doc/man1: fix malformed options

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10073)

15 files changed, 38 insertions, 38 deletions

diff --git a/doc/man1/openssl-cms.pod b/doc/man1/openssl-cms.pod
index 36b075c655..d50a5d0efe 100644
--- a/doc/man1/openssl-cms.pod
+++ b/doc/man1/openssl-cms.pod
@@ -70,7 +70,7 @@ B<openssl> B<cms>
 [B<-verify_name> I<name>]
 [B<-x509_strict>]
 [B<-md> I<digest>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-nointern>]
 [B<-noverify>]
 [B<-nocerts>]
@@ -309,7 +309,7 @@ Do not load the trusted CA certificates from the default directory location
 Digest algorithm to use when signing or resigning. If not present then the
 default digest algorithm for the signing key will be used (usually SHA1).
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 The encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
 or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
diff --git a/doc/man1/openssl-dgst.pod b/doc/man1/openssl-dgst.pod
index d9319e5697..c6e2b21b8e 100644
--- a/doc/man1/openssl-dgst.pod
+++ b/doc/man1/openssl-dgst.pod
@@ -7,7 +7,7 @@ openssl-dgst - perform digest operations
 =head1 SYNOPSIS
 
 B<openssl dgst>
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-help>]
 [B<-c>]
 [B<-d>]
@@ -52,7 +52,7 @@ command.
 
 Print out a usage message.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 Specifies name of a supported digest to be used. To see the list of
 supported digests, use the command C<list --digest-commands>.
diff --git a/doc/man1/openssl-enc.pod b/doc/man1/openssl-enc.pod
index d0f876949a..498df90b1f 100644
--- a/doc/man1/openssl-enc.pod
+++ b/doc/man1/openssl-enc.pod
@@ -7,7 +7,7 @@ openssl-enc - symmetric cipher routines
 =head1 SYNOPSIS
 
 B<openssl>
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-help>]
 [B<-ciphers>]
 [B<-in> I<filename>]
diff --git a/doc/man1/openssl-genpkey.pod b/doc/man1/openssl-genpkey.pod
index 61390777f4..085f7cb4f8 100644
--- a/doc/man1/openssl-genpkey.pod
+++ b/doc/man1/openssl-genpkey.pod
@@ -11,7 +11,7 @@ B<openssl> B<genpkey>
 [B<-out> I<filename>]
 [B<-outform> B<DER>|B<PEM>]
 [B<-pass> I<arg>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-engine> I<id>]
 [B<-paramfile> I<file>]
 [B<-algorithm> I<alg>]
@@ -47,7 +47,7 @@ This specifies the output format DER or PEM. The default format is PEM.
 The output file password source. For more information about the format of B<arg>
 see L<openssl(1)/Pass phrase options>.
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 This option encrypts the private key with the supplied cipher. Any algorithm
 name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
diff --git a/doc/man1/openssl-ocsp.pod b/doc/man1/openssl-ocsp.pod
index dc66134e36..726020ffa5 100644
--- a/doc/man1/openssl-ocsp.pod
+++ b/doc/man1/openssl-ocsp.pod
@@ -88,7 +88,7 @@ B<openssl> B<ocsp>
 [B<-resp_key_id>]
 [B<-nrequest> I<n>]
 [B<-rcid> I<digest>]
-[B<->I<digest>]
+[B<-I<digest>>]
 
 =for comment ifdef multi
 
@@ -312,7 +312,7 @@ This option sets the digest algorithm to use for certificate identification
 in the OCSP response. Any digest supported by the OpenSSL B<dgst> command can
 be used. The default is the same digest algorithm used in the request.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 This option sets digest algorithm to use for certificate identification in the
 OCSP request. Any digest supported by the OpenSSL B<dgst> command can be used.
diff --git a/doc/man1/openssl-pkcs8.pod b/doc/man1/openssl-pkcs8.pod
index 99299f1044..e1cc0b38a5 100644
--- a/doc/man1/openssl-pkcs8.pod
+++ b/doc/man1/openssl-pkcs8.pod
@@ -21,9 +21,9 @@ B<openssl> B<pkcs8>
 [B<-writerand> I<file>]
 [B<-nocrypt>]
 [B<-traditional>]
-[B<-v2 alg>]
-[B<-v2prf alg>]
-[B<-v1 alg>]
+[B<-v2> I<alg>]
+[B<-v2prf> I<alg>]
+[B<-v1> I<alg>]
 [B<-engine> I<id>]
 [B<-scrypt>]
 [B<-scrypt_N> I<N>]
@@ -118,7 +118,7 @@ all others.
 Writes random data to the specified I<file> upon exit.
 This can be used with a subsequent B<-rand> flag.
 
-=item B<-v2 alg>
+=item B<-v2> I<alg>
 
 This option sets the PKCS#5 v2.0 algorithm.
 
@@ -126,7 +126,7 @@ The B<alg> argument is the encryption algorithm to use, valid values include
 B<aes128>, B<aes256> and B<des3>. If this option isn't specified then B<aes256>
 is used.
 
-=item B<-v2prf alg>
+=item B<-v2prf> I<alg>
 
 This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value
 value would be B<hmacWithSHA256>. If this option isn't set then the default
@@ -135,7 +135,7 @@ for the cipher is used or B<hmacWithSHA256> if there is no default.
 Some implementations may not support custom PRF algorithms and may require
 the B<hmacWithSHA1> option to work.
 
-=item B<-v1 alg>
+=item B<-v1> I<alg>
 
 This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used.  Some
 older implementations may not support PKCS#5 v2.0 and may require this option.
diff --git a/doc/man1/openssl-pkey.pod b/doc/man1/openssl-pkey.pod
index fa9ea11f9c..ea64ecff60 100644
--- a/doc/man1/openssl-pkey.pod
+++ b/doc/man1/openssl-pkey.pod
@@ -15,7 +15,7 @@ B<openssl> B<pkey>
 [B<-out> I<filename>]
 [B<-passout> I<arg>]
 [B<-traditional>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-text>]
 [B<-text_pub>]
 [B<-noout>]
@@ -78,7 +78,7 @@ Normally a private key is written using standard format: this is PKCS#8 form
 with the appropriate encryption algorithm (if any). If the B<-traditional>
 option is specified then the older "traditional" format is used instead.
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 These options encrypt the private key with the supplied cipher. Any algorithm
 name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
diff --git a/doc/man1/openssl-req.pod b/doc/man1/openssl-req.pod
index 70d121360a..e010e00f01 100644
--- a/doc/man1/openssl-req.pod
+++ b/doc/man1/openssl-req.pod
@@ -29,7 +29,7 @@ B<openssl> B<req>
 [B<-keyform> B<DER>|B<PEM>]
 [B<-keyout> I<filename>]
 [B<-keygen_engine> I<id>]
-[B<-> I<digest>]
+[B<-I<digest>>]
 [B<-config> I<filename>]
 [B<-multivalue-rdn>]
 [B<-x509>]
@@ -209,7 +209,7 @@ configuration file is used.
 If this option is specified then if a private key is created it
 will not be encrypted.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 This specifies the message digest to sign the request.
 Any digest supported by the OpenSSL B<dgst> command can be used.
diff --git a/doc/man1/openssl-rsautl.pod b/doc/man1/openssl-rsautl.pod
index 2122066270..fccd7a1ad7 100644
--- a/doc/man1/openssl-rsautl.pod
+++ b/doc/man1/openssl-rsautl.pod
@@ -97,7 +97,7 @@ all others.
 Writes random data to the specified I<file> upon exit.
 This can be used with a subsequent B<-rand> flag.
 
-=item B<-pkcs, -oaep, -ssl, -raw>
+=item B<-pkcs>, B<-oaep>, B<-ssl>, B<-raw>
 
 The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
 special padding used in SSL v2 backwards compatible handshakes,
diff --git a/doc/man1/openssl-s_server.pod b/doc/man1/openssl-s_server.pod
index df613311ed..69275ed976 100644
--- a/doc/man1/openssl-s_server.pod
+++ b/doc/man1/openssl-s_server.pod
@@ -47,8 +47,8 @@ B<openssl> B<s_server>
 [B<-WWW>]
 [B<-servername>]
 [B<-servername_fatal>]
-[B<-cert2 infile>]
-[B<-key2 infile>]
+[B<-cert2> I<infile>]
+[B<-key2> I<infile>]
 [B<-tlsextdebug>]
 [B<-HTTP>]
 [B<-id_prefix> I<val>]
diff --git a/doc/man1/openssl-smime.pod b/doc/man1/openssl-smime.pod
index b15baa2dc7..dc4a5bcf2f 100644
--- a/doc/man1/openssl-smime.pod
+++ b/doc/man1/openssl-smime.pod
@@ -16,7 +16,7 @@ B<openssl> B<smime>
 [B<-pk7out>]
 [B<-binary>]
 [B<-crlfeol>]
-[B<->I<cipher>]
+[B<-I<cipher>>]
 [B<-in> I<file>]
 [B<-CAfile> I<file>]
 [B<-CApath> I<dir>]
@@ -203,7 +203,7 @@ Do not load the trusted CA certificates from the default directory location.
 Digest algorithm to use when signing or resigning. If not present then the
 default digest algorithm for the signing key will be used (usually SHA1).
 
-=item B<->I<cipher>
+=item B<-I<cipher>>
 
 The encryption algorithm to use. For example DES  (56 bits) - B<-des>,
 triple DES (168 bits) - B<-des3>,
@@ -316,7 +316,7 @@ This can be used with a subsequent B<-rand> flag.
 One or more certificates of message recipients: used when encrypting
 a message.
 
-=item B<-to, -from, -subject>
+=item B<-to>, B<-from>, B<-subject>
 
 The relevant mail headers. These are included outside the signed
 portion of a message so they may be included manually. If signing
diff --git a/doc/man1/openssl-storeutl.pod b/doc/man1/openssl-storeutl.pod
index efaa6f98b2..fb292a3cf7 100644
--- a/doc/man1/openssl-storeutl.pod
+++ b/doc/man1/openssl-storeutl.pod
@@ -22,7 +22,7 @@ B<openssl> B<storeutl>
 [B<-serial> I<arg>]
 [B<-alias> I<arg>]
 [B<-fingerprint> I<arg>]
-[B<->I<digest>]
+[B<-I<digest>>]
 B<uri> ...
 
 =head1 DESCRIPTION
@@ -106,7 +106,7 @@ Search for an object having the given alias.
 
 Search for an object having the given fingerprint.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The digest that was used to compute the fingerprint given with B<-fingerprint>.
 
diff --git a/doc/man1/openssl-ts.pod b/doc/man1/openssl-ts.pod
index ec1d296c94..0d65601a41 100644
--- a/doc/man1/openssl-ts.pod
+++ b/doc/man1/openssl-ts.pod
@@ -13,7 +13,7 @@ B<-query>
 [B<-config> I<configfile>]
 [B<-data> I<file_to_hash>]
 [B<-digest> I<digest_bytes>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-tspolicy> I<object_id>]
 [B<-no_nonce>]
 [B<-cert>]
@@ -29,7 +29,7 @@ B<-reply>
 [B<-passin> I<password_src>]
 [B<-signer> I<tsa_cert.pem>]
 [B<-inkey> I<file_or_id>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-chain> I<certs_file.pem>]
 [B<-tspolicy> I<object_id>]
 [B<-in> I<response.tsr>]
@@ -167,7 +167,7 @@ per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
 1AF601...). The number of bytes must match the message digest algorithm
 in use. (Optional)
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The message digest to apply to the data file.
 Any digest supported by the OpenSSL B<dgst> command can be used.
@@ -260,7 +260,7 @@ B<signer_key> config file option. (Optional)
 If no engine is used, the argument is taken as a file; if an engine is
 specified, the argument is given to the engine as a key identifier.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 Signing digest to use. Overrides the B<signer_digest> config file
 option. (Mandatory unless specified in the config file)
@@ -461,7 +461,7 @@ command line option. (Optional)
 =item B<signer_digest>
 
 Signing digest to use. The same as the
-B<->I<digest> command line option. (Mandatory unless specified on the command
+B<-I<digest>> command line option. (Mandatory unless specified on the command
 line)
 
 =item B<default_policy>
diff --git a/doc/man1/openssl-verify.pod b/doc/man1/openssl-verify.pod
index 0635576c87..a83ffadc22 100644
--- a/doc/man1/openssl-verify.pod
+++ b/doc/man1/openssl-verify.pod
@@ -49,9 +49,9 @@ B<openssl> B<verify>
 [B<-verify_name> I<name>]
 [B<-x509_strict>]
 [B<-show_chain>]
-[B<-sm2-id string>]
-[B<-sm2-hex-id hex-string>]
-[B<->]
+[B<-sm2-id> I<string>]
+[B<-sm2-hex-id> I<hex-string>]
+[B<-->]
 [certificates]
 
 =for comment ifdef engine sm2-id sm2-hex-id
@@ -329,7 +329,7 @@ required by the SM2 signature algorithm for signing and verification.
 Specify a binary ID string to use when signing or verifying using an SM2
 certificate. The argument for this option is string of hexadecimal digits.
 
-=item B<->
+=item B<-->
 
 Indicates the last option. All arguments following this are assumed to be
 certificate files. This is useful if the first certificate filename begins
diff --git a/doc/man1/openssl-x509.pod b/doc/man1/openssl-x509.pod
index cb347151da..e2a64fece1 100644
--- a/doc/man1/openssl-x509.pod
+++ b/doc/man1/openssl-x509.pod
@@ -58,7 +58,7 @@ B<openssl> B<x509>
 [B<-ext> I<extensions>]
 [B<-certopt> I<option>]
 [B<-C>]
-[B<->I<digest>]
+[B<-I<digest>>]
 [B<-clrext>]
 [B<-extfile> I<filename>]
 [B<-extensions> I<section>]
@@ -113,7 +113,7 @@ if this option is not specified.
 This specifies the output filename to write to or standard output by
 default.
 
-=item B<->I<digest>
+=item B<-I<digest>>
 
 The digest to use.
 This affects any signing or display option that uses a message