docs: tidy up man pages

- Updated the SYNOPSIS of ocserv(8), occtl(8), and ocpasswd(8)
  to match their --help output
- Corrected usage syntax (eg: '-c config' is optional for ocserv,
  'username' is required for ocpasswd).
- Removed non-standard ':' trailing from options definitions
- Documented missing command-line options: --log-stderr,  --syslog,
  --no-chdir, --traceable
- Added default configuration file paths:
  /etc/ocserv/ocserv.conf, /etc/ocserv/ocpasswd
- Documented USER_AGENT environment variable
- Fixed typos

Signed-off-by: Grigory Trenin <grigory.trenin@gmail.com>

doc/occtl.8.md

@@ -3,7 +3,7 @@
 
 ## SYNOPSIS
 
-**occtl** ['COMMAND']
+**occtl** \[OPTIONS...\] \[COMMAND\]
 
 
 ## DESCRIPTION

doc/ocpasswd.8.md

@@ -1,8 +1,7 @@
 # ocpasswd(8) -- OpenConnect server password utility
 
 ## SYNOPSIS
-**ocpasswd** [--option-name[=value]] ['username']
-
+**ocpasswd** \[ **-flag** \[<value>\] | **--option-name**\[\[=| \]<value>\] \]... <username>
 
 ## DESCRIPTION
 This  program is openconnect password (ocpasswd) utility. It allows the generation
@@ -10,27 +9,27 @@ and handling of a 'plain' password file used by ocserv.
 
 ## OPTIONS
 
-  * **-c, --passwd**=_FILE_::
+  * **-c, --passwd**=_FILE_:
     Specify the password file to use. Only useful when not using the default
-    location.
+    location. The default is _/etc/ocserv/ocpasswd_.
 
-  * **-g, --group**::
+  * **-g, --group**:
     Specify the user's group name. Note that groups of one character such as
     '*' and 'x', are ignored.
 
-  * **-d, --delete**::
+  * **-d, --delete**:
     Deletes the specified user from the password file.
 
-  * **-l, --lock**::
+  * **-l, --lock**:
     Prevents the specified user from logging in by locking its password.
 
-  * **-u, --unlock**::
+  * **-u, --unlock**:
     Re-enables login for the specified user by unlocking its password.
 
-  * **-h, --help**::
+  * **-h, --help**:
     Display usage information and exit.
 
-  * **-v, --version**::
+  * **-v, --version**:
     Output version of program and exit.
 
 ## EXIT STATUS

doc/ocserv.8.md

@@ -1,7 +1,7 @@
 # ocserv(8) -- OpenConnect VPN server
 
 ## SYNOPSIS
-**ocserv** [options] -c [config]
+**ocserv** \[ **-flag** \[<value>\] | **--option-name**\[\[=| \]<value>\] \]...
 
 OpenConnect VPN server (ocserv) is a VPN server compatible with the
 OpenConnect VPN client. It follows the AnyConnect VPN protocol which
@@ -9,12 +9,12 @@ is used by several CISCO routers.
 
 
 ## DESCRIPTION
-This a standalone server that reads a configuration file (see below for more details),
+This is a standalone server that reads a configuration file (see below for more details),
 and waits for client connections. Log messages are directed to the syslog daemon
 facility.
 
 The server maintains two connections/channels with the client. The main VPN
-channel is established over TCP, HTTP and TLS. This is the control channel as well
+channel is established over TCP, using HTTP and TLS. This is the control channel as well
 as the backup data channel. After its establishment a UDP channel using DTLS
 is initiated which serves as the main data channel. If the UDP channel fails
 to establish or is temporarily unavailable the backup channel over TCP/TLS
@@ -43,27 +43,40 @@ server.
 
 ## OPTIONS
 
-  * **-f, --foreground**::
+  * **-f, --foreground**:
     Do not fork server into background.
 
-  * **-d, --debug**=_num_::
+  * **-d, --debug**=_num_:
     Enable verbose network debugging information. _num_ must be between zero
     and 9999.
 
-  * **-c, --config**=_FILE_::
-    Specify the configuration file for the server.
+  * **-c, --config**=_FILE_:
+    Specify the configuration file for the server. The default is
+    _/etc/ocserv/ocserv.conf_.
 
-  * **-t, --test-config**::
+  * **-t, --test-config**:
     Test the provided configuration file and exit. A successful exit error code
     indicates a valid configuration.
 
-  * **-p, --pid-file**=_FILE_::
+  * **-p, --pid-file**=_FILE_:
     Specify a PID file for the server.
 
-  * **-h, --help**::
+  * **-e, --log-stderr**:
+    Log to stderr.
+
+  * **-s, --syslog**:
+    Log to syslog (default).
+
+  * **--no-chdir**:
+    Do not perform a chdir on daemonize.
+
+  * **-x, --traceable**:
+    Allows the process to be traced and dumped. Use for debugging purposes only.
+
+  * **-h, --help**:
     Display usage information and exit.
 
-  * **-v, --version**::
+  * **-v, --version**:
     Output version of program and exit.
 
 

doc/sample.config

@@ -399,9 +399,9 @@ rekey-method = ssl
 
 # Script to call when a client connects and obtains an IP.
 # The following parameters are passed on the environment.
-# REASON, VHOST, USERNAME, GROUPNAME, DEVICE, IP_REAL (the real IP of the client),
-# REMOTE_HOSTNAME (the remotely advertised hostname), IP_REAL_LOCAL
-# (the local interface IP the client connected), IP_LOCAL
+# REASON, VHOST, USERNAME, GROUPNAME, DEVICE, USER_AGENT, IP_REAL (the real IP
+# of the client), REMOTE_HOSTNAME (the remotely advertised hostname),
+# IP_REAL_LOCAL (the local interface IP the client connected), IP_LOCAL
 # (the local IP in the P-t-P connection), IP_REMOTE (the VPN IP of the client),
 # IPV6_LOCAL (the IPv6 local address if there are both IPv4 and IPv6
 # assigned), IPV6_REMOTE (the IPv6 remote address), IPV6_PREFIX, and

src/config.c

@@ -2046,7 +2046,7 @@ int cmd_parser(void *pool, int argc, char **argv, struct list_head *head,
 		fprintf(stderr, ERRSTR "cannot access config file: %s\n",
 			cfg_file);
 		fprintf(stderr,
-			"Usage: %s -c [config]\nUse %s --help for more information.\n",
+			"Usage: %s [-c config]\nUse %s --help for more information.\n",
 			argv[0], argv[0]);
 		exit(EXIT_FAILURE);
 	}

src/occtl/occtl.c

@@ -171,7 +171,7 @@ unsigned int check_cmd_help(const char *line)
 
 static void usage(void)
 {
-	printf("occtl: [OPTIONS...] {COMMAND}\n\n");
+	printf("occtl: [OPTIONS...] [COMMAND]\n\n");
 	printf("  -s --socket-file       Specify the server's occtl socket file\n");
 	printf("  -h --help              Show this help\n");
 	printf("     --debug             Enable more verbose information in some commands\n");

src/ocpasswd/ocpasswd.c

@@ -380,7 +380,7 @@ static void usage(void)
 {
 	fprintf(stderr, "ocpasswd - OpenConnect server password utility\n");
 	fprintf(stderr,
-		"Usage:  ocpasswd [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [username]\n");
+		"Usage:  ocpasswd [ -<flag> [<val>] | --<name>[{=| }<val>] ]... username\n");
 	fprintf(stderr, "\n");
 	fprintf(stderr, "   -c, --passwd=file          Password file\n");
 	fprintf(stderr, "   -g, --groupname=str        User's group name\n");