I nominate docs.openssl.org/3.3/man3/d2i_… as #OpenSSL's worst man page. And there's fierce competition for that award.
And in the end it does not even mention the weird behavior: it stores errors in an internal queue which mysteriously makes the *next* invoked function fail...
Stefan Eissing
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to daniel:// stenberg:// • • •OpenSSL is a 5 million USD revenue/year company with more than ten full-time employees.
Makers of some the Open Source world's worst documentation. For an API that is enormous, quite weird and full of hidden magic that is not what you would expect.
Wolf480pl
in reply to daniel:// stenberg:// • • •daniel:// stenberg:// reshared this.
Yrjänä Rankka 🌻
in reply to daniel:// stenberg:// • • •Jon Ericson
in reply to daniel:// stenberg:// • • •Disclosure: I'm the OpenSSL Foundation community manager and I was part of a (failed) effort to get a Documentation feature added to Stack Overflow. (See my writing on the topic on my blog: jlericson.com/tag/documentatio…)
I agree the OpenSSL documentation is lacking. (Which is the nice way of saying it's inconsistent, fails to provide necessary information needed to use the software and disorganized.) The problem is multifaceted, but the shear size of the API is, indeed, at the root. Quite a lot of the library isn't documented at all:
The current policy (enforced by CI) is to not allow new undocumented functions, but that's just preventing the coverage problem from getting worse. It doesn't address the problems you highlighted with d2i_X509. (Though I should mention you linked to the 3.3 version and there has been some work done on that page that you can read if you switch to the latest documentation: docs.openssl.org/master/man3/d…)
Writing code and writing documentation are separate skills that aren't always found in the same person. As far as I know, there haven't been contributions from technical writers. Personally I'm an advocate for bringing on (at least) one person dedicated to documentation.
Jon Quixote
Jon Ericsondaniel:// stenberg://
in reply to Jon Ericson • • •@jericson I say those are just lame excuses. OpenSSL has soon existed for *thirty* years and there's clearly still no serious attempt to even try to do good documentation. Lots of the function calls even remain the same so there has been some time to do something.
I honestly cannot understand how a thriving project can claim to be for users and at the same time ignore their docs to this degree.
But that's just my personal opinion.
Jon Ericson
in reply to daniel:// stenberg:// • • •They can only be lame excuses if they were excuses.
I agree with you that documentation needs help. It's something that came up time and again in our survey in June. And, of course, I've consulted the documentation myself to try to understand the library. It's a problem.
You know the history of OpenSSL better than I do. Nothing anyone can do about the past. The question is how do we fix the situation? My answer is that we probably need a technical writer who knows how to structure useful documentation.
In my experience, documentation doesn't come naturally. Everyone wants it, but few people want to write it. (You can kinda see that in the OpenSSL forks which don't seem to be much interested in improving the documentation either.) You are absolutely correct that user-oriented projects make documentation a priority.
Share your user story
OpenSSL Foundationdaniel:// stenberg://
in reply to Jon Ericson • • •Jon Ericson
in reply to daniel:// stenberg:// • • •To go back to your initial post, is this issue related? "Horrible d2i_TYPE*() reuse behavior leads to crashes on error" sounds pretty similar to what you are describing.
(I disagree with the idea that undocumented functions are worse than functions with "a few lines of docs", by the way. Better to have an obvious problem than paper over it.)
Horrible `d2i_TYPE*()` reuse behavior leads to crashes on error, e.g., for `ASN1_item_sign_ctx()`
DDvO (GitHub)Richard Levitte
in reply to Jon Ericson • • •daniel:// stenberg://
in reply to Richard Levitte • • •Richard Levitte
in reply to daniel:// stenberg:// • • •Totally with ya there... and like I said, lots to catch up on. Could we say there's quite a bit of doc debt, that has accrued over the decades?
Richard Levitte
in reply to Richard Levitte • • •daniel:// stenberg://
in reply to Richard Levitte • • •Richard Levitte
in reply to daniel:// stenberg:// • • •I do note that you're talking about the next function being invoked, that's affected by the error queue (???). I'd love to know which one, 'cause that sounds real weird.
The issue that @jericson talks about is something different, has nothing to do with the error queue per se.
Andreas Fink
in reply to daniel:// stenberg:// • • •Matthias Schmidt
in reply to daniel:// stenberg:// • • •OpenBSD manual pages
man.openbsd.orgRichard Levitte
in reply to daniel:// stenberg:// • • •Peter N. M. Hansteen
in reply to daniel:// stenberg:// • • •LibreSSL with Bob Beck
YouTubedaniel:// stenberg://
in reply to Peter N. M. Hansteen • • •Timothy Legge
in reply to daniel:// stenberg:// • • •Billy O'Neal
in reply to daniel:// stenberg:// • • •Richard Levitte
in reply to Billy O'Neal • • •@malwareminigun Point is that those are really quite generic functions. d2i_<TYPE> all behave the same way, for each type. Same goes for i2d_<TYPE>.
Would it be better to generate one manpage for each d2i / i2d pair, all looking the same except for the name?
daniel:// stenberg://
in reply to Richard Levitte • • •Richard Levitte
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
Unknown parent • • •