Browse Source

Fix issues reported by markdownlint

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11739)
Rich Salz 3 years ago
parent
commit
257e9d03b0
10 changed files with 518 additions and 592 deletions
  1. 0 1
      ACKNOWLEDGEMENTS.md
  2. 28 30
      AUTHORS.md
  3. 127 136
      CHANGES.md
  4. 3 1
      CONTRIBUTING.md
  5. 138 162
      INSTALL.md
  6. 144 150
      NEWS.md
  7. 24 34
      README.md
  8. 2 13
      SUPPORT.md
  9. 12 8
      fuzz/README.md
  10. 40 57
      test/README.ssltest.md

+ 0 - 1
ACKNOWLEDGEMENTS.md

@@ -3,6 +3,5 @@ Acknowlegements
 
 Please see our [Thanks!][] page for the current acknowledgements.
 
-
 [Thanks!]: https://www.openssl.org/community/thanks.html
 

+ 28 - 30
AUTHORS.md

@@ -7,40 +7,38 @@ since in some cases, their employer may be the copyright holder.
 To see the full list of contributors, see the revision history in
 source control.
 
-
 Groups
 ------
 
- *  OpenSSL Software Services, Inc.
- *  OpenSSL Software Foundation, Inc.
-
+ * OpenSSL Software Services, Inc.
+ * OpenSSL Software Foundation, Inc.
 
 Individuals
 -----------
 
- *  Andy Polyakov
- *  Ben Laurie
- *  Ben Kaduk
- *  Bernd Edlinger
- *  Bodo Möller
- *  David Benjamin
- *  Emilia Käsper
- *  Eric Young
- *  Geoff Thorpe
- *  Holger Reif
- *  Kurt Roeckx
- *  Lutz Jänicke
- *  Mark J. Cox
- *  Matt Caswell
- *  Matthias St. Pierre
- *  Nils Larsch
- *  Paul Dale
- *  Paul C. Sutton
- *  Ralf S. Engelschall
- *  Rich Salz
- *  Richard Levitte
- *  Stephen Henson
- *  Steve Marquess
- *  Tim Hudson
- *  Ulf Möller
- *  Viktor Dukhovni
+ * Andy Polyakov
+ * Ben Laurie
+ * Ben Kaduk
+ * Bernd Edlinger
+ * Bodo Möller
+ * David Benjamin
+ * Emilia Käsper
+ * Eric Young
+ * Geoff Thorpe
+ * Holger Reif
+ * Kurt Roeckx
+ * Lutz Jänicke
+ * Mark J. Cox
+ * Matt Caswell
+ * Matthias St. Pierre
+ * Nils Larsch
+ * Paul Dale
+ * Paul C. Sutton
+ * Ralf S. Engelschall
+ * Rich Salz
+ * Richard Levitte
+ * Stephen Henson
+ * Steve Marquess
+ * Tim Hudson
+ * Ulf Möller
+ * Viktor Dukhovni

File diff suppressed because it is too large
+ 127 - 136
CHANGES.md


+ 3 - 1
CONTRIBUTING.md

@@ -5,7 +5,6 @@ Please visit our [Getting Started][gs] page for other ideas about how to contrib
 
   [gs]: https://www.openssl.org/community/getting-started.html
 
-
 Development is done on GitHub in the [openssl/openssl][gh] repository.
 
   [gh]: https://github.com/openssl/openssl
@@ -30,14 +29,17 @@ guidelines:
     [CLA]: https://www.openssl.org/policies/cla.html
 
     To amend a missing "`CLA: trivial`" line after submission, do the following:
+
     ```
         git commit --amend
         [add the line, save and quit the editor]
         git push -f
     ```
+
  2. All source files should start with the following text (with
     appropriate comment characters at the start of each line and the
     year(s) updated):
+
     ```
         Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved.
 

File diff suppressed because it is too large
+ 138 - 162
INSTALL.md


File diff suppressed because it is too large
+ 144 - 150
NEWS.md


+ 24 - 34
README.md

@@ -1,13 +1,11 @@
+Welcome to the OpenSSL Project
+==============================
+
 [![openssl logo][]][www.openssl.org]
 
 [![travis badge][]][travis jobs]
 [![appveyor badge][]][appveyor jobs]
 
-
-
-Welcome to the OpenSSL Project
-==============================
-
 OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit
 for the Transport Layer Security (TLS) protocol formerly known as the
 Secure Sockets Layer (SSL) protocol. The protocol implementation is based
@@ -19,7 +17,6 @@ and Tim J. Hudson.
 
 The official Home Page of the OpenSSL Project is [www.openssl.org][].
 
-
 Table of Contents
 =================
 
@@ -47,13 +44,13 @@ The OpenSSL toolkit includes:
 - **openssl**
   the OpenSSL command line tool, a swiss army knife for cryptographic tasks,
   testing and analyzing. It can be used for
-   - creation of key parameters
-   - creation of X.509 certificates, CSRs and CRLs
-   - calculation of message digests
-   - encryption and decryption
-   - SSL/TLS client and server tests
-   - handling of S/MIME signed or encrypted mail
-   - and more...
+  - creation of key parameters
+  - creation of X.509 certificates, CSRs and CRLs
+  - calculation of message digests
+  - encryption and decryption
+  - SSL/TLS client and server tests
+  - handling of S/MIME signed or encrypted mail
+  - and more...
 
 Download
 ========
@@ -70,7 +67,6 @@ of the OpenSSL toolkit are available. In particular on Linux and other
 Unix operating systems it is normally recommended to link against the
 precompiled shared libraries provided by the distributor or vendor.
 
-
 For Testing and Development
 ---------------------------
 
@@ -86,22 +82,21 @@ which is updated automatically from the former on every commit.
 A local copy of the Git Repository can be obtained by cloning it from
 the original OpenSSL repository using
 
-        git clone git://git.openssl.org/openssl.git
+    git clone git://git.openssl.org/openssl.git
 
 or from the GitHub mirror using
 
-        git clone https://github.com/openssl/openssl.git
+    git clone https://github.com/openssl/openssl.git
 
 If you intend to contribute to OpenSSL, either to fix bugs or contribute
 new features, you need to fork the OpenSSL repository openssl/openssl on
 GitHub and clone your public fork instead.
 
-        git clone https://github.com/yourname/openssl.git
+    git clone https://github.com/yourname/openssl.git
 
 This is necessary, because all development of OpenSSL nowadays is done via
 GitHub pull requests. For more details, see [Contributing](#contributing).
 
-
 Build and Install
 =================
 
@@ -166,7 +161,6 @@ platform. The OpenSSL Project Pages at [openssl.github.io][] are a
 valuable source of information if you want to get familiar with our
 development process on GitHub.
 
-
 Legalities
 ==========
 
@@ -174,7 +168,6 @@ A number of nations restrict the use or export of cryptography. If you are
 potentially subject to such restrictions you should seek legal advice before
 attempting to develop or distribute cryptographic code.
 
-
 Copyright
 =========
 
@@ -184,37 +177,34 @@ Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
 
 All rights reserved.
 
-
 <!-- Links  -->
 
 [www.openssl.org]:
-    https://www.openssl.org
+    <https://www.openssl.org>
     "OpenSSL Homepage"
 
 [git.openssl.org]:
-    https://git.openssl.org
+    <https://git.openssl.org>
     "OpenSSL Git Repository"
 
 [git.openssl.org]:
-    https://git.openssl.org
+    <https://git.openssl.org>
     "OpenSSL Git Repository"
 
 [github.com/openssl/openssl]:
-    https://github.com/openssl/openssl
+    <https://github.com/openssl/openssl>
     "OpenSSL GitHub Mirror"
 
 [openssl.github.io]:
-    https://mspncp.github.io
+    <https://mspncp.github.io>
     "OpenSSL Project Pages"
 
 [wiki.openssl.org]:
-    https://wiki.openssl.org
+    <https://wiki.openssl.org>
     "OpenSSL Wiki"
 
-
 [RFC 8446]:
-     https://tools.ietf.org/html/rfc8446
-
+     <https://tools.ietf.org/html/rfc8446>
 
 <!-- Logos and Badges -->
 <!--
@@ -230,17 +220,17 @@ All rights reserved.
     "OpenSSL Logo"
 
 [travis badge]:
-    https://travis-ci.org/openssl/openssl.svg?branch=master
+    <https://travis-ci.org/openssl/openssl.svg?branch=master>
     "Travis Build Status"
 
 [travis jobs]:
-    https://travis-ci.org/openssl/openssl
+    <https://travis-ci.org/openssl/openssl>
     "Travis Jobs"
 
 [appveyor badge]:
-    https://ci.appveyor.com/api/projects/status/ikn2l4u1xsume63u/branch/master?svg=true
+    <https://ci.appveyor.com/api/projects/status/ikn2l4u1xsume63u/branch/master?svg=true>
     "AppVeyor Build Status"
 
 [appveyor jobs]:
-    https://ci.appveyor.com/project/openssl/openssl/branch/master
+    <https://ci.appveyor.com/project/openssl/openssl/branch/master>
     "AppVeyor Jobs"

+ 2 - 13
SUPPORT.md

@@ -1,4 +1,3 @@
-
 OpenSSL User Support resources
 ==============================
 
@@ -7,7 +6,7 @@ _Under Construction; not more than a collection of text fragments yet._
 See the OpenSSL website www.openssl.org for details on how to obtain
 commercial technical support. Free community support is available through the
 openssl-users email list (see
-https://www.openssl.org/community/mailinglists.html for further details).
+<https://www.openssl.org/community/mailinglists.html for> further details).
 
 If you have any problems with OpenSSL then please take the following steps
 first:
@@ -32,8 +31,6 @@ Just because something doesn't work the way you expect does not mean it
 is necessarily a bug in OpenSSL. Use the openssl-users email list for this type
 of query.
 
-
-
 For *questions* on how to use OpenSSL or what went wrong when you
 tried something, our primary resource is the mailing list
 openssl-users@openssl.org, where you can get help from others in the
@@ -41,10 +38,7 @@ OpenSSL community (which includes the developers as time permits).
 
 Only subscribers can post to openssl-users@openssl.org (although the
 archives are public).
-For more information, see https://www.openssl.org/community/mailinglists.html
-
-
-
+For more information, see <https://www.openssl.org/community/mailinglists.html>
 
 You have general questions about using OpenSSL
 ----------------------------------------------
@@ -97,10 +91,6 @@ pull request. The details are covered in the [Contributing](#contributing) secti
 Don't hesitate to open a pull request, even if it's only a small change
 like a grammatical or typographical error in the documentation.
 
-
-
-
-
 Mailing Lists
 =============
 
@@ -121,7 +111,6 @@ The openssl-dev list has been discontinued since development is now taking
 place in form of GitHub pull requests. Although not active anymore, the
 searchable archive may still contain useful information.
 
-
 <!-- Links -->
 
 [mailing lists]:     https://www.openssl.org/community/mailinglists.html

+ 12 - 8
fuzz/README.md

@@ -1,7 +1,10 @@
-# I Can Haz Fuzz?
+Fuzzing OpenSSL
+===============
+
+OpenSSL can use either LibFuzzer or AFL to do fuzzing.
 
 LibFuzzer
-=========
+---------
 
 How to fuzz OpenSSL with [libfuzzer](http://llvm.org/docs/LibFuzzer.html),
 starting from a vanilla+OpenSSH server Ubuntu install.
@@ -68,7 +71,7 @@ prebuilt fuzzer library. This is represented as `$PATH_TO_LIBFUZZER_DIR` below.
             --debug
 
 AFL
-===
+---
 
 This is an alternative to using LibFuzzer.
 
@@ -92,7 +95,7 @@ Run one of the fuzzers:
 Where $FUZZER is one of the executables in `fuzz/`.
 
 Reproducing issues
-==================
+------------------
 
 If a fuzzer generates a reproducible error, you can reproduce the problem using
 the fuzz/*-test binaries and the file generated by the fuzzer. They binaries
@@ -108,7 +111,7 @@ To reproduce the crash you can run:
     fuzz/$FUZZER-test $file
 
 Random numbers
-==============
+--------------
 
 The client and server fuzzer normally generate random numbers as part of the TLS
 connection setup. This results in the coverage of the fuzzing corpus changing
@@ -127,16 +130,17 @@ the same client hello with the same random number in it, and so the server, as
 emulated by the file, can be generated for that client hello.
 
 Coverage changes
-================
+----------------
 
 Since the corpus depends on the default behaviour of the client and the server,
 changes in what they send by default will have an impact on the coverage. The
 corpus will need to be updated in that case.
 
 Updating the corpus
-===================
+-------------------
 
 The client and server corpus is generated with multiple config options:
+
 - The options as documented above
 - Without enable-ec_nistp_64_gcc_128 and without --debug
 - With no-asm
@@ -147,7 +151,7 @@ The libfuzzer merge option is used to add the additional coverage
 from each config to the minimal set.
 
 Minimizing the corpus
-=====================
+---------------------
 
 When you have gathered corpus data from more than one fuzzer run
 or for any other reason want to to minimize the data

+ 40 - 57
test/README.ssltest.md

@@ -1,4 +1,5 @@
-# SSL tests
+SSL tests
+=========
 
 SSL testcases are configured in the `ssl-tests` directory.
 
@@ -14,20 +15,19 @@ corresponding to the default configuration. These testcases live in
 
 For more details, see `ssl-tests/01-simple.cnf.in` for an example.
 
-## Configuring the test
+Configuring the test
+--------------------
 
 First, give your test a name. The names do not have to be unique.
 
 An example test input looks like this:
 
-```
     {
         name => "test-default",
         server => { "CipherString" => "DEFAULT" },
         client => { "CipherString" => "DEFAULT" },
         test   => { "ExpectedResult" => "Success" },
     }
-```
 
 The test section supports the following options
 
@@ -111,19 +111,18 @@ handshake.
   If this is "empty" the list is expected to be empty otherwise it is a file
   of certificates whose subject names form the list.
 
-## Configuring the client and server
+Configuring the client and server
+---------------------------------
 
 The client and server configurations can be any valid `SSL_CTX`
 configurations. For details, see the manpages for `SSL_CONF_cmd`.
 
 Give your configurations as a dictionary of CONF commands, e.g.
 
-```
-server => {
-    "CipherString" => "DEFAULT",
-    "MinProtocol" => "TLSv1",
-}
-```
+    server => {
+        "CipherString" => "DEFAULT",
+        "MinProtocol" => "TLSv1",
+    }
 
 The following sections may optionally be defined:
 
@@ -146,14 +145,12 @@ The following sections may optionally be defined:
 Additional handshake settings can be configured in the `extra` section of each
 client and server:
 
-```
-client => {
-    "CipherString" => "DEFAULT",
-    extra => {
-        "ServerName" => "server2",
+    client => {
+        "CipherString" => "DEFAULT",
+        extra => {
+            "ServerName" => "server2",
+        }
     }
-}
-```
 
 #### Supported client-side options
 
@@ -202,21 +199,18 @@ automatically. Server certificate verification is requested by default.
 
 You can override these options by redefining them:
 
-```
-client => {
-    "VerifyCAFile" => "/path/to/custom/file"
-}
-```
+    client => {
+        "VerifyCAFile" => "/path/to/custom/file"
+    }
 
 or by deleting them
 
-```
-client => {
-    "VerifyCAFile" => undef
-}
-```
+    client => {
+        "VerifyCAFile" => undef
+    }
 
-## Adding a test to the test harness
+Adding a test to the test harness
+---------------------------------
 
 1. Add a new test configuration to `test/ssl-tests`, following the examples of
    existing `*.cnf.in` files (for example, `01-simple.cnf.in`).
@@ -224,33 +218,26 @@ client => {
 2. Generate the generated `*.cnf` test input file. You can do so by running
    `generate_ssl_tests.pl`:
 
-```
-$ ./config
-$ cd test
-$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/my.cnf.in default \
-  > ssl-tests/my.cnf
-```
+    $ ./config
+    $ cd test
+    $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
+      ssl-tests/my.cnf.in default > ssl-tests/my.cnf
 
 where `my.cnf.in` is your test input file and `default` is the provider to use.
 For all the pre-generated test files you should use the default provider.
 
 For example, to generate the test cases in `ssl-tests/01-simple.cnf.in`, do
 
-```
-$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/01-simple.cnf.in default > ssl-tests/01-simple.cnf
-```
+    $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
+      ssl-tests/01-simple.cnf.in default > ssl-tests/01-simple.cnf
 
 Alternatively (hackish but simple), you can comment out
 
-```
-unlink glob $tmp_file;
-```
+    unlink glob $tmp_file;
 
 in `test/recipes/80-test_ssl_new.t` and run
 
-```
-$ make TESTS=test_ssl_new test
-```
+    $ make TESTS=test_ssl_new test
 
 This will save the generated output in a `*.tmp` file in the build directory.
 
@@ -258,13 +245,13 @@ This will save the generated output in a `*.tmp` file in the build directory.
    the test suite has any skip conditions, update those too (see
    `test/recipes/80-test_ssl_new.t` for details).
 
-## Running the tests with the test harness
+Running the tests with the test harness
+---------------------------------------
 
-```
-HARNESS_VERBOSE=yes make TESTS=test_ssl_new test
-```
+    HARNESS_VERBOSE=yes make TESTS=test_ssl_new test
 
-## Running a test manually
+Running a test manually
+-----------------------
 
 These steps are only needed during development. End users should run `make test`
 or follow the instructions above to run the SSL test suite.
@@ -273,17 +260,13 @@ To run an SSL test manually from the command line, the `TEST_CERTS_DIR`
 environment variable to point to the location of the certs. E.g., from the root
 OpenSSL directory, do
 
-```
-$ CTLOG_FILE=test/ct/log_list.cnf TEST_CERTS_DIR=test/certs test/ssl_test \
-  test/ssl-tests/01-simple.cnf
-```
+    $ CTLOG_FILE=test/ct/log_list.cnf TEST_CERTS_DIR=test/certs test/ssl_test \
+      test/ssl-tests/01-simple.cnf
 
 or for shared builds
 
-```
-$ CTLOG_FILE=test/ct/log_list.cnf  TEST_CERTS_DIR=test/certs \
-  util/wrap.pl test/ssl_test test/ssl-tests/01-simple.cnf
-```
+    $ CTLOG_FILE=test/ct/log_list.cnf  TEST_CERTS_DIR=test/certs \
+      util/wrap.pl test/ssl_test test/ssl-tests/01-simple.cnf
 
 Note that the test expectations sometimes depend on the Configure settings. For
 example, the negotiated protocol depends on the set of available (enabled)

Some files were not shown because too many files changed in this diff