Dq service principal that can, for instance, be used to lookup a key in a keytab. For both these function the -.Fa sname -parameter will be used for the first component of the created principal. If +.Fa sname +parameter will be used for the first component of the created principal. If .Fa sname is .Dv NULL , .Dq host will be used instead. -.Fn krb5_sname_to_principal -will use the passed +.Fn krb5_sname_to_principal +will use the passed .Fa hostname -for the second component. If type +for the second component. If type .Dv KRB5_NT_SRV_HST this name will be looked up with .Fn gethostbyname . -If +If .Fa hostname is .Dv NULL , the local hostname will be used. .Pp -.Fn krb5_sock_to_principal -will use the +.Fn krb5_sock_to_principal +will use the .Dq sockname of the passed .Fa socket , diff --git a/lib/krb5/krb5_timeofday.3 b/lib/krb5/krb5_timeofday.3 index 3a744ec1b..9d377ccbd 100644 --- a/lib/krb5/krb5_timeofday.3 +++ b/lib/krb5/krb5_timeofday.3 @@ -8,9 +8,9 @@ .Sh SYNOPSIS .Fd #include .Ft "krb5_error_code" -.Fn krb5_timeofday "krb5_context context" "krb5_timestamp *timeret" +.Fn krb5_timeofday "krb5_context context" "krb5_timestamp *timeret" .Ft "krb5_error_code" -.Fn krb5_us_timeofday "krb5_context context" "int32_t *sec" "int32_t *usec" +.Fn krb5_us_timeofday "krb5_context context" "int32_t *sec" "int32_t *usec" .Sh DESCRIPTION .Fn krb5_timeofday returns the current time, but adjusted with the time difference diff --git a/lib/krb5/krb5_unparse_name.3 b/lib/krb5/krb5_unparse_name.3 index 4b13b9e51..3170c5782 100644 --- a/lib/krb5/krb5_unparse_name.3 +++ b/lib/krb5/krb5_unparse_name.3 @@ -18,7 +18,7 @@ This function takes a .Fa principal , and will convert in to a printable representation with the same syntax as decribed in .Xr krb5_parse_name 3 . -.Fa *name +.Fa *name will point to allocated data and should be freed by the caller. .Sh SEE ALSO .Xr krb5_425_conv_principal 3 , diff --git a/lib/krb5/krb5_verify_user.3 b/lib/krb5/krb5_verify_user.3 index b45fbebaa..58d8f987c 100644 --- a/lib/krb5/krb5_verify_user.3 +++ b/lib/krb5/krb5_verify_user.3 @@ -16,7 +16,7 @@ .Sh DESCRIPTION The .Nm krb5_verify_user -function verifies the password supplied by a user. +function verifies the password supplied by a user. The principal whose password will be verified is specified in .Fa principal . @@ -43,7 +43,7 @@ The function does the same, except that it ignores the realm in .Fa principal and tries all the local realms (see -.Xr krb5.conf 5 ) . +.Xr krb5.conf 5 ) . After a successful return, the principal is set to the authenticated realm. If the call fails, the principal will not be meaningful, and should only be freed with @@ -78,7 +78,7 @@ main(int argc, char **argv) error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL); if (error) krb5_err(context, 1, error, "krb5_verify_user"); - + return 0; } .Ed diff --git a/lib/krb5/krb5_warn.3 b/lib/krb5/krb5_warn.3 index 4ba29ee87..e2b94e7cb 100644 --- a/lib/krb5/krb5_warn.3 +++ b/lib/krb5/krb5_warn.3 @@ -40,7 +40,7 @@ These functions prints a warning message to some destination. is a printf style format specifying the message to print. The forms not ending in an .Dq x prints the error string associated with -.Fa code +.Fa code along with the message. The .Dq err @@ -50,7 +50,7 @@ after printing the message. .Pp The .Fn krb5_set_warn_func -function sets the destination for warning messages to the specified +function sets the destination for warning messages to the specified .Fa facility . Messages logged with the .Dq warn diff --git a/lib/krb5/verify_krb5_conf.8 b/lib/krb5/verify_krb5_conf.8 index c091b3aa4..27e45e997 100644 --- a/lib/krb5/verify_krb5_conf.8 +++ b/lib/krb5/verify_krb5_conf.8 @@ -17,11 +17,11 @@ or the file given on the command line, and parses it, thereby verifying that the syntax is not correctly wrong. .Pp If the file is syntactically correct, -.Nm +.Nm tries to verify that the contents of the file is of relevant nature. .Sh DIAGNOSTICS -Possible output from -.Nm +Possible output from +.Nm include: .Bl -tag -width "" .It ": failed to parse as size/time/number/boolean" @@ -36,7 +36,7 @@ recognised as one. .It : unknown or wrong type Means that is either is a string when it should be a list, vice versa, or just that -.Nm +.Nm is confused. .It : unknown entry Means that is not known by diff --git a/lib/roken/getarg.3 b/lib/roken/getarg.3 index e0b354626..59e25bd18 100644 --- a/lib/roken/getarg.3 +++ b/lib/roken/getarg.3 @@ -4,7 +4,7 @@ .Dt GETARG 3 .Os ROKEN .Sh NAME -.Nm getarg , +.Nm getarg , .Nm arg_printusage .Nd collect command line options .Sh SYNOPSIS @@ -15,12 +15,12 @@ .Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string" .Sh DESCRIPTION .Fn getarg -collects any command line options given to a program in an easily used way. -.Fn arg_printusage +collects any command line options given to a program in an easily used way. +.Fn arg_printusage pretty-prints the available options, with a short help text. .Pp .Fa args -is the option specification to use, and it's an array of +is the option specification to use, and it's an array of .Fa struct getargs elements. .Fa num_args @@ -43,7 +43,7 @@ and .Fa num_args as getarg; .Fa progname -is the name of the program (to be used in the help text), and +is the name of the program (to be used in the help text), and .Fa extra_string is a string to print after the actual options to indicate more arguments. The usefulness of this function is realised only be people @@ -57,10 +57,10 @@ struct has the following elements. struct getargs{ const char *long_name; char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, + enum { arg_integer, + arg_string, + arg_flag, + arg_negative_flag, arg_strings, arg_double, arg_collect @@ -72,14 +72,14 @@ struct getargs{ .Ed .Pp .Fa long_name -is the long name of the option, it can be +is the long name of the option, it can be .Dv NULL , if you don't want a long name. -.Fa short_name +.Fa short_name is the characted to use as short option, it can be zero. If the option has a value the .Fa value -field gets filled in with that value interpreted as specified by the +field gets filled in with that value interpreted as specified by the .Fa type field. .Fa help @@ -107,13 +107,13 @@ should point to a the argument is a flag, and .Fa value should point to a -.Fa int . +.Fa int . It gets filled in with either zero or one, depending on how the option is given, the normal case beeing one. Note that if the option isn't given, the value isn't altered, so it should be initialised to some useful default. .It Fa arg_negative_flag -this is the same as +this is the same as .Fa arg_flag but it reverses the meaning of the flag (a given short option clears the flag), and the synopsis of a long option is negated. @@ -121,7 +121,7 @@ the flag), and the synopsis of a long option is negated. the argument can be given multiple times, and the values are collected in an array; .Fa value -should be a pointer to a +should be a pointer to a .Fa struct getarg_strings structure, which holds a length and a string pointer. .It Fa arg_double @@ -132,7 +132,7 @@ should point to a .It Fa arg_collect allows more fine-grained control of the option parsing process. .Fa value -should be a pointer to a +should be a pointer to a .Fa getarg_collect_info structure: .Bd -literal @@ -151,7 +151,7 @@ typedef struct getarg_collect_info { .Pp With the .Fa func -member set to a function to call, and +member set to a function to call, and .Fa data to some application specific data. The parameters to the collect function are: .Bl -inset @@ -169,27 +169,27 @@ application specific data .Pp You can modify .Fa *optind , -and +and .Fa *optarg , but to do this correct you (more or less) have to know about the inner workings of getarg. -.Pp +.Pp You can skip parts of arguments by increasing .Fa *optarg (you could -implement the +implement the .Fl z Ns Ar 3 set of flags from .Nm gzip with this), or whole argument strings by increasing .Fa *optind -(let's say you want a flag +(let's say you want a flag .Fl c Ar x y z to specify a coordinate); if you also have to set .Fa *optarg to a sane value. .Pp -The collect function should return one of +The collect function should return one of .Dv ARG_ERR_NO_MATCH , ARG_ERR_BAD_ARG , ARG_ERR_NO_ARG on error, zero otherwise. .Pp @@ -201,7 +201,7 @@ arguments, sans data, that where given to the collection function. Don't use this more this unless you absolutely have to. .El .Pp -Option parsing is similar to what +Option parsing is similar to what .Xr getopt uses. Short options without arguments can be compressed .Pf ( Fl xyz @@ -217,18 +217,18 @@ or Long option names are prefixed with -- (double dash), and the value with a = (equal), .Fl -foo= Ns Ar bar . -Long option flags can either be specified as they are +Long option flags can either be specified as they are .Pf ( Fl -help ) , or with an (boolean parsable) option .Pf ( Fl -help= Ns Ar yes , .Fl -help= Ns Ar true , -or similar), or they can also be negated +or similar), or they can also be negated .Pf ( Fl -no-help -is the same as +is the same as .Fl -help= Ns no ) , and if you're really confused you can do it multiple times .Pf ( Fl -no-no-help= Ns Ar false , -or even +or even .Fl -no-no-help= Ns Ar maybe ) . .Sh EXAMPLE .Bd -literal @@ -243,13 +243,13 @@ int include_catalog = 1; int help_flag; struct getargs args[] = { - { "source", 's', arg_string, &source, + { "source", 's', arg_string, &source, "source of shippment", "city" }, - { "destination", 'd', arg_string, &destination, + { "destination", 'd', arg_string, &destination, "destination of shippment", "city" }, - { "weight", 'w', arg_integer, &weight, + { "weight", 'w', arg_integer, &weight, "weight of shippment", "tons" }, - { "catalog", 'c', arg_negative_flag, &include_catalog, + { "catalog", 'c', arg_negative_flag, &include_catalog, "include product catalog" }, { "help", 'h', arg_flag, &help_flag } }; @@ -285,7 +285,7 @@ main(int argc, char **argv) .Pp The output help output from this program looks like this: .Bd -literal -$ ship++ --help +$ ship++ --help Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff... -s city, --source=city source of shippment @@ -297,7 +297,7 @@ Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] It should be more flexible, so it would be possible to use other more complicated option syntaxes, such as what .Xr ps 1 , -and +and .Xr tar 1 , uses, or the AFS model where you can skip the flag names as long as the options come in the correct order.