Package: stunnel4
Version: 3:5.74-2
Severity: minor
Tags: patch
* What led up to the situation?
Checking for defects with a new version
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z < "man
page"
[Use "groff -e ' $' -e '\\~$' <file>" to find obvious trailing spaces.]
["test-groff" is a script in the repository for "groff"; is not shipped]
(local copy and "troff" slightly changed by me).
[The fate of "test-nroff" was decided in groff bug #55941.]
* What was the outcome of this action?
troff:<stdin>:35: warning: name 'Tr' not defined
an.tmac:<stdin>:135: style: .TH missing fourth argument; consider
package/project name and version (e.g., "groff 1.23.0")
an.tmac:<stdin>:208: style: 4 leading space(s) on input line
an.tmac:<stdin>:209: style: 4 leading space(s) on input line
an.tmac:<stdin>:210: style: 4 leading space(s) on input line
an.tmac:<stdin>:211: style: 4 leading space(s) on input line
an.tmac:<stdin>:212: style: 4 leading space(s) on input line
troff:<stdin>:212: warning: trailing space in the line
an.tmac:<stdin>:213: style: 4 leading space(s) on input line
an.tmac:<stdin>:214: style: 4 leading space(s) on input line
an.tmac:<stdin>:215: style: 4 leading space(s) on input line
an.tmac:<stdin>:216: style: 4 leading space(s) on input line
an.tmac:<stdin>:217: style: 4 leading space(s) on input line
an.tmac:<stdin>:218: style: 4 leading space(s) on input line
troff:<stdin>:218: warning: trailing space in the line
an.tmac:<stdin>:219: style: 4 leading space(s) on input line
troff:<stdin>:219: warning: trailing space in the line
an.tmac:<stdin>:220: style: 4 leading space(s) on input line
an.tmac:<stdin>:221: style: 4 leading space(s) on input line
troff:<stdin>:221: warning: trailing space in the line
an.tmac:<stdin>:222: style: 4 leading space(s) on input line
an.tmac:<stdin>:223: style: 4 leading space(s) on input line
an.tmac:<stdin>:224: style: 4 leading space(s) on input line
* What outcome did you expect instead?
No output (no warnings).
-.-
General remarks and further material, if a diff-file exist, are in the
attachments.
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.12-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1),
LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages stunnel4 depends on:
ii adduser 3.137
ii init-system-helpers 1.68
ii libc6 2.40-7
ii libssl3t64 3.4.1-1
ii libsystemd0 257.3-1
ii libwrap0 7.6.q-36
ii netbase 6.4
ii openssl 3.4.1-1
ii perl 5.40.1-2
ii systemd [systemd-sysusers] 257.3-1
stunnel4 recommends no packages.
Versions of packages stunnel4 suggests:
pn logcheck-database <none>
-- no debconf information
Input file is stunnel3.8
Output from "mandoc -T lint stunnel3.8": (shortened list)
3 empty block: RS
1 input text line longer than 80 bytes: There are available ...
1 input text line longer than 80 bytes: [\-d\ [host:]port\ [...
1 input text line longer than 80 bytes: [\-g\ setgid_group] ...
1 input text line longer than 80 bytes: daemons like \s-1NNT...
1 undefined string, using "": Tr
4 whitespace at end of input line
Remove trailing space with: sed -e 's/ *$//'
-.-.
Output from "test-groff -mandoc -t -ww -z stunnel3.8": (shortened list)
1 font name 'CW' is deprecated
1 name 'Tr' not defined
4 trailing space in the line
Remove trailing space with: sed -e 's/ *$//'
-.-.
Show if Pod::Man generated this.
Who is actually creating this man page? Debian or upstream?
Is the generating software out of date?
1:.\" Automatically generated by Pod::Man v1.34, Pod::Parser v1.13
-.-.
Remove space characters (whitespace) at the end of lines.
Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".
Number of lines affected is
4
-.-.
Wrong distance between sentences in the input file.
Separate the sentences and subordinate clauses; each begins on a new
line. See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").
The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.
Remember coding: Only one command ("sentence") on each (logical) line.
E-mail: Easier to quote exactly the relevant lines.
Generally: Easier to edit the sentence.
Patches: Less unaffected text.
Search for two adjacent words is easier, when they belong to the same line,
and the same phrase.
The amount of space between sentences in the output can then be
controlled with the ".ss" request.
Mark a final abbreviation point as such by suffixing it with "\&".
Some sentences (etc.) do not begin on a new line.
Split (sometimes) lines after a punctuation mark; before a conjunction.
N.B.
The number of lines affected can be too large to be in a patch.
Lines with only one (or two) space(s) between sentences could be split,
so latter sentences begin on a new line.
Use
#!/usr/bin/sh
sed -e '/^\./n' \
-e 's/\([[:alpha:]]\)\. */\1.\n/g' $1
to split lines after a sentence period.
Check result with the difference between the formatted outputs.
See also the attachment "general.bugs"
[List of affected line removed.]
-.-
Split lines longer than 80 characters into two or more lines.
Appropriate break points are the end of a sentence and a subordinate
clause; after punctuation marks.
Add "\:" to split the string for the output, "\<newline>" in the source.
Line 137, length 249
\&\fBstunnel\fR [\-c\ |\ \-T] [\-D\ [facility.]level] [\-O\
a|l|r:option=value[:value]] [\-o\ file] [\-C\ cipherlist] [\-p\ pemfile] [\-v\
level] [\-A\ certfile] [\-S\ sources] [\-a\ directory] [\-t\ timeout] [\-u\
ident_username] [\-s\ setuid_user]
Line 138, length 127
[\-g\ setgid_group] [\-n\ protocol] [\-P\ {\ filename\ |\ ''\ }\ ] [\-B\ bytes]
[\-R\ randfile] [\-W] [\-E\ socket] [\-I\ host]
Line 139, length 105
[\-d\ [host:]port\ [\-f]\ ] [\ \-r\ [host:]port\ |\ {\ \-l\ |\ \-L\ }\ program\
[\-\-\ progname\ args]\ ]
Line 149, length 95
\&\fIinetd\fR daemons like \s-1POP\-2\s0, \s-1POP\-3\s0, and \s-1IMAP\s0
servers, to standalone
Line 150, length 95
daemons like \s-1NNTP\s0, \s-1SMTP\s0 and \s-1HTTP\s0, and in tunneling
\s-1PPP\s0 over network
Line 431, length 81
\&\fIstunnel\fR needs to seed the \s-1PRNG\s0 (pseudo random number generator)
in
Line 480, length 81
\&\fIstunnel\fR cannot be used for the \s-1FTP\s0 daemon because of the nature
of
Line 482, length 81
There are available \s-1SSL\s0 enabled versions of \s-1FTP\s0 and telnet
daemons,
-.-.
Do not use "\s0" in a string definition but an absolute number,
as the size of the string could be changed.
Then a situation of "\s+X...\s+Y...\s0...\s0" could emerge.
Type size changes have an effect in "troff", but not in "nroff".
33:.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.-.
Add a zero (0) in front of a decimal fraction that begins with a period
(.)
14:.if t .sp .5v
73:. ds #V .8m
74:. ds #F .3m
80:. ds #V .6m
-.-.
Put a parenthetical sentence, phrase on a separate line,
if not part of a code.
See man-pages(7), item "semantic newline".
[List of affected lines removed.]
-.-
No space is needed before a quote (") at the end of a macro line
132:.TH STUNNEL 8 "2003-08-01" " " " "
-.-.
Remove quotes when there is a printable
but no space character between them
and the quotes are not for emphasis (markup),
for example as an argument to a macro.
132:.TH STUNNEL 8 "2003-08-01" " " " "
133:.SH "NAME"
135:.SH "SYNOPSIS"
140:.SH "DESCRIPTION"
155:.SH "OPTIONS"
157:.IP "\fB\-h\fR" 4
224:.IP "\fB\-c\fR" 4
229:.IP "\fB\-T\fR" 4
253:.IP "\(bu" 8
255:.IP "\(bu" 8
257:.IP "\(bu" 8
259:.IP "\(bu" 8
304:.IP "\fB\-W\fR" 4
326:.IP "\fB\-f\fR" 4
358:.SH "EXAMPLES"
359:.IX Header "EXAMPLES"
381:.SH "ENVIRONMENT"
382:.IX Header "ENVIRONMENT"
385:.IP "\s-1REMOTE_HOST\s0" 4
388:.IP "\s-1SSL_CLIENT_DN\s0" 4
392:.IP "\s-1SSL_CLIENT_I_DN\s0" 4
396:.SH "CERTIFICATES"
398:.IP "\(bu" 4
428:.SH "RANDOMNESS"
430:.IP "\(bu" 4
435:.IP "\(bu" 8
437:.IP "\(bu" 8
439:.IP "\(bu" 8
441:.IP "\(bu" 8
443:.IP "\(bu" 8
445:.IP "\(bu" 8
447:.IP "\(bu" 8
449:.IP "\(bu" 8
477:.SH "LIMITATIONS"
479:.IP "\(bu" 4
487:.IP "\fItcpd\fR\|(8)" 8
490:.IP "\fIinetd\fR\|(8)" 8
493:.IP "\fIhttps://www.stunnel.org/\fR"; 8
496:.IP "\fIhttps://www.openssl.org/\fR"; 8
502:.SH "AUTHOR"
-.-.
Add lines to use the CR font for groff instead of CW.
.if t \{\
. ie \n(.g .ft CR
. el .ft CW
.\}
18:.ft CW
-.-.
Section headings (.SH and .SS) do not need quoting.
133:.SH "NAME"
135:.SH "SYNOPSIS"
140:.SH "DESCRIPTION"
155:.SH "OPTIONS"
358:.SH "EXAMPLES"
381:.SH "ENVIRONMENT"
396:.SH "CERTIFICATES"
428:.SH "RANDOMNESS"
477:.SH "LIMITATIONS"
484:.SH "SEE ALSO"
502:.SH "AUTHOR"
-.-.
Output from "test-groff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z
":
troff:<stdin>:32: warning: name 'Tr' not defined
an.tmac:<stdin>:198: style: 4 leading space(s) on input line
an.tmac:<stdin>:199: style: 4 leading space(s) on input line
an.tmac:<stdin>:200: style: 4 leading space(s) on input line
an.tmac:<stdin>:201: style: 4 leading space(s) on input line
an.tmac:<stdin>:202: style: 4 leading space(s) on input line
troff:<stdin>:202: warning: trailing space in the line
an.tmac:<stdin>:203: style: 4 leading space(s) on input line
an.tmac:<stdin>:204: style: 4 leading space(s) on input line
an.tmac:<stdin>:205: style: 4 leading space(s) on input line
an.tmac:<stdin>:206: style: 4 leading space(s) on input line
an.tmac:<stdin>:207: style: 4 leading space(s) on input line
an.tmac:<stdin>:208: style: 4 leading space(s) on input line
troff:<stdin>:208: warning: trailing space in the line
an.tmac:<stdin>:209: style: 4 leading space(s) on input line
troff:<stdin>:209: warning: trailing space in the line
an.tmac:<stdin>:210: style: 4 leading space(s) on input line
an.tmac:<stdin>:211: style: 4 leading space(s) on input line
troff:<stdin>:211: warning: trailing space in the line
an.tmac:<stdin>:212: style: 4 leading space(s) on input line
an.tmac:<stdin>:213: style: 4 leading space(s) on input line
an.tmac:<stdin>:214: style: 4 leading space(s) on input line
troff:<stdin>:363: warning: font name 'CW' is deprecated
-.-.
Generally:
Split (sometimes) lines after a punctuation mark; before a conjunction.
--- stunnel3.8 2025-02-28 02:30:14.867990755 +0000
+++ stunnel3.8.new 2025-02-28 03:01:56.369837628 +0000
@@ -1,3 +1,4 @@
+'\" t
.\" Automatically generated by Pod::Man v1.34, Pod::Parser v1.13
.\"
.\" Standard preamble:
@@ -11,11 +12,14 @@
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
+.if t .sp 0.5v
.if n .sp
..
.de Vb \" Begin verbatim text
-.ft CW
+.if t \{\
+. ie \n(.g .ft CR
+. el .ft CW
+.\}
.nf
.ne \\$1
..
@@ -30,7 +34,7 @@
.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
.\" expand to `' in nroff, nothing in troff, for use with C<>.
.tr \(*W-|\(bv\*(Tr
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s+2\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
@@ -70,14 +74,14 @@
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
-. ds #V .8m
-. ds #F .3m
+. ds #V 0.8m
+. ds #F 0.3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
+. ds #V 0.6m
. ds #F 0
. ds #[ \&
. ds #] \&
@@ -129,15 +133,20 @@
.\" ========================================================================
.\"
.IX Title "STUNNEL 1"
-.TH STUNNEL 8 "2003-08-01" " " " "
-.SH "NAME"
+.TH STUNNEL 8 2003-08-01 "" ""
+.SH NAME
stunnel \- universal SSL tunnel
-.SH "SYNOPSIS"
+.SH SYNOPSIS
.IX Header "SYNOPSIS"
-\&\fBstunnel\fR [\-c\ |\ \-T] [\-D\ [facility.]level] [\-O\
a|l|r:option=value[:value]] [\-o\ file] [\-C\ cipherlist] [\-p\ pemfile] [\-v\
level] [\-A\ certfile] [\-S\ sources] [\-a\ directory] [\-t\ timeout] [\-u\
ident_username] [\-s\ setuid_user]
-[\-g\ setgid_group] [\-n\ protocol] [\-P\ {\ filename\ |\ ''\ }\ ] [\-B\
bytes] [\-R\ randfile] [\-W] [\-E\ socket] [\-I\ host]
-[\-d\ [host:]port\ [\-f]\ ] [\ \-r\ [host:]port\ |\ {\ \-l\ |\ \-L\ }\
program\ [\-\-\ progname\ args]\ ]
-.SH "DESCRIPTION"
+\&\fBstunnel\fR [\-c\ |\ \-T] [\-D\ [facility.]level] [\-O\ \
+a|l|r:option=value[:value]] [\-o\ file] [\-C\ cipherlist] [\-p\ pemfile]
+[\-v\ level] [\-A\ certfile] [\-S\ sources] [\-a\ directory] [\-t\ \
+timeout] [\-u\ ident_username] [\-s\ setuid_user]
+[\-g\ setgid_group] [\-n\ protocol] [\-P\ {\ filename\ |\ ''\ }\ ] [\-B\ \
+bytes] [\-R\ randfile] [\-W] [\-E\ socket] [\-I\ host]
+[\-d\ [host:]port\ [\-f]\ ] [\ \-r\ [host:]port\ |\ {\ \-l\ |\ \-L\ }\ \
+program\ [\-\-\ progname\ args]\ ]
+.SH DESCRIPTION
.IX Header "DESCRIPTION"
The \fBstunnel\fR program is designed to work as \fI\s-1SSL\s0\fR encryption
wrapper between remote clients and local (\fIinetd\fR\-startable) or
@@ -146,15 +155,17 @@ running on your system you can easily se
clients over secure \s-1SSL\s0 channels.
.PP
\&\fBstunnel\fR can be used to add \s-1SSL\s0 functionality to commonly used
-\&\fIinetd\fR daemons like \s-1POP\-2\s0, \s-1POP\-3\s0, and \s-1IMAP\s0
servers, to standalone
-daemons like \s-1NNTP\s0, \s-1SMTP\s0 and \s-1HTTP\s0, and in tunneling
\s-1PPP\s0 over network
+\&\fIinetd\fR daemons like \s-1POP\-2\s0, \s-1POP\-3\s0,
+and \s-1IMAP\s0 servers, to standalone
+daemons like \s-1NNTP\s0, \s-1SMTP\s0 and \s-1HTTP\s0,
+and in tunneling \s-1PPP\s0 over network
sockets without changes to the source code.
.PP
This product includes cryptographic software written by Eric Young
([email protected])
-.SH "OPTIONS"
+.SH OPTIONS
.IX Header "OPTIONS"
-.IP "\fB\-h\fR" 4
+.IP \fB\-h\fR 4
.IX Item "-h"
Print stunnel help menu
.IP "\fB\-D\fR level" 4
@@ -195,23 +206,29 @@ receive data stream for remote sockets
interface
.Sp
The available options and their defaults are:
- Option Accept Local Remote OS default
- SO_DEBUG -- -- -- 0
- SO_DONTROUTE -- -- -- 0
- SO_KEEPALIVE -- -- -- 0
- SO_LINGER -- -- -- 0:0
- SO_OOBINLINE -- -- -- 0
- SO_RCVBUF -- -- -- 87380
- SO_SNDBUF -- -- -- 16384
- SO_RCVLOWAT -- -- -- 1
- SO_SNDLOWAT -- -- -- 1
- SO_RCVTIMEO -- -- -- 0:0
- SO_SNDTIMEO -- -- -- 0:0
- SO_REUSEADDR 1 -- -- 0
- SO_BINDTODEVICE -- -- -- --
- IP_TOS -- -- -- 0
- IP_TTL -- -- -- 64
- TCP_NODELAY -- -- -- 0
+.in +4n
+.TS
+l l l l l
+l r r r r.
+Option Accept Local Remote OS default
+SO_DEBUG -- -- -- 0
+SO_DONTROUTE -- -- -- 0
+SO_KEEPALIVE -- -- -- 0
+SO_LINGER -- -- -- 0:0
+SO_OOBINLINE -- -- -- 0
+SO_RCVBUF -- -- -- 87380
+SO_SNDBUF -- -- -- 16384
+SO_RCVLOWAT -- -- -- 1
+SO_SNDLOWAT -- -- -- 1
+SO_RCVTIMEO -- -- -- 0:0
+SO_SNDTIMEO -- -- -- 0:0
+SO_REUSEADDR 1 -- -- 0
+SO_BINDTODEVICE -- -- -- --
+IP_TOS -- -- -- 0
+IP_TTL -- -- -- 64
+TCP_NODELAY -- -- -- 0
+.TE
+.in -4n
.IP "\fB\-o\fR file" 4
.IX Item "-o file"
Append log messages to a file.
@@ -221,12 +238,12 @@ Select permitted \s-1SSL\s0 ciphers
.Sp
A colon delimited list of the ciphers to allow in the \s-1SSL\s0 connection.
For example \s-1DES\-CBC3\-SHA:IDEA\-CBC\-MD5\s0
-.IP "\fB\-c\fR" 4
+.IP \fB\-c\fR 4
.IX Item "-c"
client mode (remote service uses \s-1SSL\s0)
.Sp
default: server mode
-.IP "\fB\-T\fR" 4
+.IP \fB\-T\fR 4
.IX Item "-T"
transparent proxy mode
.Sp
@@ -250,17 +267,15 @@ to the highest level (root \s-1CA\s0).
.IX Item "-v level"
verify peer certificate
.RS 4
-.IP "\(bu" 8
+.IP \(bu 8
level 1 \- verify peer certificate if present
-.IP "\(bu" 8
+.IP \(bu 8
level 2 \- verify peer certificate
-.IP "\(bu" 8
+.IP \(bu 8
level 3 \- verify peer with locally installed certificate
-.IP "\(bu" 8
+.IP \(bu 8
default \- no verify
.RE
-.RS 4
-.RE
.IP "\fB\-a\fR directory" 4
.IX Item "-a directory"
client certificate directory
@@ -301,7 +316,7 @@ generator. (Available only if compiled
.IX Item "-R filename"
File containing random input. The \s-1SSL\s0 library will use data from this
file first to seed the random number generator.
-.IP "\fB\-W\fR" 4
+.IP \fB\-W\fR 4
.IX Item "-W"
Do not overwrite the random seed files with new random data.
.IP "\fB\-B\fR bytes" 4
@@ -323,7 +338,7 @@ Listen for connections on [host:]port. I
to all \s-1IP\s0 addresses for the local host.
.Sp
default: inetd mode
-.IP "\fB\-f\fR" 4
+.IP \fB\-f\fR 4
.IX Item "-f"
foreground mode
.Sp
@@ -355,7 +370,7 @@ be created.
connect to remote service
.Sp
If no host specified, defaults to localhost.
-.SH "EXAMPLES"
+.SH EXAMPLES
.IX Header "EXAMPLES"
In order to provide \s-1SSL\s0 encapsulation to your local \fIimapd\fR service,
use
@@ -378,24 +393,24 @@ use something like
.Vb 1
\& stunnel \-d 2020 \-L /usr/sbin/pppd \-\- pppd local
.Ve
-.SH "ENVIRONMENT"
+.SH ENVIRONMENT
.IX Header "ENVIRONMENT"
If Stunnel is used to create local processes using the \fB\-l\fR or \fB\-L\fR
options, it will set the following environment variables
-.IP "\s-1REMOTE_HOST\s0" 4
+.IP \s-1REMOTE_HOST\s0 4
.IX Item "REMOTE_HOST"
The \s-1IP\s0 address of the remote end of the connection.
-.IP "\s-1SSL_CLIENT_DN\s0" 4
+.IP \s-1SSL_CLIENT_DN\s0 4
.IX Item "SSL_CLIENT_DN"
The \s-1DN\s0 (Distinguished Name, aka subject name) of the peer certificate,
if a certificate was present and verified.
-.IP "\s-1SSL_CLIENT_I_DN\s0" 4
+.IP \s-1SSL_CLIENT_I_DN\s0 4
.IX Item "SSL_CLIENT_I_DN"
The Issuer's \s-1DN\s0 of the peer's certificate, if a certificate was
present and verified.
-.SH "CERTIFICATES"
+.SH CERTIFICATES
.IX Header "CERTIFICATES"
-.IP "\(bu" 4
+.IP \(bu 4
Each \s-1SSL\s0 enabled daemon needs to present a valid X.509 certificate to
the peer. It also needs a private key to decrypt the incoming data.
The easiest way to obtain a certificate and a key is to generate them
@@ -425,28 +440,29 @@ the file should look like this:
\& \-\-\-\-\-END CERTIFICATE\-\-\-\-\-
\& [empty line]
.Ve
-.SH "RANDOMNESS"
+.SH RANDOMNESS
.IX Header "RANDOMNESS"
-.IP "\(bu" 4
-\&\fIstunnel\fR needs to seed the \s-1PRNG\s0 (pseudo random number generator)
in
-order for \s-1SSL\s0 to use good randomness. The following sources are
+.IP \(bu 4
+\&\fIstunnel\fR needs to seed the \s-1PRNG\s0
+(pseudo random number generator)
+in order for \s-1SSL\s0 to use good randomness. The following sources are
loaded in order until sufficient random data has been gathered:
.RS 4
-.IP "\(bu" 8
+.IP \(bu 8
The file specified with the \fI\-R\fR flag.
-.IP "\(bu" 8
+.IP \(bu 8
The file specified by the \s-1RANDFILE\s0 environment variable, if set.
-.IP "\(bu" 8
+.IP \(bu 8
The file .rnd in your home directory, if \s-1RANDFILE\s0 not set.
-.IP "\(bu" 8
+.IP \(bu 8
The file specified with '\-\-with\-random' at compile time.
-.IP "\(bu" 8
+.IP \(bu 8
The contents of the screen if running on Windows.
-.IP "\(bu" 8
+.IP \(bu 8
The egd socket specified with the \fI\-E\fR flag.
-.IP "\(bu" 8
+.IP \(bu 8
The egd socket specified with '\-\-with\-egd\-sock' at compile time.
-.IP "\(bu" 8
+.IP \(bu 8
The /dev/urandom device.
.RE
.RS 4
@@ -474,37 +490,34 @@ so on systems with /dev/urandom you're l
it's listed at the very bottom of the list above. This isn't
stunnel's behaviour, it's OpenSSLs.
.RE
-.SH "LIMITATIONS"
+.SH LIMITATIONS
.IX Header "LIMITATIONS"
-.IP "\(bu" 4
-\&\fIstunnel\fR cannot be used for the \s-1FTP\s0 daemon because of the nature
of
+.IP \(bu 4
+\&\fIstunnel\fR cannot be used for the \s-1FTP\s0 daemon because of the
+nature of
the \s-1FTP\s0 protocol which utilizes multiple ports for data transfers.
-There are available \s-1SSL\s0 enabled versions of \s-1FTP\s0 and telnet
daemons,
-however.
-.SH "SEE ALSO"
+There are available \s-1SSL\s0 enabled versions of \s-1FTP\s0
+and telnet daemons, however.
+.SH SEE ALSO
.IX Header "SEE ALSO"
.RS 4
-.IP "\fItcpd\fR\|(8)" 8
+.IP \fItcpd\fR\|(8) 9
.IX Item "tcpd"
access control facility for internet services
-.IP "\fIinetd\fR\|(8)" 8
+.IP \fIinetd\fR\|(8) 9
.IX Item "inetd"
internet ``super\-server''
-.IP "\fIhttps://www.stunnel.org/\fR"; 8
+.IP \fIhttps://www.stunnel.org/\fR 9
.IX Item "https://www.stunnel.org/";
Stunnel homepage
-.IP "\fIhttps://www.openssl.org/\fR"; 8
+.IP \fIhttps://www.openssl.org/\fR 9
.IX Item "https://www.openssl.org/";
OpenSSL project website
.RE
-.RS 4
-.RE
-.SH "AUTHOR"
+.SH AUTHOR
.IX Header "AUTHOR"
.RS 4
.IP "Michal Trojnara" 8
.IX Item "Michal Trojnara"
<\[email protected]\fR>
.RE
-.RS 4
-.RE
Any program (person), that produces man pages, should check the output
for defects by using (both groff and nroff)
[gn]roff -mandoc -t -ww -b -z -K utf8 <man page>
The same goes for man pages that are used as an input.
For a style guide use
mandoc -T lint
-.-
Any "autogenerator" should check its products with the above mentioned
'groff', 'mandoc', and additionally with 'nroff ...'.
It should also check its input files for too long (> 80) lines.
This is just a simple quality control measure.
The "autogenerator" may have to be corrected to get a better man page,
the source file may, and any additional file may.
Common defects:
Not removing trailing spaces (in in- and output).
The reason for these trailing spaces should be found and eliminated.
"git" has a "tool" to point out whitespace,
see for example "git-apply(1)" and git-config(1)")
Not beginning each input sentence on a new line.
Line length and patch size should thus be reduced.
The script "reportbug" uses 'quoted-printable' encoding when a line is
longer than 1024 characters in an 'ascii' file.
See man-pages(7), item "semantic newline".
-.-
The difference between the formatted output of the original and patched file
can be seen with:
nroff -mandoc <file1> > <out1>
nroff -mandoc <file2> > <out2>
diff -d -u <out1> <out2>
and for groff, using
\"printf '%s\n%s\n' '.kern 0' '.ss 12 0' | groff -mandoc -Z - \"
instead of 'nroff -mandoc'
Add the option '-t', if the file contains a table.
Read the output from 'diff -d -u ...' with 'less -R' or similar.
-.-.
If 'man' (man-db) is used to check the manual for warnings,
the following must be set:
The option \"-warnings=w\"
The environmental variable:
export MAN_KEEP_STDERR=yes (or any non-empty value)
or
(produce only warnings):
export MANROFFOPT=\"-ww -b -z\"
export MAN_KEEP_STDERR=yes (or any non-empty value)
-.-
