various cleanup;

4 files changed, 26 insertions, 25 deletions

diff --git a/lib/libcrypto/man/X509_new.3 b/lib/libcrypto/man/X509_new.3
index 2cc4ddd7b62..605d1db7be7 100644
--- a/lib/libcrypto/man/X509_new.3
+++ b/lib/libcrypto/man/X509_new.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: X509_new.3,v 1.5 2016/12/05 19:41:46 jmc Exp $
+.\"	$OpenBSD: X509_new.3,v 1.6 2016/12/12 22:02:55 jmc Exp $
 .\"	OpenSSL 3a59ad98 Dec 11 00:36:06 2015 +0000
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 5 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509_NEW 3
 .Os
 .Sh NAME
@@ -74,7 +74,7 @@ The X509 ASN.1 allocation routines allocate and free an
 structure, which represents an X509 certificate.
 .Pp
 .Fn X509_new
-allocates and initializes a X509 structure with reference count 1.
+allocates and initializes an X509 structure with reference count 1.
 .Pp
 .Fn X509_free
 decrements the reference count of the
diff --git a/lib/libcrypto/man/openssl.cnf.5 b/lib/libcrypto/man/openssl.cnf.5
index 2826b779ba0..1d8ee2d430e 100644
--- a/lib/libcrypto/man/openssl.cnf.5
+++ b/lib/libcrypto/man/openssl.cnf.5
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: openssl.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $
+.\"	$OpenBSD: openssl.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
 .\"	OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,14 +49,14 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 11 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt OPENSSL.CNF 5
 .Os
 .Sh NAME
 .Nm openssl.cnf
 .Nd OpenSSL configuration files
 .Sh DESCRIPTION
-The OpenSSL CONF library can be used to read configuration files, see
+The OpenSSL CONF library can be used to read configuration files; see
 .Xr CONF_modules_load_file 3 .
 It is used for the OpenSSL master configuration file
 .Pa /etc/ssl/openssl.cnf
@@ -163,12 +163,12 @@ to use an alternative configuration file.
 To enable library configuration, the default section needs to contain
 an appropriate line which points to the main configuration section.
 The default name is
-.Ic openssl_conf
+.Ic openssl_conf ,
 which is used by the
 .Xr openssl 1
 utility.
 Other applications may use an alternative name such as
-.Sy myapplicaton_conf .
+.Sy myapplication_conf .
 .Pp
 The configuration section should consist of a set of name value pairs
 which contain specific module configuration information.
@@ -200,7 +200,7 @@ The features of each configuration module are described below.
 This module has the name
 .Ic oid_section .
 The value of this variable points to a section containing name value
-pairs of OIDs: the name is the OID short and long name, the value is the
+pairs of OIDs: the name is the OID short and long name, and the value is the
 numerical form of the OID.
 Although some of the
 .Xr openssl 1
@@ -236,7 +236,7 @@ below) and further sections containing configuration information
 specific to each ENGINE.
 .Pp
 Each ENGINE specific section is used to set default algorithms, load
-dynamic, perform initialization and send ctrls.
+dynamic ENGINEs, perform initialization and send ctrls.
 The actual operation performed depends on the command
 name which is the name of the name value pair.
 The currently supported commands are listed below.
@@ -280,9 +280,9 @@ with the path argument followed by
 .Sy LIST_ADD
 with value 2 and
 .Sy LOAD
-to the dynamic ENGINE. If this is not the required behaviour then
-alternative ctrls can be sent directly to the dynamic ENGINE using ctrl
-commands.
+to the dynamic ENGINE.
+If this is not the required behaviour then alternative ctrls can be sent
+directly to the dynamic ENGINE using ctrl commands.
 .Pp
 The command
 .Ic init
diff --git a/lib/libcrypto/man/x509.3 b/lib/libcrypto/man/x509.3
index 3d2aadb1666..51650ca0741 100644
--- a/lib/libcrypto/man/x509.3
+++ b/lib/libcrypto/man/x509.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: x509.3,v 1.4 2016/12/08 21:48:50 jmc Exp $
+.\"	$OpenBSD: x509.3,v 1.5 2016/12/12 22:02:55 jmc Exp $
 .\"	OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
 .\" This file was written by Richard Levitte <levitte@openssl.org>
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 8 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509 3
 .Os
 .Sh NAME
@@ -57,9 +57,9 @@
 .Sh SYNOPSIS
 .In openssl/x509.h
 .Sh DESCRIPTION
-A X.509 certificate is a structured grouping of information about an
+An X.509 certificate is a structured grouping of information about an
 individual, a device, or anything one can imagine.
-A X.509 CRL (certificate revocation list) is a tool to help determine if
+An X.509 CRL (certificate revocation list) is a tool to help determine if
 a certificate is still valid.
 The exact definition of those can be found in the X.509 document from
 ITU-T, or in RFC 3280 from PKIX.
diff --git a/lib/libcrypto/man/x509v3.cnf.5 b/lib/libcrypto/man/x509v3.cnf.5
index 22e013a87e7..1fd4c0cc9f5 100644
--- a/lib/libcrypto/man/x509v3.cnf.5
+++ b/lib/libcrypto/man/x509v3.cnf.5
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: x509v3.cnf.5,v 1.1 2016/12/11 18:06:09 schwarze Exp $
+.\"	$OpenBSD: x509v3.cnf.5,v 1.2 2016/12/12 22:02:55 jmc Exp $
 .\"	OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 11 2016 $
+.Dd $Mdocdate: December 12 2016 $
 .Dt X509V3.CNF 5
 .Os
 .Sh NAME
@@ -108,7 +108,7 @@ The correct syntax to use is defined by the extension code itself:
 check out the certificate policies extension for an example.
 .Pp
 If an extension type is unsupported, then the arbitrary extension
-syntax must be used, see the
+syntax must be used; see the
 .Sx ARBITRARY EXTENSIONS
 section for more details.
 .Sh STANDARD EXTENSIONS
@@ -267,7 +267,7 @@ These include
 .Pp
 The
 .Ic email
-option include a special
+option can include a special
 .Cm copy
 value.
 This will automatically include any email addresses contained in the
@@ -421,7 +421,7 @@ are not recognized.
 .Pp
 The name
 .Ic onlysomereasons
-is accepted which sets this field.
+is accepted, which sets this field.
 The value is in the same format as the CRL distribution point
 .Ic reasons
 field.
@@ -457,7 +457,7 @@ This is a raw extension.
 All the fields of this extension can be set by using the appropriate
 syntax.
 .Pp
-If you follow the PKIX recommendations and just using one OID, then you
+If you follow the PKIX recommendations and just use one OID, then you
 just include the value of that OID.
 Multiple OIDs can be set separated by commas, for example:
 .Pp
@@ -493,6 +493,7 @@ options.
 and
 .Ic organization
 are text strings,
+and
 .Ic noticeNumbers
 is a comma separated list of numbers.
 The
@@ -553,7 +554,7 @@ The name constraints extension is a multi-valued extension.
 The name should begin with the word
 .Cm permitted
 or
-.Cm excluded
+.Cm excluded ,
 followed by a semicolon.
 The rest of the name and the value follows the syntax of subjectAltName
 except
@@ -590,7 +591,7 @@ Example:
 .Pp
 .Dl tlsfeature = status_request
 .Sh DEPRECATED EXTENSIONS
-The following extensions are non standard, Netscape specific and largely
+The following extensions are non-standard, Netscape specific and largely
 obsolete.
 Their use in new applications is discouraged.
 .Ss Netscape string extensions