RT4593: Add space after comma (doc nits)

Update find-doc-nits to find errors in SYNOPSIS (the most common
place where they were missing).

Reviewed-by: Matt Caswell <matt@openssl.org>

crypto/bn/README.pod

@@ -36,9 +36,9 @@ library internal functions
    int nb);
  void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
  void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-   int dna,int dnb,BN_ULONG *tmp);
+   int dna, int dnb, BN_ULONG *tmp);
  void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
-   int n, int tna,int tnb, BN_ULONG *tmp);
+   int n, int tna, int tnb, BN_ULONG *tmp);
  void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
    int n2, BN_ULONG *tmp);
  void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l,
@@ -96,8 +96,8 @@ bn.top=1.  B<neg> is 1 if the number is negative.  When a B<BIGNUM> is
 B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
 
 B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The
-flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and
-BN_get_flags(b,n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
+flags begin with B<BN_FLG_>. The macros BN_set_flags(b, n) and
+BN_get_flags(b, n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
 structure B<b>.
 
 Various routines in this library require the use of temporary
@@ -124,7 +124,7 @@ bn_sqr_words(B<rp>, B<ap>, B<n>) operates on the B<num> word array
 B<ap> and the 2*B<num> word array B<ap>.  It computes B<ap> * B<ap>
 word-wise, and places the low and high bytes of the result in B<rp>.
 
-bn_div_words(B<h>, B<l>, B<d>) divides the two word number (B<h>,B<l>)
+bn_div_words(B<h>, B<l>, B<d>) divides the two word number (B<h>, B<l>)
 by B<d> and returns the result.
 
 bn_add_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word

doc/apps/ec.pod

@@ -132,7 +132,7 @@ Possible value are: B<named_curve>, i.e. the ec parameters are
 specified by an OID, or B<explicit> where the ec parameters are
 explicitly given (see RFC 3279 for the definition of the
 EC parameters structures). The default value is B<named_curve>.
-B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+B<Note> the B<implicitlyCA> alternative, as specified in RFC 3279,
 is currently not implemented in OpenSSL.
 
 =item B<-no_public>

doc/apps/ecparam.pod

@@ -104,7 +104,7 @@ Possible value are: B<named_curve>, i.e. the ec parameters are
 specified by an OID, or B<explicit> where the ec parameters are
 explicitly given (see RFC 3279 for the definition of the
 EC parameters structures). The default value is B<named_curve>.
-B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+B<Note> the B<implicitlyCA> alternative, as specified in RFC 3279,
 is currently not implemented in OpenSSL.
 
 =item B<-no_seed>

doc/crypto/BF_encrypt.pod

@@ -22,8 +22,8 @@ BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption
          long length, BF_KEY *schedule, unsigned char *ivec, int *num);
  const char *BF_options(void);
 
- void BF_encrypt(BF_LONG *data,const BF_KEY *key);
- void BF_decrypt(BF_LONG *data,const BF_KEY *key);
+ void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data, const BF_KEY *key);
 
 =head1 DESCRIPTION
 

doc/crypto/BIO_f_ssl.pod

@@ -18,7 +18,7 @@ BIO_ssl_shutdown - SSL BIO
 
  const BIO_METHOD *BIO_f_ssl(void);
 
- long BIO_set_ssl(BIO *b,SSL *ssl, long c);
+ long BIO_set_ssl(BIO *b, SSL *ssl, long c);
  long BIO_get_ssl(BIO *b, SSL **sslp);
  long BIO_set_ssl_mode(BIO *b, long client);
  long BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
@@ -212,7 +212,7 @@ a client and also echoes the request to standard output.
  /* XXX Other things like set verify locations, EDH temp callbacks. */
 
  /* New SSL BIO setup as server */
- sbio = BIO_new_ssl(ctx,0);
+ sbio = BIO_new_ssl(ctx, 0);
  BIO_get_ssl(sbio, &ssl);
  if (ssl == NULL) {
      fprintf(stderr, "Can't locate SSL pointer\n");

doc/crypto/BIO_find_type.pod

@@ -8,7 +8,7 @@ BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal
 
  #include <openssl/bio.h>
 
- BIO *BIO_find_type(BIO *b,int bio_type);
+ BIO *BIO_find_type(BIO *b, int bio_type);
  BIO *BIO_next(BIO *b);
  int BIO_method_type(const BIO *b);
 
@@ -24,7 +24,7 @@ found.
 The following general types are defined:
 B<BIO_TYPE_DESCRIPTOR>, B<BIO_TYPE_FILTER>, and B<BIO_TYPE_SOURCE_SINK>.
 
-For a list of the defined types, see the B<openssl/bio.h> header file.
+For a list of the specific types, see the B<openssl/bio.h> header file.
 
 BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs
 in a chain or used in conjunction with BIO_find_type() to find all BIOs of a

doc/crypto/BIO_new.pod

@@ -9,7 +9,7 @@ BIO_new, BIO_set, BIO_up_ref, BIO_free, BIO_vfree, BIO_free_all - BIO allocation
  #include <openssl/bio.h>
 
  BIO *  BIO_new(const BIO_METHOD *type);
- int    BIO_set(BIO *a,const BIO_METHOD *type);
+ int    BIO_set(BIO *a, const BIO_METHOD *type);
  int    BIO_up_ref(BIO *a);
  int    BIO_free(BIO *a);
  void   BIO_vfree(BIO *a);

doc/crypto/BIO_push.pod

@@ -8,7 +8,7 @@ BIO_push, BIO_pop, BIO_set_next - add and remove BIOs from a chain
 
  #include <openssl/bio.h>
 
- BIO *BIO_push(BIO *b,BIO *append);
+ BIO *BIO_push(BIO *b, BIO *append);
  BIO *BIO_pop(BIO *b);
  void BIO_set_next(BIO *b, BIO *next);
 

doc/crypto/BIO_s_file.pod

@@ -14,8 +14,8 @@ BIO_rw_filename - FILE bio
  BIO *BIO_new_file(const char *filename, const char *mode);
  BIO *BIO_new_fp(FILE *stream, int flags);
 
- BIO_set_fp(BIO *b,FILE *fp, int flags);
- BIO_get_fp(BIO *b,FILE **fpp);
+ BIO_set_fp(BIO *b, FILE *fp, int flags);
+ BIO_get_fp(BIO *b, FILE **fpp);
 
  int BIO_read_filename(BIO *b, char *name)
  int BIO_write_filename(BIO *b, char *name)

doc/crypto/BIO_s_mem.pod

@@ -13,10 +13,10 @@ BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO
  const BIO_METHOD *     BIO_s_mem(void);
  const BIO_METHOD *     BIO_s_secmem(void);
 
- BIO_set_mem_eof_return(BIO *b,int v)
+ BIO_set_mem_eof_return(BIO *b, int v)
  long BIO_get_mem_data(BIO *b, char **pp)
- BIO_set_mem_buf(BIO *b,BUF_MEM *bm,int c)
- BIO_get_mem_ptr(BIO *b,BUF_MEM **pp)
+ BIO_set_mem_buf(BIO *b, BUF_MEM *bm, int c)
+ BIO_get_mem_ptr(BIO *b, BUF_MEM **pp)
 
  BIO *BIO_new_mem_buf(const void *buf, int len);
 

doc/crypto/BIO_set_callback.pod

@@ -100,8 +100,8 @@ after.
 
 =item B<BIO_ctrl(BIO *b, int cmd, long larg, void *parg)>
 
-callback(b,BIO_CB_CTRL,parg,cmd,larg,1L) is called before the call and
-callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, larg,ret) after.
+callback(b, BIO_CB_CTRL, parg, cmd, larg, 1L) is called before the call and
+callback(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret) after.
 
 =back
 

doc/crypto/BN_BLINDING_new.pod

@@ -15,7 +15,7 @@ BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functi
  BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
         BIGNUM *mod);
  void BN_BLINDING_free(BN_BLINDING *b);
- int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
  int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
  int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
  int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,

doc/crypto/BN_generate_prime.pod

@@ -11,12 +11,12 @@ for primality
 
  #include <openssl/bn.h>
 
- int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add,
+ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
      const BIGNUM *rem, BN_GENCB *cb);
 
- int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
 
- int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
+ int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
      int do_trial_division, BN_GENCB *cb);
 
  int BN_GENCB_call(BN_GENCB *cb, int a, int b);

doc/crypto/DH_generate_parameters.pod

@@ -9,7 +9,7 @@ DH_check - generate and check Diffie-Hellman parameters
 
  #include <openssl/dh.h>
 
- int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
+ int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
 
  int DH_check(DH *dh, int *codes);
 

doc/crypto/DSA_generate_parameters.pod

@@ -9,7 +9,7 @@ DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
  #include <openssl/dsa.h>
 
  int DSA_generate_parameters_ex(DSA *dsa, int bits,
-                const unsigned char *seed,int seed_len,
+                const unsigned char *seed, int seed_len,
                 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
 
 Deprecated:

doc/crypto/EVP_BytesToKey.pod

@@ -8,10 +8,10 @@ EVP_BytesToKey - password based encryption routine
 
  #include <openssl/evp.h>
 
- int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
-                       const unsigned char *salt,
-                       const unsigned char *data, int datal, int count,
-                       unsigned char *key,unsigned char *iv);
+ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+                    const unsigned char *salt,
+                    const unsigned char *data, int datal, int count,
+                    unsigned char *key, unsigned char *iv);
 
 =head1 DESCRIPTION
 

doc/crypto/EVP_DigestInit.pod

@@ -24,13 +24,13 @@ EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines
  int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
         unsigned int *s);
 
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
 
  int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
  int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
         unsigned int *s);
 
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
 
  int EVP_MD_type(const EVP_MD *md);
  int EVP_MD_pkey_type(const EVP_MD *md);

doc/crypto/EVP_OpenInit.pod

@@ -8,8 +8,8 @@ EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
 
  #include <openssl/evp.h>
 
- int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
-                int ekl,unsigned char *iv,EVP_PKEY *priv);
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
+                int ekl, unsigned char *iv, EVP_PKEY *priv);
  int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
          int *outl, unsigned char *in, int inl);
  int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,

doc/crypto/EVP_PKEY_encrypt.pod

@@ -59,7 +59,7 @@ set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
  /* NB: assumes eng, key, in, inlen are already set up,
   * and that key is an RSA public key
   */
- ctx = EVP_PKEY_CTX_new(key,eng);
+ ctx = EVP_PKEY_CTX_new(key, eng);
  if (!ctx)
         /* Error occurred */
  if (EVP_PKEY_encrypt_init(ctx) <= 0)

doc/crypto/EVP_PKEY_keygen.pod

@@ -134,15 +134,15 @@ Example of generation callback for OpenSSL public key implementations:
 
  static int genpkey_cb(EVP_PKEY_CTX *ctx)
         {
-        char c='*';
+        char c = '*';
         BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
         int p;
         p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
-        if (p == 0) c='.';
-        if (p == 1) c='+';
-        if (p == 2) c='*';
-        if (p == 3) c='\n';
-        BIO_write(b,&c,1);
+        if (p == 0) c = '.';
+        if (p == 1) c = '+';
+        if (p == 2) c = '*';
+        if (p == 3) c = '\n';
+        BIO_write(b, &c, 1);
         (void)BIO_flush(b);
         return 1;
         }

doc/crypto/EVP_PKEY_set1_RSA.pod

@@ -14,10 +14,10 @@ EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id
 
  #include <openssl/evp.h>
 
- int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
 
  RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
  DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
@@ -30,10 +30,10 @@ EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id
  DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
  EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);
 
- int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
 
  int EVP_PKEY_id(const EVP_PKEY *pkey);
  int EVP_PKEY_base_id(const EVP_PKEY *pkey);

doc/crypto/EVP_SignInit.pod

@@ -12,7 +12,7 @@ functions
 
  int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
  int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
 
  void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 

doc/crypto/EVP_VerifyInit.pod

@@ -12,7 +12,7 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
 
  int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
  int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey);
 
  int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 

doc/crypto/RSA_generate_key.pod

@@ -14,7 +14,7 @@ Deprecated:
 
  #if OPENSSL_API_COMPAT < 0x00908000L
  RSA *RSA_generate_key(int num, unsigned long e,
-    void (*callback)(int,int,void *), void *cb_arg);
+    void (*callback)(int, int, void *), void *cb_arg);
  #endif
 
 =head1 DESCRIPTION

doc/crypto/RSA_get0_key.pod

@@ -13,7 +13,7 @@ and setting data in an RSA object
 
  int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
  int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
- int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
  void RSA_get0_key(const RSA *r,
                    const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
  void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);

doc/crypto/X509_NAME_ENTRY_get_object.pod

@@ -18,7 +18,7 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
  int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
 
  X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type, unsigned char *bytes, int len);
  X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
 
 =head1 DESCRIPTION

doc/crypto/X509_NAME_add_entry_by_txt.pod

@@ -15,7 +15,7 @@ X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions
 
  int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
 
- int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, int set);
 
  X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
 

doc/crypto/X509_NAME_get_index_by_NID.pod

@@ -10,14 +10,14 @@ X509_NAME lookup and enumeration functions
 
  #include <openssl/x509.h>
 
- int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
- int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
+ int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos);
 
  int X509_NAME_entry_count(X509_NAME *name);
  X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
 
- int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
- int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf, int len);
 
 =head1 DESCRIPTION
 

doc/crypto/X509_NAME_print_ex.pod

@@ -11,7 +11,7 @@ X509_NAME_oneline - X509_NAME printing routines
 
  int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
  int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
- char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+ char * X509_NAME_oneline(X509_NAME *a, char *buf, int size);
  int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
 
 =head1 DESCRIPTION

doc/crypto/X509_STORE_CTX_new.pod

@@ -27,7 +27,7 @@ X509_STORE_CTX_get_verify - X509_STORE_CTX initialisation
 
  void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
 
- void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
+ void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x);
  STACK_OF(X509) *X509_STORE_CTX_get0_chain(X609_STORE_CTX *ctx);
  void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *chain);
  void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);

doc/crypto/X509_STORE_CTX_set_verify_cb.pod

@@ -106,13 +106,13 @@ B<ex_data>.
  int verify_callback(int ok, X509_STORE_CTX *ctx)
         {
         X509 *err_cert;
-        int err,depth;
+        int err, depth;
 
         err_cert = X509_STORE_CTX_get_current_cert(ctx);
         err =   X509_STORE_CTX_get_error(ctx);
         depth = X509_STORE_CTX_get_error_depth(ctx);
 
-        BIO_printf(bio_err,"depth=%d ",depth);
+        BIO_printf(bio_err, "depth=%d ", depth);
         if (err_cert)
                 {
                 X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
@@ -122,27 +122,27 @@ B<ex_data>.
         else
                 BIO_puts(bio_err, "<no cert>\n");
         if (!ok)
-                BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+                BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
                         X509_verify_cert_error_string(err));
         switch (err)
                 {
         case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-                BIO_puts(bio_err,"issuer= ");
+                BIO_puts(bio_err, "issuer= ");
                 X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
                                         0, XN_FLAG_ONELINE);
                 BIO_puts(bio_err, "\n");
                 break;
         case X509_V_ERR_CERT_NOT_YET_VALID:
         case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-                BIO_printf(bio_err,"notBefore=");
-                ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
-                BIO_printf(bio_err,"\n");
+                BIO_printf(bio_err, "notBefore=");
+                ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+                BIO_printf(bio_err, "\n");
                 break;
         case X509_V_ERR_CERT_HAS_EXPIRED:
         case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-                BIO_printf(bio_err,"notAfter=");
-                ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
-                BIO_printf(bio_err,"\n");
+                BIO_printf(bio_err, "notAfter=");
+                ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+                BIO_printf(bio_err, "\n");
                 break;
         case X509_V_ERR_NO_EXPLICIT_POLICY:
                 policies_print(bio_err, ctx);
@@ -151,7 +151,7 @@ B<ex_data>.
         if (err == X509_V_OK && ok == 2)
                 /* print out policies */
 
-        BIO_printf(bio_err,"verify return:%d\n",ok);
+        BIO_printf(bio_err, "verify return:%d\n", ok);
         return(ok);
         }
 

doc/ssl/SSL_CTX_set_cert_verify_callback.pod

@@ -8,7 +8,7 @@ SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure
 
  #include <openssl/ssl.h>
 
- void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg);
+ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *, void *), void *arg);
 
 =head1 DESCRIPTION
 

doc/ssl/SSL_CTX_set_client_CA_list.pod

@@ -82,7 +82,7 @@ The operation succeeded.
 
 Scan all certificates in B<CAfile> and list them as acceptable CAs:
 
-  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+  SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
 
 =head1 SEE ALSO
 

doc/ssl/SSL_CTX_set_info_callback.pod

@@ -114,20 +114,20 @@ about alerts being handled and error messages to the B<bio_err> BIO.
         const char *str;
         int w;
 
-        w=where& ~SSL_ST_MASK;
+        w = where & ~SSL_ST_MASK;
 
-        if (w & SSL_ST_CONNECT) str="SSL_connect";
-        else if (w & SSL_ST_ACCEPT) str="SSL_accept";
-        else str="undefined";
+        if (w & SSL_ST_CONNECT) str = "SSL_connect";
+        else if (w & SSL_ST_ACCEPT) str = "SSL_accept";
+        else str = "undefined";
 
         if (where & SSL_CB_LOOP)
                 {
-                BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
+                BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
                 }
         else if (where & SSL_CB_ALERT)
                 {
-                str=(where & SSL_CB_READ)?"read":"write";
-                BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+                str = (where & SSL_CB_READ) ? "read" : "write";
+                BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n",
                         str,
                         SSL_alert_type_string_long(ret),
                         SSL_alert_desc_string_long(ret));
@@ -135,12 +135,12 @@ about alerts being handled and error messages to the B<bio_err> BIO.
         else if (where & SSL_CB_EXIT)
                 {
                 if (ret == 0)
-                        BIO_printf(bio_err,"%s:failed in %s\n",
-                                str,SSL_state_string_long(s));
+                        BIO_printf(bio_err, "%s:failed in %s\n",
+                                str, SSL_state_string_long(s));
                 else if (ret < 0)
                         {
-                        BIO_printf(bio_err,"%s:error in %s\n",
-                                str,SSL_state_string_long(s));
+                        BIO_printf(bio_err, "%s:error in %s\n",
+                                str, SSL_state_string_long(s));
                         }
                 }
         }

doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod

@@ -124,7 +124,7 @@ enable an attacker to obtain the session keys.
 =head1 EXAMPLES
 
 Reference Implementation:
-  SSL_CTX_set_tlsext_ticket_key_cb(SSL,ssl_tlsext_ticket_key_cb);
+  SSL_CTX_set_tlsext_ticket_key_cb(SSL, ssl_tlsext_ticket_key_cb);
   ....
 
   static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)

doc/ssl/SSL_CTX_set_verify.pod

@@ -12,7 +12,7 @@ SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_dep
                          int (*verify_callback)(int, X509_STORE_CTX *));
  void SSL_set_verify(SSL *s, int mode,
                      int (*verify_callback)(int, X509_STORE_CTX *));
- void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
  void SSL_set_verify_depth(SSL *s, int depth);
 
  int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);

doc/ssl/SSL_CTX_use_certificate.pod

@@ -36,7 +36,7 @@ SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key
  int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
  int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
  int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
- int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, unsigned char *d, long len);
  int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
  int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
  int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);

doc/ssl/SSL_get_current_cipher.pod

@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-SSL_get_current_cipher, SSL_get_cipher_name,
+SSL_get_current_cipher, SSL_get_cipher_name, *SSL_get_cipher,
 SSL_get_cipher_bits, SSL_get_cipher_version - get SSL_CIPHER of a connection
 
 =head1 SYNOPSIS

doc/ssl/ssl.pod

@@ -306,7 +306,7 @@ protocol context defined in the B<SSL_CTX> structure.
 
 =item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
 
-=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
+=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx, t);
 
 =item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
 
@@ -576,7 +576,7 @@ fresh handle for each connection.
 
 =item long B<SSL_get_timeout>(const SSL *ssl);
 
-=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *)
+=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int, X509_STORE_CTX *)
 
 =item int B<SSL_get_verify_mode>(const SSL *ssl);
 

util/find-doc-nits.pl

@@ -83,6 +83,10 @@ sub name_synopsis()
         print "$id $sym missing from NAME section\n"
             unless defined $names{$sym};
         $names{$sym} = 2;
+
+        # Do some sanity checks on the prototype.
+        print "$id prototype missing spaces around commas: $line\n"
+            if ( $line =~ /[a-z0-9],[^ ]/ );
     }
 
     foreach my $n ( keys %names ) {