doc: Apply more consistently markup for OpenSSL

OpenSSL was quoted in inconsistent ways in many places of the docs,
sometimes with ,  or just nothing.

Author: Daniel Gustafsson
Discussion: https://postgr.es/m/DA91E5F0-5F9D-41A7-A7A6-B91CDE0F1D63@yesql.se

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index c4ba49ffaf58a38d4684ed6e07424e884dde71a4..2c75876e3224ace931d0a5cd2a74c746272f2acc 100644 (file)
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1261,10 +1261,11 @@ include_dir 'conf.d'
           +3DES
           
            
-            The OpenSSL default order for HIGH is problematic
-            because it orders 3DES higher than AES128.  This is wrong because
-            3DES offers less security than AES128, and it is also much
-            slower.  +3DES reorders it after all other
+            The OpenSSL default order for
+            HIGH is problematic because it orders 3DES
+            higher than AES128.  This is wrong because 3DES offers less
+            security than AES128, and it is also much slower.
+            +3DES reorders it after all other
             HIGH and MEDIUM ciphers.
            
           
@@ -1284,8 +1285,8 @@ include_dir 'conf.d'
        
 
        
-        Available cipher suite details will vary across OpenSSL versions.  Use
-        the command
+        Available cipher suite details will vary across
+        OpenSSL versions.  Use the command
         openssl ciphers -v 'HIGH:MEDIUM:+3DES:!aNULL' to
         see actual details for the currently installed OpenSSL
         version.  Note that this list is filtered at run time based on the
@@ -1337,7 +1338,8 @@ include_dir 'conf.d'
        
 
        
-        OpenSSL names for the most common curves are:
+        OpenSSL names for the most common curves
+        are:
         prime256v1 (NIST P-256),
         secp384r1 (NIST P-384),
         secp521r1 (NIST P-521).

diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml
index 552303e21142173c3b0c83b2f4f4536921d5aaa8..b585f224085caf270910a522160dfd6b8a952c03 100644 (file)
--- a/doc/src/sgml/installation.sgml
+++ b/doc/src/sgml/installation.sgml
@@ -2293,7 +2293,7 @@ ERROR:  could not load library "/opt/dbs/pgsql/lib/plperl.so": Bad address
 
      
       
-       OpenSSL is not supported.
+       OpenSSL is not supported.
       
      
 

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index a397073526f4df7b30a19db7604e62ce3bec96f4..b50391caee051f390d601369b597e3190bc234e6 100644 (file)
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -812,7 +812,8 @@ int callback_fn(char *buf, int size, PGconn *conn);
        its path will be in conn->sslkey when the callback
        is invoked. This will be empty if the default key path is being used.
        For keys that are engine specifiers, it is up to engine implementations
-       whether they use the OpenSSL password callback or define their own handling.
+       whether they use the OpenSSL password
+       callback or define their own handling.
       
 
       
@@ -1672,13 +1673,15 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname
        
         Specifying this parameter with any non-empty value suppresses the
         Enter PEM pass phrase:
-        prompt that OpenSSL will emit by default when an encrypted client
-        certificate key is provided to libpq.
+        prompt that OpenSSL will emit by default
+        when an encrypted client certificate key is provided to
+        libpq.
        
        
-        If the key is not encrypted this parameter is ignored. The parameter has no
-        effect on keys specified by OpenSSL engines unless the engine uses the
-        OpenSSL password callback mechanism for prompts.
+        If the key is not encrypted this parameter is ignored. The parameter
+        has no effect on keys specified by OpenSSL
+        engines unless the engine uses the OpenSSL
+        password callback mechanism for prompts.
        
        
         There is no environment variable equivalent to this option, and no
@@ -2471,8 +2474,9 @@ void *PQsslStruct(const PGconn *conn, const char *struct_name);
       
       
        The struct(s) available depend on the SSL implementation in use.
-       For OpenSSL, there is one struct, available under the name "OpenSSL",
-       and it returns a pointer to the OpenSSL SSL struct.
+       For OpenSSL, there is one struct,
+       available under the name "OpenSSL", and it returns a pointer to the
+       OpenSSL SSL struct.
        To use this function, code along the following lines could be used:
 
 #include 
@@ -2516,8 +2520,9 @@ void *PQgetssl(const PGconn *conn);
       
        This function is equivalent to PQsslStruct(conn, "OpenSSL"). It should
        not be used in new applications, because the returned struct is
-       specific to OpenSSL and will not be available if another SSL
-       implementation is used. To check if a connection uses SSL, call
+       specific to OpenSSL and will not be
+       available if another SSL implementation is used.
+       To check if a connection uses SSL, call
         instead, and for more details about the
        connection, use .
       
@@ -7665,15 +7670,17 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
 
   
    The key may be
-   stored in cleartext or encrypted with a passphrase using any algorithm supported
-   by OpenSSL, like AES-128. If the key is stored encrypted, then the passphrase
-   may be provided in the  connection
-   option. If an encrypted key is supplied and the sslpassword
-   option is absent or blank, a password will be prompted for interactively by
-   OpenSSL with a Enter PEM pass phrase:
-   prompt if a TTY is available. Applications can override the client certificate
-   prompt and the handling of the sslpassword parameter by supplying
-   their own key password callback; see
+   stored in cleartext or encrypted with a passphrase using any algorithm
+   supported by OpenSSL, like AES-128. If the key
+   is stored encrypted, then the passphrase may be provided in the
+    connection option. If an
+   encrypted key is supplied and the sslpassword option
+   is absent or blank, a password will be prompted for interactively by
+   OpenSSL with a
+   Enter PEM pass phrase: prompt if a TTY is available.
+   Applications can override the client certificate prompt and the handling
+   of the sslpassword parameter by supplying their own
+   key password callback; see
    .
   
 
@@ -7936,7 +7943,7 @@ void PQinitOpenSSL(int do_ssl, int do_crypto);
 
       
        When do_ssl is non-zero, libpq
-       will initialize the <application>OpenSSL> library before first
+       will initialize the <productname>OpenSSL> library before first
        opening a database connection.  When do_crypto is
        non-zero, the libcrypto library will be initialized.  By
        default (if  is not called), both libraries
@@ -7945,7 +7952,7 @@ void PQinitOpenSSL(int do_ssl, int do_crypto);
       
 
       
-       If your application uses and initializes either <application>OpenSSL>
+       If your application uses and initializes either <productname>OpenSSL>
        or its underlying libcrypto library, you must
        call this function with zeroes for the appropriate parameter(s)
        before first opening a database connection.  Also be sure that you
@@ -7967,7 +7974,7 @@ void PQinitSSL(int do_ssl);
        This function is equivalent to
        PQinitOpenSSL(do_ssl, do_ssl).
        It is sufficient for applications that initialize both or neither
-       of <application>OpenSSL> and libcrypto.
+       of <productname>OpenSSL> and libcrypto.
       
 
       


diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml

index 6fd645aa70ad248af0f42f3c6aca830539cf42a9..8748c64e2da6dd87232252758f1608806d0ba3d7 100644 (file)

--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -45,8 +45,8 @@ digest(data bytea, type text) returns bytea
     sha224, sha256,
     sha384 and sha512.
     If pgcrypto was built with
-    OpenSSL, more algorithms are available, as detailed in
-    .
+    OpenSSL, more algorithms are available, as
+    detailed in .
    
 
    
@@ -1162,9 +1162,10 @@ gen_random_uuid() returns uuid
    
 
    
-    When compiled with OpenSSL, there will be more algorithms available.
-    Also public-key encryption functions will be faster as OpenSSL
-    has more optimized BIGNUM functions.
+    When compiled with OpenSSL, there will be
+    more algorithms available. Also public-key encryption functions will
+    be faster as OpenSSL has more optimized
+    BIGNUM functions.
    
 
    
@@ -1239,7 +1240,8 @@ gen_random_uuid() returns uuid
    
     
      
-      Any digest algorithm OpenSSL supports is automatically picked up.
+      Any digest algorithm OpenSSL supports
+      is automatically picked up.
       This is not possible with ciphers, which need to be supported
       explicitly.
      


diff --git a/doc/src/sgml/sslinfo.sgml b/doc/src/sgml/sslinfo.sgml

index 7d3fcb716707a3b967c1b72f6dad59b2c94df816..e16f61b41d72c34d62971e00c3a8f2c29656f67c 100644 (file)

--- a/doc/src/sgml/sslinfo.sgml
+++ b/doc/src/sgml/sslinfo.sgml
@@ -173,8 +173,8 @@
     
      This function returns the value of the specified field in the
      certificate subject, or NULL if the field is not present.
-     Field names are string constants that are
-     converted into ASN1 object identifiers using the OpenSSL object
+     Field names are string constants that are converted into ASN1 object
+     identifiers using the OpenSSL object
      database.  The following values are acceptable:
     
 

diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index 6fd645aa70ad248af0f42f3c6aca830539cf42a9..8748c64e2da6dd87232252758f1608806d0ba3d7 100644 (file)
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -45,8 +45,8 @@ digest(data bytea, type text) returns bytea
     sha224, sha256,
     sha384 and sha512.
     If pgcrypto was built with
-    OpenSSL, more algorithms are available, as detailed in
-    .
+    OpenSSL, more algorithms are available, as
+    detailed in .
    
 
    
@@ -1162,9 +1162,10 @@ gen_random_uuid() returns uuid
    
 
    
-    When compiled with OpenSSL, there will be more algorithms available.
-    Also public-key encryption functions will be faster as OpenSSL
-    has more optimized BIGNUM functions.
+    When compiled with OpenSSL, there will be
+    more algorithms available. Also public-key encryption functions will
+    be faster as OpenSSL has more optimized
+    BIGNUM functions.
    
 
    
@@ -1239,7 +1240,8 @@ gen_random_uuid() returns uuid
    
     
      
-      Any digest algorithm OpenSSL supports is automatically picked up.
+      Any digest algorithm OpenSSL supports
+      is automatically picked up.
       This is not possible with ciphers, which need to be supported
       explicitly.
      

diff --git a/doc/src/sgml/sslinfo.sgml b/doc/src/sgml/sslinfo.sgml
index 7d3fcb716707a3b967c1b72f6dad59b2c94df816..e16f61b41d72c34d62971e00c3a8f2c29656f67c 100644 (file)
--- a/doc/src/sgml/sslinfo.sgml
+++ b/doc/src/sgml/sslinfo.sgml
@@ -173,8 +173,8 @@
     
      This function returns the value of the specified field in the
      certificate subject, or NULL if the field is not present.
-     Field names are string constants that are
-     converted into ASN1 object identifiers using the OpenSSL object
+     Field names are string constants that are converted into ASN1 object
+     identifiers using the OpenSSL object
      database.  The following values are acceptable: