Sir or Madam: This message contains even more grammatical fixes for the OpenBSD manual pages. To ensure that the changes which are proposed in this message can be justified, this message primarily fixes only a single type of error: the absence of commas after introductory clauses.
Unless otherwise specified, for all changes which are proposed in this message, a change adds a comma after an introductory clause; for all introductory clauses, a comma _must_ follow an introductory clause.* However, these changes should not only be made because the changes fix incorrect things; rather, these changes should be made because many changes greatly increase the clarity of the manual pages; incorrect comma usage can lead to the misinterpretation of things, which is bad... especially in the case of a user manual. Mr. MACINTYRE mentioned that VARIK's previous message was fairly unreadable; as such, some spacing has been added to these diffs, thereby hopefully improving the readability of this message. Any advice regarding the formatting of this sort of message would be welcomed; poorly-formatted, i.e., unreadable, messages waste time, and wasting time sucks. KUTGW, Varik "NOT A COMPUTER PROGRAMMER!!!" Valefor *https://owl.purdue.edu/owl/general_writing/punctuation/commas/commas_after_introductions.html ===== BEGIN DIFFS ===== diff --git a/bin/csh/csh.1 b/bin/csh/csh.1 index f984356e846..2e89bcc0c3a 100644 --- a/bin/csh/csh.1 +++ b/bin/csh/csh.1 @@ -1039,7 +1039,7 @@ and If braces .Ql { .Ql } -appear in the command form then the modifiers +appear in the command form, then the modifiers must appear within the braces. The current implementation allows only one .Ql \&: @@ -1282,7 +1282,7 @@ is given to the command as its standard input. The file .Ar name is used as the standard output. -If the file does not exist then it is created; +If the file does not exist, then it is created; if the file exists, it is truncated; its previous contents are lost. .Pp If the variable @@ -1469,7 +1469,7 @@ l symbolic link .Pp The specified name is command and filename expanded and then tested to see if it has the specified relationship to the real user. -If the file does not exist or is inaccessible then all enquiries return +If the file does not exist or is inaccessible, then all enquiries return false, i.e., .Ql 0 . Command executions succeed, returning true, i.e., @@ -1477,7 +1477,7 @@ Command executions succeed, returning true, i.e., if the command exits with status 0, otherwise they fail, returning false, i.e., .Ql 0 . -If more detailed status information is required then the command +If more detailed status information is required, then the command should be executed outside an expression and the variable .Ar status examined. @@ -1510,7 +1510,7 @@ non-seekable inputs.) .Ss Built-in commands Built-in commands are executed within the shell. If a built-in command occurs as any component of a pipeline -except the last then it is executed in a sub-shell. +except the last, then it is executed in a sub-shell. .Pp .Bl -tag -width Ds -compact -offset indent .It Ic alias @@ -1562,7 +1562,7 @@ statement as discussed below. .It Ic chdir Ar name Change the shell's working directory to directory .Ar name . -If no argument is given then change to the home directory of the user. +If no argument is given, then change to the home directory of the user. If .Ar name is not found as a subdirectory of the current directory (and does not begin @@ -1759,11 +1759,11 @@ executed (this is a bug). .It Ic endif If the specified .Ar expr -is true then the commands up to the first +is true, then the commands up to the first .Ic else are executed; otherwise if .Ar expr2 -is true then the commands up to the +is true, then the commands up to the second .Ic else are executed, etc. diff --git a/lib/libagentx/subagentx.3 b/lib/libagentx/subagentx.3 index d283ff198e8..23055f4a94c 100644 --- a/lib/libagentx/subagentx.3 +++ b/lib/libagentx/subagentx.3 @@ -524,8 +524,8 @@ Set the return value to an opaque value. .It Fn subagentx_varbind_counter64 Set the return value to an uint64_t of type counter64. .It Fn subagentx_varbind_notfound -When the request is of type GET return an nosuchinstance error. -When the request is of type GETNEXT or GETBULK return an endofmibview error. +When the request is of type GET, return an nosuchinstance error. +When the request is of type GETNEXT or GETBULK, return an endofmibview error. On endofmibview the next object is queried. This function can only be called on objects that contain one or more *_dynamic indices. diff --git a/lib/libc/crypt/crypt.3 b/lib/libc/crypt/crypt.3 index c8ebf9861d4..721b073e8f7 100644 --- a/lib/libc/crypt/crypt.3 +++ b/lib/libc/crypt/crypt.3 @@ -74,7 +74,7 @@ currently supports a single form. If it begins with a string character .Pq Ql $ -and a number then a different algorithm is used depending on the number. +and a number, then a different algorithm is used depending on the number. At the moment .Ql $2 chooses Blowfish hashing; see below for more information. diff --git a/lib/libc/gen/popen.3 b/lib/libc/gen/popen.3 index 7cda6a14fc1..7e18ccf2932 100644 --- a/lib/libc/gen/popen.3 +++ b/lib/libc/gen/popen.3 @@ -75,7 +75,7 @@ or for writing. If the letter .Qq e -is present in the string then the close-on-exec flag shall be set on the +is present in the string, then the close-on-exec flag shall be set on the file descriptor underlying the .Vt FILE that is returned. diff --git a/lib/libcrypto/man/BIO_push.3 b/lib/libcrypto/man/BIO_push.3 index 768f4d8579d..01eab359743 100644 --- a/lib/libcrypto/man/BIO_push.3 +++ b/lib/libcrypto/man/BIO_push.3 @@ -133,7 +133,7 @@ If the call .Pp .Dl BIO_push(b64, f); .Pp -is made then the new chain will be +is made, then the new chain will be .Sy b64-f . After making the calls .Bd -literal -offset indent diff --git a/lib/libcrypto/man/BIO_s_accept.3 b/lib/libcrypto/man/BIO_s_accept.3 index 4ead28b62f7..955b5677f10 100644 --- a/lib/libcrypto/man/BIO_s_accept.3 +++ b/lib/libcrypto/man/BIO_s_accept.3 @@ -123,7 +123,7 @@ are hidden by the BIO abstraction. Read and write operations on an accept BIO will perform I/O on the underlying connection. If no connection is established and the port (see below) is set up -properly then the BIO waits for an incoming connection. +properly, then the BIO waits for an incoming connection. .Pp Accept BIOs support .Xr BIO_puts 3 diff --git a/lib/libcrypto/man/EC_GROUP_copy.3 b/lib/libcrypto/man/EC_GROUP_copy.3 index bdbd72c2cc2..ea730a42b02 100644 --- a/lib/libcrypto/man/EC_GROUP_copy.3 +++ b/lib/libcrypto/man/EC_GROUP_copy.3 @@ -331,7 +331,7 @@ parameter b from a random number. This provides advantages in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it. -If the seed is present for a curve then the b parameter was generated in +If the seed is present for a curve, then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library does not use this seed value but does enable you to inspect it using diff --git a/lib/libcrypto/man/EC_KEY_new.3 b/lib/libcrypto/man/EC_KEY_new.3 index ef3028c4b71..01e79d44f79 100644 --- a/lib/libcrypto/man/EC_KEY_new.3 +++ b/lib/libcrypto/man/EC_KEY_new.3 @@ -358,11 +358,11 @@ is converted into ASN.1 in a call to .Fn i2d_ECPrivateKey . If .Dv EC_PKEY_NO_PARAMETERS -is set then the public parameters for the curve +is set, then the public parameters for the curve are not encoded along with the private key. If .Dv EC_PKEY_NO_PUBKEY -is set then the public key is not encoded along with the private +is set, then the public key is not encoded along with the private key. .Pp The format of the external representation of the public key written by diff --git a/lib/libcrypto/man/EVP_OpenInit.3 b/lib/libcrypto/man/EVP_OpenInit.3 index 766d178cbd1..9f1a799bffd 100644 --- a/lib/libcrypto/man/EVP_OpenInit.3 +++ b/lib/libcrypto/man/EVP_OpenInit.3 @@ -127,9 +127,9 @@ set to .Pp If the cipher passed in the .Fa type -parameter is a variable length cipher then the key length will be set to +parameter is a variable length cipher, then the key length will be set to the value of the recovered key length. -If the cipher is a fixed length cipher then the recovered key length +If the cipher is a fixed length cipher, then the recovered key length must match the fixed cipher length. .Sh RETURN VALUES .Fn EVP_OpenInit diff --git a/lib/libcrypto/man/EVP_SealInit.3 b/lib/libcrypto/man/EVP_SealInit.3 index 15938fcb33c..9da41924860 100644 --- a/lib/libcrypto/man/EVP_SealInit.3 +++ b/lib/libcrypto/man/EVP_SealInit.3 @@ -128,7 +128,7 @@ It must contain enough room for the corresponding cipher's IV, as determined by (for example) .Fn EVP_CIPHER_iv_length type . .Pp -If the cipher does not require an IV then the +If the cipher does not require an IV, then the .Fa iv parameter is ignored and can be .Dv NULL . diff --git a/lib/libcrypto/man/PKCS7_verify.3 b/lib/libcrypto/man/PKCS7_verify.3 index 42c3338e672..f277d8ccaee 100644 --- a/lib/libcrypto/man/PKCS7_verify.3 +++ b/lib/libcrypto/man/PKCS7_verify.3 @@ -145,7 +145,8 @@ if it is not .Dv NULL ) and the signature's checked. .Pp -If all signature's verify correctly then the function is successful. +If all signatures verify correctly, then the function is successful. +\"A possessive does not belong here. .Pp Any of the following flags (OR'ed together) can be passed in the .Fa flags diff --git a/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 b/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 index c89ceec4363..9ff772c6b40 100644 --- a/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 +++ b/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 @@ -204,11 +204,11 @@ actual digest value and is encapsulated in a .Vt DigestInfo structure according to PKCS#1 when signing and this structure is expected (and stripped off) when verifying. -If this control is not used with RSA and PKCS#1 padding then the +If this control is not used with RSA and PKCS#1 padding, then the supplied data is used directly and not encapsulated. In the case of X9.31 padding for RSA the algorithm identifier byte is added or checked and removed if this control is called. -If it is not called then the first byte of the plaintext buffer is +If it is not called, then the first byte of the plaintext buffer is expected to be the algorithm identifier byte. .Pp The diff --git a/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 b/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 index 56e1564a63c..063facd1222 100644 --- a/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 +++ b/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 @@ -121,7 +121,7 @@ of length .Fa len . If .Fa len -is -1 then the field length is calculated internally using +is -1, then the field length is calculated internally using .Fn strlen bytes . .Pp The type of field is determined by diff --git a/lib/libssl/man/BIO_f_ssl.3 b/lib/libssl/man/BIO_f_ssl.3 index 86432002855..648313437ff 100644 --- a/lib/libssl/man/BIO_f_ssl.3 +++ b/lib/libssl/man/BIO_f_ssl.3 @@ -222,7 +222,7 @@ must be at least 512 bytes. .Fn BIO_set_ssl_renegotiate_timeout sets the renegotiate timeout to .Fa seconds . -When the renegotiate timeout elapses the session is automatically renegotiated. +When the renegotiate timeout elapses, the session is automatically renegotiated. .Pp .Fn BIO_get_num_renegotiates returns the total number of session renegotiations due to I/O or timeout. diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8 index 5e699e37280..c9ba46149b0 100644 --- a/libexec/ftpd/ftpd.8 +++ b/libexec/ftpd/ftpd.8 @@ -345,13 +345,14 @@ Once a user is authenticated the user must be approved by any approval script defined (see .Xr login.conf 5 ) . If a valid approval script (by either :approve=...: or :approve-ftp=...: -for the user's class) is defined then it is run and must exit with a 0 +for the user's class) is defined, then it is run and must exit with a 0 (success) status. When .Nm is running under the .Fl D -flag (and debugging is not turned on) then the approval script will be +flag (and debugging is not turned on), the approval script will be +\""[T]hen" was unnecessary in the above sentence. called with at least the following variables specified via the .Fl v option (see diff --git a/sbin/fdisk/fdisk.8 b/sbin/fdisk/fdisk.8 index 6a466d90b6d..a41fd0dc011 100644 --- a/sbin/fdisk/fdisk.8 +++ b/sbin/fdisk/fdisk.8 @@ -113,7 +113,7 @@ will completely overwrite the primary MBR bootcode and MBR partition table. .Pp If .Fl g -is not specified then the MBR will be overwritten by +is not specified, then the MBR will be overwritten by the default MBR template .Pa /usr/mdec/mbr (or the one optionally specified by the diff --git a/share/man/man4/audio.4 b/share/man/man4/audio.4 index 94a1c227c2f..00d099e392d 100644 --- a/share/man/man4/audio.4 +++ b/share/man/man4/audio.4 @@ -166,11 +166,13 @@ Bytes per sample; if specified, it must be large enough to hold all bits. By default it's set to the smallest power of two large enough to hold .Va bits . .It Va sig -If set (i.e. non-zero) then the samples are signed, -otherwise they are unsigned. +If set (i.e., non-zero), then the samples are signed; +otherwise, they are unsigned. +\"This sentence was a run-on. .It Va le If set, then the byte order is little endian; -if not it is big endian; +if not, it is big endian; +\""[I]f not" is an introductory phrase, and introductory phrases are followed by commas. -it's meaningful only if +It's meaningful only if +\"The capitalisation of this sentence was fixed. .Va bps > 1. diff --git a/share/man/man4/midi.4 b/share/man/man4/midi.4 index a99c672f398..3de2f3f778e 100644 --- a/share/man/man4/midi.4 +++ b/share/man/man4/midi.4 @@ -254,8 +254,9 @@ full and the application may be blocked. The other common reason for MIDI data being delayed is the system load. Processes cannot be preempted while running in kernel mode. -If there are too much processes running concurrently (especially -if they are running a lot of expensive system calls) then the +If there are too many processes running concurrently (especially +if they are running a lot of expensive system calls), then the +\""Much" refers to uncountable things, whereas "many" refers to countable things. #{PROCESS : PROCESS IS RUNNING} is countable. scheduling of a real-time MIDI application may be delayed. Even on low-end machines this delay hardly reaches a few milliseconds provided that the system load is reasonable. diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index e81198370c9..0b416157b58 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -1875,7 +1875,7 @@ in a brace-delimited block. In that case, no separate loading of rules into the anchor is required. Brace delimited blocks may contain rules or other brace-delimited blocks. -When an anchor is populated this way the anchor name becomes optional. +When an anchor is populated this way, the anchor name becomes optional. Since the parser specification for anchor names is a string, double quote characters .Pq Sq \&" diff --git a/usr.bin/openssl/openssl.1 b/usr.bin/openssl/openssl.1 index e364586f5ad..7c0af459fae 100644 --- a/usr.bin/openssl/openssl.1 +++ b/usr.bin/openssl/openssl.1 @@ -243,7 +243,7 @@ or both, using the format described in .Xr ASN1_generate_nconf 3 . If only .Ar file -is present then the string is obtained from the default section +is present, then the string is obtained from the default section using the name .Dq asn1 . The encoded data is passed through the ASN.1 parser and printed out as @@ -613,9 +613,9 @@ field. The .Ar section of the configuration file containing CRL extensions to include. -If no CRL extension section is present then a V1 CRL is created; +If no CRL extension section is present, then a V1 CRL is created; if the CRL extension section is present -(even if it is empty) +(even if it is empty), then a V2 CRL is created. The CRL extensions specified are CRL extensions and not CRL entry extensions. It should be noted that some software can't handle V2 CRLs. @@ -1121,7 +1121,7 @@ commands. .It Fl binary Normally the input message is converted to "canonical" format which is effectively using CR/LF as end of line, as required by the S/MIME specification. -When this option is present no translation occurs. +When this option is present, no translation occurs. This is useful when handling binary data which may not be in MIME format. .It Fl CAfile Ar file A file containing trusted CA certificates, used with @@ -1141,8 +1141,8 @@ should be linked to each certificate. One or more certificates of message recipients: used when encrypting a message. .It Fl certfile Ar file Allows additional certificates to be specified. -When signing these will be included with the message. -When verifying these will be searched for the signer's certificates. +When signing, these will be included with the message. +When verifying, these will be searched for the signer's certificates. The certificates should be in PEM format. .It Fl certsout Ar file A file that any certificates contained in the message are written to. @@ -1188,12 +1188,12 @@ manual page for details of the flag. The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. -If signing then many S/MIME mail clients check the signer's certificate's +If signing, then many S/MIME mail clients check the signer's certificate's email address matches that specified in the From: address. .It Fl econtent_type Ar type Set the encapsulated content type, used with .Fl sign . -If not supplied the Data type is used. +If not supplied, the Data type is used. The type argument can be any valid OID name in either text or numerical format. .It Fl in Ar file The input message to be encrypted or signed or the message to be decrypted or @@ -1216,13 +1216,13 @@ this option has no effect. .It Fl inkey Ar file The private key to use when signing or decrypting. This must match the corresponding certificate. -If this option is not specified then the private key must be included in +If this option is not specified, then the private key must be included in the certificate file specified with the .Fl recip or .Fl signer file. -When signing this option can be used multiple times to specify successive keys. +When signing, this option can be used multiple times to specify successive keys. .It Fl keyform Cm der | pem Input private key format. The default is @@ -1244,7 +1244,7 @@ encryption or to modify default parameters for ECDH. This option can be used multiple times. .It Fl md Ar digest The digest algorithm to use when signing or resigning. -If not present then the default digest algorithm for the signing key +If not present, then the default digest algorithm for the signing key will be used (usually SHA1). .It Fl no_attr_verify Do not verify the signer's attribute of a signature. @@ -1265,7 +1265,7 @@ the .Fl certfile option for example). .It Fl nodetach -When signing a message use opaque signing. +When signing a message, use opaque signing. This form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is @@ -1349,7 +1349,7 @@ operation. Add an explicit email address where signed receipts should be sent to. This option must be supplied if a signed receipt is requested. .It Fl recip Ar file -When decrypting a message this specifies the recipient's certificate. +When decrypting a message, this specifies the recipient's certificate. The certificate must match one of the recipients of the message or an error occurs. When encrypting a message this option may be used multiple times to @@ -1388,7 +1388,7 @@ then an attempt is used to decrypt any KEKRecipientInfo structures. .It Fl signer Ar file A signing certificate when signing or resigning a message; this option can be used multiple times if more than one signer is required. -If a message is being verified then the signers certificates will be +If a message is being verified, then the signers certificates will be written to this file if the verification was successful. .It Xo .Fl stream | @@ -1413,8 +1413,8 @@ This option currently has no effect. .It Fl text Add plain text (text/plain) MIME headers to the supplied message if encrypting or signing. -If decrypting or verifying it strips off text headers: if the decrypted -or verified message is not of MIME type text/plain then an error occurs. +If decrypting or verifying, it strips off text headers: if the decrypted +or verified message is not of MIME type text/plain, then an error occurs. .It Fl verify_retcode Set verification error code to exit code to indicate what verification error has occurred. @@ -1688,7 +1688,7 @@ or .Qq Verification Failure . .It Ar File or files to digest. -If no files are specified then standard input is used. +If no files are specified, then standard input is used. .El .Tg dhparam .Sh DHPARAM @@ -1834,7 +1834,7 @@ Do not output the encoded version of the key. .It Fl out Ar file The output file to write to, or standard output if not specified. -If any encryption options are set then a pass phrase will be +If any encryption options are set, then a pass phrase will be prompted for. .It Fl outform Cm der | pem | pvk The output format. @@ -1971,7 +1971,8 @@ Encrypt the private key with DES, triple DES, or any other cipher supported by .Nm openssl . A pass phrase is prompted for. -If none of these options is specified the key is written in plain text. +If none of these options are specified, the key is written in plain text. +\""[I]s" was changed to "are" to maintain consistency with the rest of this manual page. This means that using the .Nm ec utility to read in an encrypted key with no @@ -1982,7 +1983,7 @@ These options can only be used with PEM format output files. .It Fl in Ar file The input file to read a key from, or standard input if not specified. -If the key is encrypted a pass phrase will be prompted for. +If the key is encrypted, a pass phrase will be prompted for. .It Fl inform Cm der | pem The input format. .It Fl noout @@ -1990,7 +1991,7 @@ Do not output the encoded version of the key. .It Fl out Ar file The output filename to write to, or standard output if not specified. -If any encryption options are set then a pass phrase will be prompted for. +If any encryption options are set, then a pass phrase will be prompted for. .It Fl outform Cm der | pem The output format. .It Fl param_enc Ar arg @@ -2881,8 +2882,9 @@ options or they will be looked for in the standard certificates directory. .Pp If the initial verify fails, the OCSP verify process halts with an error. -Otherwise the issuing CA certificate in the request is compared to the OCSP -responder certificate: if there is a match then the OCSP verify succeeds. +Otherwise, the issuing CA certificate in the request is compared to the OCSP +\""Otherwise" functions as an introductory word, and introductory words are always followed by commas. +responder certificate: if there is a match, then the OCSP verify succeeds. .Pp Otherwise the OCSP responder certificate's CA is checked against the issuing CA certificate in the request. @@ -3229,7 +3231,7 @@ Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name can be used. If a cipher name (as output by the .Cm list-cipher-algorithms -command) is specified then it +command) is specified, then it is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only use PKCS#12 algorithms. .It Fl chain @@ -3356,7 +3358,7 @@ is acceptable, such as .It Fl in Ar file The input file to read from, or standard input if not specified. -If the key is encrypted a pass phrase will be prompted for. +If the key is encrypted, a pass phrase will be prompted for. .It Fl inform Cm der | pem The input format. .It Fl noout @@ -3364,7 +3366,7 @@ Do not output the encoded version of the key. .It Fl out Ar file The output file to write to, or standard output if not specified. -If any encryption options are set then a pass phrase +If any encryption options are set, then a pass phrase will be prompted for. .It Fl outform Cm der | pem The output format. @@ -3513,9 +3515,10 @@ and .Cm pss for PSS. .Pp -In PKCS#1 padding if the message digest is not set then the supplied data is +In PKCS#1 padding, if the message digest is not set, then the supplied data is +\""In PKCS#1 padding" functions as an introductory phrase, and introductory phrases are followed by commas. signed or verified directly instead of using a DigestInfo structure. -If a digest is set then a DigestInfo +If a digest is set, then a DigestInfo structure is used and its length must correspond to the digest type. For oeap mode only encryption and decryption is supported. @@ -3529,8 +3532,8 @@ For pss mode only this option specifies the salt length. Two special values are supported: -1 sets the salt length to the digest length. -When signing -2 sets the salt length to the maximum permissible value. -When verifying -2 causes the salt length to be automatically determined +When signing, -2 sets the salt length to the maximum permissible value. +When verifying, -2 causes the salt length to be automatically determined +\"For all introductory phrases, a comma should follow an introductory phrase. based on the PSS block structure. .El .Pp @@ -4556,7 +4559,7 @@ Return verification error. When used with .Fl starttls Ar xmpp , specify the host for the "to" attribute of the stream element. -If this option is not specified then the host specified with +If this option is not specified, then the host specified with .Fl connect will be used. .El @@ -5202,7 +5205,7 @@ Normally, the input message is converted to .Qq canonical format which uses CR/LF as end of line, as required by the S/MIME specification. -When this option is present no translation occurs. +When this option is present, no translation occurs. This is useful when handling binary data which may not be in MIME format. .It Fl CAfile Ar file A @@ -5290,7 +5293,8 @@ The default is .Cm pem . .It Fl md Ar digest The digest algorithm to use when signing or resigning. -If not present then the default digest algorithm for the signing key is used +If not present, then the default digest algorithm for the signing key is used +\""If not present" is an introductory phrase. (usually SHA1). .It Fl noattr Do not include attributes. @@ -5601,7 +5605,7 @@ The policy that the client expects the TSA to use for creating the time stamp token. Either dotted OID notation or OID names defined in the config file can be used. -If no policy is requested the TSA uses its own default policy. +If no policy is requested, the TSA uses its own default policy. .It Fl text Output in human-readable text format instead of DER. .El @@ -5662,7 +5666,7 @@ The key password source. The default policy to use for the response. Either dotted OID notation or OID names defined in the config file can be used. -If no policy is requested the TSA uses its own default policy. +If no policy is requested, the TSA uses its own default policy. .It Fl queryfile Ar request.tsq The file containing a DER-encoded time stamp request. .It Fl section Ar tsa_section @@ -5835,7 +5839,7 @@ If this option is set to yes and either the .Cm certs variable or the .Fl chain -option is specified then the certificate identifiers of the chain will also +option is specified, then the certificate identifiers of the chain will also be included in the SigningCertificate signed attribute. If this variable is set to no, only the signing certificate identifier is included. @@ -5907,7 +5911,7 @@ The should contain one or more CRLs in PEM format. .It Fl crl_check Check end entity certificate validity by attempting to look up a valid CRL. -If a valid CRL cannot be found an error occurs. +If a valid CRL cannot be found, an error occurs. .It Fl crl_check_all Check the validity of all certificates in the chain by attempting to look up valid CRLs. @@ -6033,7 +6037,7 @@ The certificate signatures are also checked at this point. .Pp If all operations complete successfully, the certificate is considered valid. -If any operation fails then the certificate is not valid. +If any operation fails, then the certificate is not valid. When a verify operation fails, the output messages can be somewhat cryptic. The general form of the error message is: .Bd -literal @@ -6560,7 +6564,7 @@ Print the full certificate in text form. A trusted certificate is a certificate which has several additional pieces of information attached to it such as the permitted and prohibited uses of the certificate and an alias. -When a certificate is being verified at least one certificate must be trusted. +When a certificate is being verified, at least one certificate must be trusted. By default, a trusted certificate must be stored locally and be a root CA. The following are x509 trust settings options: .Bl -tag -width "XXXX" diff --git a/usr.bin/rdist/rdist.1 b/usr.bin/rdist/rdist.1 index 0a9734d48e3..eabf3b2d7ae 100644 --- a/usr.bin/rdist/rdist.1 +++ b/usr.bin/rdist/rdist.1 @@ -285,7 +285,8 @@ When .Ic savetargets and .Ic history -are both defined then the target file that is updated is first renamed from +are both defined, the target file that is updated is first renamed from +\""[T]hen" was unnecessary in this sentence. .Pa file to .Pa file.NNN @@ -570,7 +571,7 @@ commands that are to be executed on the remote host after the file in is updated or installed. If the .Ar name list -is omitted then the shell commands will be executed for every file +is omitted, then the shell commands will be executed for every file updated or installed. .Ar string starts and ends with `"' and can cross multiple lines in diff --git a/usr.bin/ssh/sftp.1 b/usr.bin/ssh/sftp.1 index 1cfa5ec229e..9c0c3883389 100644 --- a/usr.bin/ssh/sftp.1 +++ b/usr.bin/ssh/sftp.1 @@ -438,7 +438,7 @@ If the flag is specified, then attempt to resume partial transfers of existing files. Note that resumption assumes that any partial copy of the local file matches the remote copy. -If the remote file contents differ from the partial local copy then the +If the remote file contents differ from the partial local copy, then the resultant file is likely to be corrupt. .Pp If the diff --git a/usr.bin/ssh/ssh-keygen.1 b/usr.bin/ssh/ssh-keygen.1 index 3ae596caac8..b2e5a1d2910 100644 --- a/usr.bin/ssh/ssh-keygen.1 +++ b/usr.bin/ssh/ssh-keygen.1 @@ -541,7 +541,7 @@ new passphrase. Test whether keys have been revoked in a KRL. If the .Fl l -option is also specified then the contents of the KRL will be printed. +option is also specified, then the contents of the KRL will be printed. .It Fl q Silence .Nm ssh-keygen . diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 555317887e1..f32248475b0 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -468,9 +468,10 @@ Valid commands are: .Pp .It Fl o Ar option Can be used to give options in the format used in the configuration file. -This is useful for specifying options for which there is no separate -command-line flag. -For full details of the options listed below, and their possible values, see +This is useful for specifying options for which there are no separate +command-line flags. +For full details and possible values of the options listed below, see +\"The previous wording could potentially be a bit confusing. .Xr ssh_config 5 . .Pp .Bl -tag -width Ds -offset indent -compact @@ -641,11 +642,10 @@ This works by allocating a socket to listen to either a TCP or to a Unix socket on the remote side. Whenever a connection is made to this port or Unix socket, the connection is forwarded over the secure channel, and a connection -is made from the local machine to either an explicit destination specified by +is made from the local machine to either explicit destination specified by .Ar host port .Ar hostport , -or .Ar local_socket , or, if no explicit destination was specified, .Nm @@ -710,7 +710,7 @@ Disable pseudo-terminal allocation. Force pseudo-terminal allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, -e.g. when implementing menu services. +e.g., when implementing menu services. Multiple .Fl t options force tty allocation, even if @@ -744,7 +744,7 @@ Implies .Cm ExitOnForwardFailure and .Cm ClearAllForwardings , -though these can be overridden in the configuration file or using +though these can be overridden in the configuration file or by using .Fl o command line options. .Pp diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 723b43ebc80..8f59b89691f 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -187,7 +187,7 @@ match during the same pass. The .Cm exec keyword executes the specified command under the user's shell. -If the command returns a zero exit status then the condition is considered true. +If the command returns a zero exit status, then the condition is considered true. Commands containing whitespace characters must be quoted. Arguments to .Cm exec @@ -699,7 +699,7 @@ Users with the ability to bypass file permissions on the remote host (for the agent's Unix-domain socket) can access the local agent through the forwarded connection. An attacker cannot obtain key material from the agent, -however they can perform operations on the keys that enable them to +although they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent. .It Cm ForwardX11 Specifies whether X11 connections will be automatically redirected @@ -879,7 +879,7 @@ sk-ssh-ed25...@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp -If hostkeys are known for the destination host then this default is modified +If hostkeys are known for the destination host, then this default is modified to prefer their algorithms. .Pp The list of available key types may also be obtained using @@ -1451,10 +1451,11 @@ The first argument is the listening specification and may be .Oo Ar bind_address : Oc Ar port .Sm on or, if the remote host supports it, a Unix domain socket path. -If forwarding to a specific destination then the second argument must be +If forwarding to a specific destination, then the second argument must be .Ar host : Ns Ar hostport -or a Unix domain socket path, -otherwise if no destination argument is specified then the remote forwarding +or a Unix domain socket path; +otherwise, if no destination argument is specified, then the remote forwarding +\"This sentence was a run-on. will be established as a SOCKS proxy. .Pp IPv6 addresses can be specified by enclosing addresses in square brackets. @@ -1941,7 +1942,7 @@ variables on the client by enclosing them in for example .Ic ${HOME}/.ssh would refer to the user's .ssh directory. -If a specified environment variable does not exist then an error will be +If a specified environment variable does not exist, then an error will be returned and the setting for that keyword will be ignored. .Pp The keywords diff --git a/usr.bin/usbhidaction/usbhidaction.1 b/usr.bin/usbhidaction/usbhidaction.1 index 595159d6bc4..3bc435c274e 100644 --- a/usr.bin/usbhidaction/usbhidaction.1 +++ b/usr.bin/usbhidaction/usbhidaction.1 @@ -85,7 +85,7 @@ The item names are similar to those used by but each part must be prefixed by its page name. .Pp The value is simply a numeric value. -When the item reports this value the action will be performed. +When the item reports this value, the action will be performed. If the value is `*' it will match any value. .Pp The action is a normal command that is executed by using diff --git a/usr.sbin/pppd/chat/chat.8 b/usr.sbin/pppd/chat/chat.8 index ced14861456..271a8c828c3 100644 --- a/usr.sbin/pppd/chat/chat.8 +++ b/usr.sbin/pppd/chat/chat.8 @@ -82,7 +82,7 @@ Pass in an arbitrary string, usually a phone number, that will be substituted for the \eT substitution metacharacter in a send string. .It Fl t Ar timeout Set the timeout for the expected string to be received. -If the string is not received within the time limit then the reply string +If the string is not received within the time limit, then the reply string is not sent. An alternate reply may be sent or the script will fail if there is no alternate reply string. @@ -207,7 +207,7 @@ This would be a better script than the simple one used earlier. This would look for the same login: prompt. If one is not received, a single return sequence is sent and then it will look for login: again. -Should line noise obscure the first login prompt then sending the empty line +Should line noise obscure the first login prompt, sending the empty line will usually generate a login prompt again. .Sh COMMENTS Comments can be embedded in the chat script. @@ -501,7 +501,7 @@ Those which are not valid in the expect sequence are so indicated. .Bl -tag -width Ds .It '' Expects or sends a null string. -If you send a null string then it will still send the return character. +If you send a null string, then it will still send the return character. This sequence may be a pair of either apostrophe or quote characters. .It \eb Represents a backspace character. @@ -629,4 +629,4 @@ The .Nm program is in the public domain. This is not the GNU public license. -If it breaks then you get to keep both pieces. +If it breaks, then you get to keep both pieces. diff --git a/usr.sbin/snmpd/snmpd.conf.5 b/usr.sbin/snmpd/snmpd.conf.5 index ce1f3c349d0..5a88f558281 100644 --- a/usr.sbin/snmpd/snmpd.conf.5 +++ b/usr.sbin/snmpd/snmpd.conf.5 @@ -228,7 +228,7 @@ The .Ic authkey keyword is required to specify the digest key used to authenticate messages. -If this keyword is omitted then authentication is disabled +If this keyword is omitted, then authentication is disabled for this user account. Optionally the HMAC algorithm used for authentication can be specified. .Ar hmac diff --git a/usr.sbin/tcpdump/tcpdump.8 b/usr.sbin/tcpdump/tcpdump.8 index 37402e53a27..8173e528825 100644 --- a/usr.sbin/tcpdump/tcpdump.8 +++ b/usr.sbin/tcpdump/tcpdump.8 @@ -161,7 +161,7 @@ or .Dl # tcpdump -l > dat & tail -f dat .It Fl N Do not print domain name qualification of host names. -For example, if you specify this flag then +For example, if you specify this flag, then .Nm will print .Dq nic diff --git a/usr.sbin/unbound/testcode/streamtcp.1 b/usr.sbin/unbound/testcode/streamtcp.1 index f02b168d2ac..e7a64cad450 100644 --- a/usr.sbin/unbound/testcode/streamtcp.1 +++ b/usr.sbin/unbound/testcode/streamtcp.1 @@ -23,7 +23,7 @@ sends a DNS Query of the given \fBtype\fR and \fBclass\fR for the given \fBname\fR to the DNS server over TCP and displays the response. .P -If the server to query is not given using the \fB\-f\fR option then localhost +If the server to query is not given using the \fB\-f\fR option, then localhost (127.0.0.1) is used. More queries can be given on one commandline, they are resolved in sequence. .P diff --git a/usr.sbin/vipw/vipw.8 b/usr.sbin/vipw/vipw.8 index f014901e361..3bd5973a9ed 100644 --- a/usr.sbin/vipw/vipw.8 +++ b/usr.sbin/vipw/vipw.8 @@ -77,7 +77,7 @@ Which type of cipher is used to encrypt the password information depends on the configuration in .Xr login.conf 5 . .Sh ENVIRONMENT -If the following environment variable exists it will be utilized by +If the following environment variable exists, it will be utilized by .Nm vipw : .Bl -tag -width EDITOR .It Ev EDITOR diff --git a/usr.sbin/ypserv/mkalias/mkalias.8 b/usr.sbin/ypserv/mkalias/mkalias.8 index cd3d8d4c751..5abbd4112d9 100644 --- a/usr.sbin/ypserv/mkalias/mkalias.8 +++ b/usr.sbin/ypserv/mkalias/mkalias.8 @@ -72,7 +72,8 @@ Verbose mode. Use this map as input. .It Ar output Use this map as output. -If the output map isn't given don't create database. +If the output map isn't given, don't create a database. +\"An article was also needed in this sentence. Can be useful together with .Fl E or diff --git a/usr.sbin/ypserv/ypserv/ypserv.8 b/usr.sbin/ypserv/ypserv/ypserv.8 index 11dc16876ab..3f8fe3fe036 100644 --- a/usr.sbin/ypserv/ypserv/ypserv.8 +++ b/usr.sbin/ypserv/ypserv/ypserv.8 @@ -68,12 +68,12 @@ This file can have any name since it's given by the argument to .Fl a (use full path). .Pp -If a host isn't secure all queries to the server will result in a YP_NODOM +If a host isn't secure, all queries to the server will result in a YP_NODOM result. .Pp If the file .Pa /var/yp/ypserv.log -exists then messages will be written to the file. +exists, then messages will be written to the file. .Pp If a directory named the same as the system domainname exists in .Pa /var/yp diff --git a/usr.sbin/ypserv/ypserv/ypserv.acl.5 b/usr.sbin/ypserv/ypserv/ypserv.acl.5 index 2a3e50a4713..42af8ac8a55 100644 --- a/usr.sbin/ypserv/ypserv/ypserv.acl.5 +++ b/usr.sbin/ypserv/ypserv/ypserv.acl.5 @@ -61,7 +61,7 @@ or failure depending on which of or .Ic deny was specified. -If no match was found in the list success is returned. +If no match was found in the list, success is returned. .Pp If access is denied every call will cause a .Dq no such domain @@ -92,7 +92,7 @@ has more than one IP address, they will all be added to the list. .Pp If the .Cm netmask -part of the command isn't given then the netmask will be assumed to be a +part of the command isn't given, then the netmask will be assumed to be a class A, B or C net depending on the net number. .Pp .D1 Ic allow Ns | Ns Ic deny Cm all ===== END DIFFS =====