Commit Graph

27456 Commits

Author SHA1 Message Date
Rich Salz
1696b8909b Remove -C from dhparam,dsaparam,ecparam
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13384)
2020-11-13 14:45:22 +01:00
Richard Levitte
256d41d437 BIO: Undefine UNICODE in b_addr.c to get POSIX declaration of gai_strerror()
When UNICODE is defined, Windows headers push for WCHAR implementations,
which aren't compatible with POSIX declarations.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-13 09:35:31 +01:00
Richard Levitte
105d01f1eb crypto/provider_core.c: fix a couple of faulty ERR_raise_data() calls
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-13 09:35:31 +01:00
Richard Levitte
a150f8e1fc CRYPTO: refactor ERR_raise()+ERR_add_error_data() to ERR_raise_data()
This is not done absolutely everywhere, as there are places where
the use of ERR_add_error_data() is quite complex, but at least the
simple cases are done.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-13 09:35:31 +01:00
Richard Levitte
9311d0c471 Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.

This was done using util/err-to-raise

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
2020-11-13 09:35:02 +01:00
Richard Levitte
31a6b52f6d EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys
It doesn't downgread the keys to legacy any more.  Instead, it uses
OSSL_ENCODER to encode the key to DER, and d2i_PKCS8_PRIV_KEY_INFO()
to make a PKCS8_PRIV_KEY_INFO structure from that.

Fixes #12990

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12995)
2020-11-13 09:20:12 +01:00
David Carlier
0bb450fe2f DragonFlyBSD build fix and update.
getentropy call is not supported however getrandom since the 5.7.x branch is.
current LTS stable is 5.8.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13375)
2020-11-13 10:49:11 +10:00
Shane Lontis
a04400fc74 Remove unused helper functions EVP_str2ctrl() & EVP_hex2ctrl().
These were added when the EVP_MAC work was being done.
I dont think these lightweight wrappers are required, and it seems better to remove them,
rather than adding documentation.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13372)
2020-11-13 10:32:48 +10:00
Nicola Tuveri
a7da4d488d [test/recipes] Split test_fuzz into separate recipes
When using `HARNESS_JOBS` to run the tests in parallel, no matter the
level of parallelism that can be used, the monolithic `test_fuzz` takes
a long time to run, conditioning the duration of the whole build.

This commit splits the single `test_fuzz` recipe into separate recipes
for each fuzzer.
The previous mechanism to select individual fuzz tests using the
`FUZZ_TESTS` environment variable is also dropped (and documentation
updated).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13307)
2020-11-12 16:27:17 +02:00
XiaokangQian
9ce8e0d17e Optimize AES-XTS mode in OpenSSL for aarch64
Aes-xts mode can be optimized by interleaving cipher operation on
several blocks and loop unrolling. Interleaving needs one ideal
unrolling factor, here we adopt the same factor with aes-cbc,
which is described as below:
	If blocks number > 5, select 5 blocks as one iteration,every
	loop, decrease the blocks number by 5.
	If left blocks < 5, treat them as tail blocks.
Detailed implementation has a little adjustment for squeezing
code space.
With this way, for small size such as 16 bytes, the performance is
similar as before, but for big size such as 16k bytes, the performance
improves a lot, even reaches to 2x uplift, for some arches such as A57,
the improvement even reaches more than 2x uplift. We collect many
performance datas on different micro-archs such as thunderx2,
ampere-emag, a72, a75, a57, a53 and N1, all of which reach 0.5-2x uplift.
The following table lists the encryption performance data on aarch64,
take a72, a75, a57, a53 and N1 as examples. Performance value takes the
unit of cycles per byte, takes the format as comparision of values.
List them as below:

A72:
                            Before optimization     After optimization  Improve
evp-aes-128-xts@16          8.899913518             5.949087263         49.60%
evp-aes-128-xts@64          4.525512668             3.389141845         33.53%
evp-aes-128-xts@256         3.502906908             1.633573479         114.43%
evp-aes-128-xts@1024        3.174210419             1.155952639         174.60%
evp-aes-128-xts@8192        3.053019303             1.028134888         196.95%
evp-aes-128-xts@16384       3.025292462             1.02021169          196.54%
evp-aes-256-xts@16          9.971105023             6.754233758         47.63%
evp-aes-256-xts@64          4.931479093             3.786527393         30.24%
evp-aes-256-xts@256         3.746788153             1.943975947         92.74%
evp-aes-256-xts@1024        3.401743802             1.477394648         130.25%
evp-aes-256-xts@8192        3.278769327             1.32950421          146.62%
evp-aes-256-xts@16384       3.27093296              1.325276257         146.81%

A75:
                            Before optimization     After optimization  Improve
evp-aes-128-xts@16          8.397965173             5.126839098         63.80%
evp-aes-128-xts@64          4.176860631             2.59817764          60.76%
evp-aes-128-xts@256         3.069126585             1.284561028         138.92%
evp-aes-128-xts@1024        2.805962699             0.932754655         200.83%
evp-aes-128-xts@8192        2.725820131             0.829820397         228.48%
evp-aes-128-xts@16384       2.71521905              0.823251591         229.82%
evp-aes-256-xts@16          11.24790935             7.383914448         52.33%
evp-aes-256-xts@64          5.294128847             3.048641998         73.66%
evp-aes-256-xts@256         3.861649617             1.570359905         145.91%
evp-aes-256-xts@1024        3.537646797             1.200493533         194.68%
evp-aes-256-xts@8192        3.435353012             1.085345319         216.52%
evp-aes-256-xts@16384       3.437952563             1.097963822         213.12%

A57:
                            Before optimization     After optimization  Improve
evp-aes-128-xts@16          10.57455446             7.165438012         47.58%
evp-aes-128-xts@64          5.418185447             3.721241202         45.60%
evp-aes-128-xts@256         3.855184592             1.747145379         120.66%
evp-aes-128-xts@1024        3.477199757             1.253049735         177.50%
evp-aes-128-xts@8192        3.36768104              1.091943159         208.41%
evp-aes-128-xts@16384       3.360373443             1.088942789         208.59%
evp-aes-256-xts@16          12.54559459             8.745489036         43.45%
evp-aes-256-xts@64          6.542808937             4.326387568         51.23%
evp-aes-256-xts@256         4.62668822              2.119908754         118.25%
evp-aes-256-xts@1024        4.161716505             1.557335554         167.23%
evp-aes-256-xts@8192        4.032462227             1.377749511         192.68%
evp-aes-256-xts@16384       4.023293877             1.371558933         193.34%

A53:
                            Before optimization     After optimization  Improve
evp-aes-128-xts@16          18.07842135             13.96980808         29.40%
evp-aes-128-xts@64          7.933818397             6.07159276          30.70%
evp-aes-128-xts@256         5.264604704             2.611155744         101.60%
evp-aes-128-xts@1024        4.606660117             1.722713454         167.40%
evp-aes-128-xts@8192        4.405160115             1.454379201         202.90%
evp-aes-128-xts@16384       4.401592028             1.442279392         205.20%
evp-aes-256-xts@16          20.07084054             16.00803726         25.40%
evp-aes-256-xts@64          9.192647294             6.883876732         33.50%
evp-aes-256-xts@256         6.336143161             3.108140452         103.90%
evp-aes-256-xts@1024        5.62502952              2.097960651         168.10%
evp-aes-256-xts@8192        5.412085608             1.807294191         199.50%
evp-aes-256-xts@16384       5.403062591             1.790135764         201.80%

N1:
                            Before optimization     After optimization  Improve
evp-aes-128-xts@16          6.48147613              4.209415473         53.98%
evp-aes-128-xts@64          2.847744115             1.950757468         45.98%
evp-aes-128-xts@256         2.085711968             1.061903238         96.41%
evp-aes-128-xts@1024        1.842014669             0.798486302         130.69%
evp-aes-128-xts@8192        1.760449052             0.713853939         146.61%
evp-aes-128-xts@16384       1.760763546             0.707702009         148.80%
evp-aes-256-xts@16          7.264142817             5.265970454         37.94%
evp-aes-256-xts@64          3.251356212             2.41176323          34.81%
evp-aes-256-xts@256         2.380488469             1.342095742         77.37%
evp-aes-256-xts@1024        2.08853022              1.041718215         100.49%
evp-aes-256-xts@8192        2.027432668             0.944571334         114.64%
evp-aes-256-xts@16384       2.00740782              0.941991415         113.10%

Add more XTS test cases to cover the cipher stealing mode and cases of different
number of blocks.

CustomizedGitHooks: yes
Change-Id: I93ee31b2575e1413764e27b599af62994deb4c96

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11399)
2020-11-12 11:09:22 +01:00
Pauli
c87a7f31a3 apps/passwd: remove the -crypt option.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13313)
2020-11-12 08:35:47 +10:00
Pauli
93c87f745d rsa_test: add return value check
Fixes #13361

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13362)
2020-11-12 08:21:47 +10:00
Tomas Mraz
d8701e2523 Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
Also check for malloc failure and do not add '/' when
$OPENSSL_CONF_INCLUDE already ends with directory separator.

Fixes #13302

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
2020-11-11 16:06:30 +01:00
Tomas Mraz
368d9e030f Add ossl_is_absolute_path function to detect absolute paths
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
2020-11-11 16:06:30 +01:00
Tomas Mraz
69d16b70cf Avoid duplicate ends_with_dirsep functions
Refactor them into inline ossl_ends_with_dirsep function in
internal/cryptlib.h.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
2020-11-11 16:05:56 +01:00
Richard Levitte
122e81f070 test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
The FIPS provider module doesn't have any encoders, the base provider
is needed for that.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
f49d486075 test/evp_libctx_test.c: use OSSL_ENCODER instead of i2d_PublicKey()
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
973a52ce01 test/endecode_test.c: Update to specify output structures
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
4227e504c8 Adapt libcrypto functionality to specify the desired output structure
This also modifies i2d_PublicKey() and i2d_KeyParams() to support
provided keys.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
c319b6276b PROV: Re-implement all the keypair encoders
The base functionality to implement the keypair encoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be output, the output type ("TEXT", "DER" or "PEM") and the
outermost output structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).

We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
0b9f90f504 ENCODER: Add tracing
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
b9a2afdfe6 ENCODER: Add output structure support for EVP_PKEY encoding
OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express
the desired outermost structure for the output.

This also adds OSSL_ENCODER_CTX_prune_encoders(), which is used to
reduce the stack of encoders found according to criteria formed from
the combination of desired selection, output type and output
structure.

squash! ENCODER: Add output structure support for EVP_PKEY encoding

Replace the paragraph talking about OSSL_ENCODER_CTX_prune_encoders() with:

The encoding processor encoder_process() is enhanced with better
analysis of the stack of encoder implementations.  To avoid having to
keep an on the side array of information, it uses recursion.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
cd861ab73d ENCODER: Add support for OSSL_FUNC_encoder_does_selection()
OSSL_FUNC_encoder_does_selection() is a dispatchable encoder implementation
function that should return 1 if the given |selection| is supported by an
encoder implementation and 0 if not.  This can be used by libcrypto
functionality to figure out if an encoder implementation should be
considered or not.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
8a98a507fb ENCODER: Add support for specifying the outermost output structure
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
45da4a0fc5 CORE: Add support for specifying the outermost object structure
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
2020-11-11 12:43:27 +01:00
Richard Levitte
6debc6ab74 Convert all {NAME}err() in providers/ to their corresponding ERR_raise() call
This was done using util/err-to-raise

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13319)
2020-11-11 12:15:48 +01:00
Richard Levitte
c48ffbcca1 SSL: refactor all SSLfatal() calls
Since SSLfatal() doesn't take a function code any more, we drop that
argument everywhere.  Also, we convert all combinations of SSLfatal()
and ERR_add_data() to an SSLfatal_data() call.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
2020-11-11 12:12:23 +01:00
Richard Levitte
e92519b5a6 SSL: refactor ossl_statem_fatal() and SSLfatal()
ossl_statem_fatal() is refactored to be an extended ERR_set_error(),
and SSLfatal() is refactored to work like ERR_raise().  We also add
SSLfatal_data() to work like ERR_raise_data().

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
2020-11-11 12:12:23 +01:00
Richard Levitte
6849b73ccc Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
2020-11-11 12:12:11 +01:00
Richard Levitte
9787b5b81f OSSL_STORE: Make sure the called OSSL_DECODER knows what to expect
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
8d8fee6400 PEM: Have pem_read_bio_key() set the OSSL_STORE expected type
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
35426b2f9c Restore the legacy implementation of PEM_read_bio_DHparams()
It was an overstep to have it got through OSSL_STORE just to extract a
DH pointer from the resulting EVP_PKEY.

This partially reverts 1427d33cee

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
a5cc661645 TEST: Adapt test/endecoder_test.c
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
eb2f1b81a3 DH: Move the code to set the DH sub-type
It's been moved so the type is set by d2i_DHparams() and d2i_DHxparams()

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
4f2abe4378 Adapt libcrypto functionality to specify the desired input structure
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
2c090c1d1b PROV: Re-implement all the keypair decoders
The base functionality to implement the keypair decoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be expected as input, the input type ("DER", "PEM", ...) and the
outermost input structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).

We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
de5008a407 DECODER: Add tracing
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
df65c06b59 DECODER: Add input structure support for EVP_PKEY decoding
OSSL_DECODER_CTX_new_by_EVP_PKEY() takes one more argument to express
the desired outermost structure for the input.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
67c91ca23e DECODER: Add support for OSSL_FUNC_decoder_does_selection()
OSSL_FUNC_decoder_does_selection() is a dispatchable decoder implementation
function that should return 1 if the given |selection| is supported by an
decoder implementation and 0 if not.  This can be used by libcrypto
functionality to figure out if an encoder implementation should be
considered or not.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Richard Levitte
ebfdb63d96 DECODER: Add support for specifying the outermost input structure
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
2020-11-11 11:42:06 +01:00
Dr. David von Oheimb
f7626d0bfa 25-test_x509.t: Re-add and improve a test on non-existence of ASN.1 parse errors
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13353)
2020-11-11 10:54:22 +01:00
Dr. David von Oheimb
d718521fca cmp_msg.c: Use issuer of reference cert as default issuer entry in certTemplate
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13357)
2020-11-11 10:51:04 +01:00
Shane Lontis
4757a34751 Add support for making all of KBKDF FixedInput fields optional.
Added settable integer parameters OSSL_KDF_PARAM_KBKDF_USE_L, OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR.
This is required for CAVS tests that only use a combined blob of
inputdata. A test showing this use case has been added.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13258)
2020-11-11 12:15:18 +10:00
Matt Caswell
2c90e80dec Remove some redundant error messages in the apps
We change the load_key() and load_pubkey() functions to make them more
consistent with the load_keyparams() function modified as a result of
PR #13317.

The error message on a NULL key is removed, because an error message has
already been displayed by load_key_certs_crls().

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13355)
2020-11-10 14:04:58 +00:00
Matt Caswell
8b0ec09934 Fix the reading of DSA parameters files using the dsaparam app
DSA parameters files were failing to load correctly. We also fix a number
of follow on issues which resulted in multiple similar errors messages
being displayed for the same problem, as well as a seg-fault.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13317)
2020-11-10 13:51:54 +00:00
Pali Rohár
dee8eded24 Document pkcs12 alg NONE
To generate unencrypted PKCS#12 file it is needed to use options: -keypbe NONE -certpbe NONE

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12426)
2020-11-10 14:12:53 +01:00
Dr. David von Oheimb
acb934ff55 openssl-cmp.pod.in: Clean up doc of -verify_email, -verify_hostname, and -verify_ip
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12932)
2020-11-10 13:25:45 +01:00
Dr. David von Oheimb
d3d6f49dd0 openssl.pod: Improve doc of -verify_email, -verify_hostname, and -verify_ip
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12932)
2020-11-10 13:25:45 +01:00
Dr. David von Oheimb
d55e448793 openssl-*.pod.in: Prevent newlines on empty engine_synopsis causing layout errors
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12932)
2020-11-10 13:25:45 +01:00
Dr. David von Oheimb
d99c866774 openssl-cmp.pod.in: Align order of options with apps/cmp.c; improve structuring of SYNOPSIS
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12932)
2020-11-10 13:25:45 +01:00