[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Mon May 23 19:04:28 UTC 2016


The branch master has been updated
       via  0cd0a820abc6124cf8e176fa92d620a2abf9e419 (commit)
      from  f65a8c1e66f43b642d5d1709a933615aac62cebd (commit)


- Log -----------------------------------------------------------------
commit 0cd0a820abc6124cf8e176fa92d620a2abf9e419
Author: Rich Salz <rsalz at openssl.org>
Date:   Mon May 23 15:02:34 2016 -0400

    Remove unused error/function codes.
    
    Add script to find unused err/reason codes
    Remove unused reason codes.
    Remove entries for unused functions
    
    Reviewed-by: Matt Caswell <matt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/asn1_err.c    |  64 +---------------
 crypto/async/async_err.c  |   9 +--
 crypto/bio/bio_err.c      |  24 +-----
 crypto/bn/bn_err.c        |  10 +--
 crypto/buffer/buf_err.c   |   7 +-
 crypto/cms/cms_err.c      |   8 +-
 crypto/comp/comp_err.c    |   7 +-
 crypto/conf/conf_err.c    |  11 +--
 crypto/cpt_err.c          |  17 +----
 crypto/ct/ct_err.c        |  28 +------
 crypto/dh/dh_err.c        |   9 +--
 crypto/dsa/dsa_err.c      |  19 +----
 crypto/dso/dso_err.c      |   8 +-
 crypto/ec/ec_err.c        |  37 +---------
 crypto/engine/eng_err.c   |  19 +----
 crypto/err/err.c          |  12 ---
 crypto/err/openssl.ec     |   2 +-
 crypto/evp/evp_err.c      |  52 ++-----------
 crypto/fips_err.h         | 181 ----------------------------------------------
 crypto/fips_ers.c         |  16 ----
 crypto/kdf/kdf_err.c      |   7 +-
 crypto/objects/obj_err.c  |   8 +-
 crypto/ocsp/ocsp_err.c    |  16 +---
 crypto/pem/pem_err.c      |  17 ++---
 crypto/pkcs12/pk12err.c   |  19 +----
 crypto/pkcs7/pkcs7err.c   |  49 +++----------
 crypto/rand/rand_err.c    |  20 +----
 crypto/rsa/rsa_err.c      |  30 +++-----
 crypto/ts/ts_err.c        |  10 +--
 crypto/ui/ui_err.c        |   2 +-
 crypto/x509/x509_err.c    |   1 -
 crypto/x509v3/v3err.c     |  20 +----
 include/internal/dso.h    |  19 +----
 include/openssl/asn1.h    |  58 +--------------
 include/openssl/async.h   |   7 +-
 include/openssl/bio.h     |  27 ++-----
 include/openssl/bn.h      |   8 +-
 include/openssl/buffer.h  |   5 +-
 include/openssl/cms.h     |   7 +-
 include/openssl/comp.h    |   6 +-
 include/openssl/conf.h    |   9 +--
 include/openssl/crypto.h  |  15 +---
 include/openssl/ct.h      |  20 +----
 include/openssl/dh.h      |   8 +-
 include/openssl/dsa.h     |  17 +----
 include/openssl/ec.h      |  33 +--------
 include/openssl/engine.h  |  17 +----
 include/openssl/err.h     |  17 -----
 include/openssl/evp.h     |  41 +----------
 include/openssl/kdf.h     |   5 +-
 include/openssl/objects.h |   6 +-
 include/openssl/ocsp.h    |  14 +---
 include/openssl/pem.h     |   8 +-
 include/openssl/pkcs12.h  |  13 +---
 include/openssl/pkcs7.h   |  28 +------
 include/openssl/rand.h    |  17 +----
 include/openssl/rsa.h     |  17 +----
 include/openssl/ssl.h     |  90 +----------------------
 include/openssl/ts.h      |   9 +--
 include/openssl/ui.h      |   8 +-
 include/openssl/x509.h    |  13 ++--
 include/openssl/x509v3.h  |  11 +--
 ssl/ssl_err.c             | 180 ++++++++++++---------------------------------
 util/find-unused-errs     |  31 ++++++++
 64 files changed, 235 insertions(+), 1268 deletions(-)
 delete mode 100644 crypto/fips_err.h
 delete mode 100644 crypto/fips_ers.c
 create mode 100755 util/find-unused-errs

diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 097ccf9..a363fdb 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/asn1.h>
@@ -25,14 +20,12 @@
 
 static ERR_STRING_DATA ASN1_str_functs[] = {
     {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
     {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
     {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
     {ERR_FUNC(ASN1_F_APPEND_EXP), "append_exp"},
     {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
     {ERR_FUNC(ASN1_F_ASN1_CB), "asn1_cb"},
     {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "asn1_check_tlen"},
-    {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
     {ERR_FUNC(ASN1_F_ASN1_COLLECT), "asn1_collect"},
     {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "asn1_d2i_ex_primitive"},
     {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
@@ -40,21 +33,15 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
     {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
     {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "asn1_do_adb"},
     {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
-    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
-    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
     {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "asn1_ex_c2i"},
     {ERR_FUNC(ASN1_F_ASN1_FIND_END), "asn1_find_end"},
     {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
     {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
     {ERR_FUNC(ASN1_F_ASN1_GET_INT64), "asn1_get_int64"},
     {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
     {ERR_FUNC(ASN1_F_ASN1_GET_UINT64), "asn1_get_uint64"},
-    {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
     {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
     {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
-    {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
     {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
     {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
     {ERR_FUNC(ASN1_F_ASN1_ITEM_EMBED_D2I), "asn1_item_embed_d2i"},
@@ -69,12 +56,8 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
     {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
     {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
     {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "asn1_output_data"},
-    {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
     {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
-    {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
     {ERR_FUNC(ASN1_F_ASN1_SCTX_NEW), "ASN1_SCTX_new"},
-    {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
-    {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
     {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
     {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "asn1_str2type"},
     {ERR_FUNC(ASN1_F_ASN1_STRING_GET_INT64), "asn1_string_get_int64"},
@@ -87,49 +70,28 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
     {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "asn1_template_new"},
     {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "asn1_template_noexp_d2i"},
     {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
     {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
      "ASN1_TYPE_get_int_octetstring"},
     {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
-    {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
     {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
     {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
     {ERR_FUNC(ASN1_F_B64_READ_ASN1), "b64_read_asn1"},
     {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_write_ASN1"},
     {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
     {ERR_FUNC(ASN1_F_BITSTR_CB), "bitstr_cb"},
-    {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
-    {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
     {ERR_FUNC(ASN1_F_BN_TO_ASN1_STRING), "bn_to_asn1_string"},
     {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
     {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
     {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
     {ERR_FUNC(ASN1_F_C2I_IBUF), "c2i_ibuf"},
     {ERR_FUNC(ASN1_F_COLLECT_DATA), "collect_data"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
     {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
     {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
     {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
-    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
-    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
     {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
     {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
-    {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
-    {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
-    {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
     {ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
     {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
     {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
     {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
     {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
@@ -147,13 +109,11 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
     {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
     {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
     {ERR_FUNC(ASN1_F_STBL_MODULE_INIT), "stbl_module_init"},
-    {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
     {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
     {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
     {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "x509_name_encode"},
     {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "x509_name_ex_d2i"},
     {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "x509_name_ex_new"},
-    {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
     {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
     {0, NULL}
 };
@@ -163,10 +123,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
     {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"},
     {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"},
-    {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"},
     {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
-    {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"},
-    {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"},
     {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
      "bmpstring is wrong length"},
     {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
@@ -177,21 +134,16 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
     {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
     {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"},
     {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
     {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
      "digest and key type not supported"},
     {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
     {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
     {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
-    {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),
-     "error parsing set element"},
     {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
      "error setting cipher params"},
     {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"},
     {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"},
-    {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"},
-    {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"},
     {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
     {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
      "explicit tag not constructed"},
@@ -233,13 +185,10 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"},
     {ERR_REASON(ASN1_R_INVALID_STRING_TABLE_VALUE),
      "invalid string table value"},
-    {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"},
     {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
      "invalid universalstring length"},
     {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"},
     {ERR_REASON(ASN1_R_INVALID_VALUE), "invalid value"},
-    {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"},
-    {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"},
     {ERR_REASON(ASN1_R_LIST_ERROR), "list error"},
     {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
     {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
@@ -254,7 +203,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
     {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
     {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"},
     {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
     {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
      "no multipart body failure"},
@@ -263,8 +211,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"},
     {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
     {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"},
-    {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),
-     "private key header missing"},
     {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
     {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
     {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
@@ -275,7 +221,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
     {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"},
     {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"},
-    {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"},
     {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
      "the asn1 object identifier is not known for this md"},
     {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
@@ -284,9 +229,6 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_TOO_SMALL), "too small"},
     {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
     {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
-    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
-    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),
-     "unable to decode rsa private key"},
     {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
     {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
      "universalstring is wrong length"},
@@ -300,16 +242,12 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
     {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
     {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
      "unsupported any defined by type"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),
-     "unsupported encryption algorithm"},
     {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
      "unsupported public key type"},
     {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
     {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE), "wrong integer type"},
     {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
     {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
-    {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
     {0, NULL}
 };
 
diff --git a/crypto/async/async_err.c b/crypto/async/async_err.c
index 0876d6c..13c41cd 100644
--- a/crypto/async/async_err.c
+++ b/crypto/async/async_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/async.h>
@@ -34,12 +29,10 @@ static ERR_STRING_DATA ASYNC_str_functs[] = {
 };
 
 static ERR_STRING_DATA ASYNC_str_reasons[] = {
-    {ERR_REASON(ASYNC_R_CANNOT_CREATE_WAIT_PIPE), "cannot create wait pipe"},
     {ERR_REASON(ASYNC_R_FAILED_TO_SET_POOL), "failed to set pool"},
     {ERR_REASON(ASYNC_R_FAILED_TO_SWAP_CONTEXT), "failed to swap context"},
     {ERR_REASON(ASYNC_R_INIT_FAILED), "init failed"},
     {ERR_REASON(ASYNC_R_INVALID_POOL_SIZE), "invalid pool size"},
-    {ERR_REASON(ASYNC_R_POOL_ALREADY_INITED), "pool already inited"},
     {0, NULL}
 };
 
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
index e4b74ad..7553182 100644
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -24,13 +24,10 @@ static ERR_STRING_DATA BIO_str_functs[] = {
     {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
     {ERR_FUNC(BIO_F_BIO_ACCEPT_EX), "BIO_accept_ex"},
     {ERR_FUNC(BIO_F_BIO_ADDR_NEW), "BIO_ADDR_new"},
-    {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
     {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
     {ERR_FUNC(BIO_F_BIO_CONNECT), "BIO_connect"},
     {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
-    {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
     {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
-    {ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
     {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
     {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
     {ERR_FUNC(BIO_F_BIO_LISTEN), "BIO_listen"},
@@ -60,10 +57,8 @@ static ERR_STRING_DATA BIO_str_functs[] = {
     {ERR_FUNC(BIO_F_FILE_CTRL), "file_ctrl"},
     {ERR_FUNC(BIO_F_FILE_READ), "file_read"},
     {ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "linebuffer_ctrl"},
-    {ERR_FUNC(BIO_F_MEM_READ), "MEM_READ"},
     {ERR_FUNC(BIO_F_MEM_WRITE), "mem_write"},
     {ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
-    {ERR_FUNC(BIO_F_WSASTARTUP), "WSASTARTUP"},
     {0, NULL}
 };
 
@@ -71,17 +66,11 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
     {ERR_REASON(BIO_R_ACCEPT_ERROR), "accept error"},
     {ERR_REASON(BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET),
      "addrinfo addr is not af inet"},
-    {ERR_REASON(BIO_R_AMBIGUOUS_HOST_OR_SERVICE), "ambiguous host or service"},
+    {ERR_REASON(BIO_R_AMBIGUOUS_HOST_OR_SERVICE),
+     "ambiguous host or service"},
     {ERR_REASON(BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
-    {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP), "bad hostname lookup"},
     {ERR_REASON(BIO_R_BROKEN_PIPE), "broken pipe"},
     {ERR_REASON(BIO_R_CONNECT_ERROR), "connect error"},
-    {ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO), "EOF on memory BIO"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO), "error setting nbio"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),
-     "error setting nbio on accepted socket"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),
-     "error setting nbio on accept socket"},
     {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
      "gethostbyname addr is not af inet"},
     {ERR_REASON(BIO_R_GETSOCKNAME_ERROR), "getsockname error"},
@@ -89,25 +78,20 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
      "getsockname truncated address"},
     {ERR_REASON(BIO_R_GETTING_SOCKTYPE), "getting socktype"},
     {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(BIO_R_INVALID_IP_ADDRESS), "invalid ip address"},
     {ERR_REASON(BIO_R_INVALID_SOCKET), "invalid socket"},
     {ERR_REASON(BIO_R_IN_USE), "in use"},
-    {ERR_REASON(BIO_R_KEEPALIVE), "keepalive"},
     {ERR_REASON(BIO_R_LISTEN_V6_ONLY), "listen v6 only"},
     {ERR_REASON(BIO_R_LOOKUP_RETURNED_NOTHING), "lookup returned nothing"},
-    {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE), "malformed host or service"},
+    {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE),
+     "malformed host or service"},
     {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
     {ERR_REASON(BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED),
      "no accept addr or service specified"},
-    {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
     {ERR_REASON(BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED),
      "no hostname or service specified"},
-    {ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED), "no hostname specified"},
     {ERR_REASON(BIO_R_NO_PORT_DEFINED), "no port defined"},
-    {ERR_REASON(BIO_R_NO_SERVICE_SPECIFIED), "no service specified"},
     {ERR_REASON(BIO_R_NO_SUCH_FILE), "no such file"},
     {ERR_REASON(BIO_R_NULL_PARAMETER), "null parameter"},
-    {ERR_REASON(BIO_R_TAG_MISMATCH), "tag mismatch"},
     {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
     {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
     {ERR_REASON(BIO_R_UNABLE_TO_KEEPALIVE), "unable to keepalive"},
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index 2506e3e..a71b265 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/bn.h>
@@ -37,10 +32,8 @@ static ERR_STRING_DATA BN_str_functs[] = {
     {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
     {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
     {ERR_FUNC(BN_F_BN_DIV), "BN_div"},
-    {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
     {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
     {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
-    {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
     {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "bn_expand_internal"},
     {ERR_FUNC(BN_F_BN_GENCB_NEW), "BN_GENCB_new"},
     {ERR_FUNC(BN_F_BN_GENERATE_DSA_NONCE), "BN_generate_dsa_nonce"},
@@ -62,7 +55,6 @@ static ERR_STRING_DATA BN_str_functs[] = {
     {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
     {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
     {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
-    {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
     {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
     {ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
     {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
index d6e3a25..b7679ae 100644
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/buffer.h>
diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c
index b335184..cfda019 100644
--- a/crypto/cms/cms_err.c
+++ b/crypto/cms/cms_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/cms.h>
@@ -164,7 +159,6 @@ static ERR_STRING_DATA CMS_str_reasons[] = {
     {ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
     {ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
     {ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(CMS_R_DIGEST_ERROR), "digest error"},
     {ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
     {ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
      "error reading messagedigest attribute"},
diff --git a/crypto/comp/comp_err.c b/crypto/comp/comp_err.c
index b8ff4a6..0233e94 100644
--- a/crypto/comp/comp_err.c
+++ b/crypto/comp/comp_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/comp.h>
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index fb9174b..31bb15c 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/conf.h>
@@ -26,9 +21,7 @@
 static ERR_STRING_DATA CONF_str_functs[] = {
     {ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
     {ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
-    {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
     {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
-    {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
     {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
     {ERR_FUNC(CONF_F_DEF_LOAD), "def_load"},
     {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "def_load_bio"},
@@ -37,7 +30,6 @@ static ERR_STRING_DATA CONF_str_functs[] = {
     {ERR_FUNC(CONF_F_MODULE_RUN), "module_run"},
     {ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
     {ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
-    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER), "NCONF_get_number"},
     {ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
     {ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
     {ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
@@ -55,7 +47,6 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
     {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
      "missing close square bracket"},
     {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
-    {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"},
     {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
     {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),
      "module initialization error"},
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index ed18bf5..3c6e8d5 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/crypto.h>
@@ -27,22 +22,14 @@ static ERR_STRING_DATA CRYPTO_str_functs[] = {
     {ERR_FUNC(CRYPTO_F_CRYPTO_DUP_EX_DATA), "CRYPTO_dup_ex_data"},
     {ERR_FUNC(CRYPTO_F_CRYPTO_FREE_EX_DATA), "CRYPTO_free_ex_data"},
     {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"},
     {ERR_FUNC(CRYPTO_F_CRYPTO_MEMDUP), "CRYPTO_memdup"},
     {ERR_FUNC(CRYPTO_F_CRYPTO_NEW_EX_DATA), "CRYPTO_new_ex_data"},
     {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
-    {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
-    {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
     {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
     {ERR_FUNC(CRYPTO_F_GET_AND_LOCK), "get_and_lock"},
-    {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
-    {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
-    {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
     {ERR_FUNC(CRYPTO_F_OPENSSL_BUF2HEXSTR), "OPENSSL_buf2hexstr"},
-    {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO), "OPENSSL_init_crypto"},
-    {ERR_FUNC(CRYPTO_F_OPENSSL_MEMDUP), "OPENSSL_MEMDUP"},
     {ERR_FUNC(CRYPTO_F_OPENSSL_HEXSTR2BUF), "OPENSSL_hexstr2buf"},
+    {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO), "OPENSSL_init_crypto"},
     {0, NULL}
 };
 
diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c
index 5300f8c..8581dbb 100644
--- a/crypto/ct/ct_err.c
+++ b/crypto/ct/ct_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/ct.h>
@@ -28,26 +23,11 @@ static ERR_STRING_DATA CT_str_functs[] = {
     {ERR_FUNC(CT_F_CTLOG_NEW_FROM_BASE64), "CTLOG_new_from_base64"},
     {ERR_FUNC(CT_F_CTLOG_NEW_FROM_CONF), "ctlog_new_from_conf"},
     {ERR_FUNC(CT_F_CTLOG_NEW_NULL), "CTLOG_new_null"},
-    {ERR_FUNC(CT_F_CTLOG_STORE_GET0_LOG_BY_ID), "CTLOG_STORE_get0_log_by_id"},
     {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_CTX_NEW), "ctlog_store_load_ctx_new"},
     {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_FILE), "CTLOG_STORE_load_file"},
     {ERR_FUNC(CT_F_CT_BASE64_DECODE), "ct_base64_decode"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_CERT),
-     "CT_POLICY_EVAL_CTX_get0_cert"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_ISSUER),
-     "CT_POLICY_EVAL_CTX_get0_issuer"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_GET0_LOG_STORE),
-     "CT_POLICY_EVAL_CTX_get0_log_store"},
     {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_NEW), "CT_POLICY_EVAL_CTX_new"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_CERT),
-     "CT_POLICY_EVAL_CTX_set0_cert"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_ISSUER),
-     "CT_POLICY_EVAL_CTX_set0_issuer"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_SET0_LOG_STORE),
-     "CT_POLICY_EVAL_CTX_set0_log_store"},
     {ERR_FUNC(CT_F_CT_V1_LOG_ID_FROM_PKEY), "ct_v1_log_id_from_pkey"},
-    {ERR_FUNC(CT_F_D2I_SCT_LIST), "d2i_SCT_LIST"},
-    {ERR_FUNC(CT_F_I2D_SCT_LIST), "i2d_SCT_LIST"},
     {ERR_FUNC(CT_F_I2O_SCT), "i2o_SCT"},
     {ERR_FUNC(CT_F_I2O_SCT_LIST), "i2o_SCT_LIST"},
     {ERR_FUNC(CT_F_I2O_SCT_SIGNATURE), "i2o_SCT_signature"},
@@ -55,7 +35,6 @@ static ERR_STRING_DATA CT_str_functs[] = {
     {ERR_FUNC(CT_F_O2I_SCT_LIST), "o2i_SCT_LIST"},
     {ERR_FUNC(CT_F_O2I_SCT_SIGNATURE), "o2i_SCT_signature"},
     {ERR_FUNC(CT_F_SCT_CTX_NEW), "SCT_CTX_new"},
-    {ERR_FUNC(CT_F_SCT_LIST_VALIDATE), "SCT_LIST_validate"},
     {ERR_FUNC(CT_F_SCT_NEW), "SCT_new"},
     {ERR_FUNC(CT_F_SCT_NEW_FROM_BASE64), "SCT_new_from_base64"},
     {ERR_FUNC(CT_F_SCT_SET0_LOG_ID), "SCT_set0_log_id"},
@@ -65,8 +44,6 @@ static ERR_STRING_DATA CT_str_functs[] = {
     {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
     {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
     {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
-    {ERR_FUNC(CT_F_SCT_SIGNATURE_IS_VALID), "SCT_SIGNATURE_IS_VALID"},
-    {ERR_FUNC(CT_F_SCT_VALIDATE), "SCT_validate"},
     {ERR_FUNC(CT_F_SCT_VERIFY), "SCT_verify"},
     {ERR_FUNC(CT_F_SCT_VERIFY_V1), "SCT_verify_v1"},
     {0, NULL}
@@ -81,15 +58,12 @@ static ERR_STRING_DATA CT_str_reasons[] = {
      "log conf missing description"},
     {ERR_REASON(CT_R_LOG_CONF_MISSING_KEY), "log conf missing key"},
     {ERR_REASON(CT_R_LOG_KEY_INVALID), "log key invalid"},
-    {ERR_REASON(CT_R_NOT_ENOUGH_SCTS), "not enough scts"},
     {ERR_REASON(CT_R_SCT_INVALID), "sct invalid"},
     {ERR_REASON(CT_R_SCT_INVALID_SIGNATURE), "sct invalid signature"},
     {ERR_REASON(CT_R_SCT_LIST_INVALID), "sct list invalid"},
     {ERR_REASON(CT_R_SCT_LOG_ID_MISMATCH), "sct log id mismatch"},
     {ERR_REASON(CT_R_SCT_NOT_SET), "sct not set"},
     {ERR_REASON(CT_R_SCT_UNSUPPORTED_VERSION), "sct unsupported version"},
-    {ERR_REASON(CT_R_SCT_VALIDATION_STATUS_NOT_SET),
-     "sct validation status not set"},
     {ERR_REASON(CT_R_UNRECOGNIZED_SIGNATURE_NID),
      "unrecognized signature nid"},
     {ERR_REASON(CT_R_UNSUPPORTED_ENTRY_TYPE), "unsupported entry type"},
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index e1e5b49..a5348b1 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/dh.h>
@@ -41,7 +36,6 @@ static ERR_STRING_DATA DH_str_functs[] = {
     {ERR_FUNC(DH_F_DH_PUB_ENCODE), "dh_pub_encode"},
     {ERR_FUNC(DH_F_DO_DH_PRINT), "do_dh_print"},
     {ERR_FUNC(DH_F_GENERATE_KEY), "generate_key"},
-    {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
     {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "pkey_dh_derive"},
     {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "pkey_dh_keygen"},
     {0, NULL}
@@ -55,7 +49,6 @@ static ERR_STRING_DATA DH_str_reasons[] = {
     {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
     {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
     {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
-    {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
     {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
     {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
     {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index 038a031..96bd4d3 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/dsa.h>
@@ -24,11 +19,8 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
 
 static ERR_STRING_DATA DSA_str_functs[] = {
-    {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
-    {ERR_FUNC(DSA_F_DO_DSA_PRINT), "do_dsa_print"},
     {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
     {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
-    {ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"},
     {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
     {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"},
     {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
@@ -45,14 +37,9 @@ static ERR_STRING_DATA DSA_str_functs[] = {
     {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "dsa_pub_encode"},
     {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
     {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
-    {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
-    {ERR_FUNC(DSA_F_DSA_SIG_PRINT), "dsa_sig_print"},
-    {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
-    {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
     {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"},
     {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"},
     {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"},
-    {ERR_FUNC(DSA_F_SIG_CB), "sig_cb"},
     {0, NULL}
 };
 
@@ -60,15 +47,11 @@ static ERR_STRING_DATA DSA_str_reasons[] = {
     {ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
     {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
     {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
-    {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
-     "data too large for key size"},
     {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
     {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
     {ERR_REASON(DSA_R_INVALID_PARAMETERS), "invalid parameters"},
-    {ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
     {ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
     {ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
     {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
     {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
     {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
diff --git a/crypto/dso/dso_err.c b/crypto/dso/dso_err.c
index cb17a92..870c80b 100644
--- a/crypto/dso/dso_err.c
+++ b/crypto/dso/dso_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,13 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include "internal/dso.h"
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index 7b2b201..56aacd4 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/ec.h>
@@ -25,7 +20,6 @@
 
 static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_to_felem"},
-    {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
     {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
     {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
     {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
@@ -56,13 +50,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_ECP_NISTZ256_POINTS_MUL), "ecp_nistz256_points_mul"},
     {ERR_FUNC(EC_F_ECP_NISTZ256_PRE_COMP_NEW), "ecp_nistz256_pre_comp_new"},
     {ERR_FUNC(EC_F_ECP_NISTZ256_WINDOWED_MUL), "ecp_nistz256_windowed_mul"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"},
     {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "ec_asn1_group2curve"},
     {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "ec_asn1_group2fieldid"},
-    {ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"},
     {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),
      "ec_GF2m_montgomery_point_multiply"},
     {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),
@@ -85,8 +74,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
     {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),
      "ec_GFp_mont_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),
-     "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
     {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
      "ec_GFp_nistp224_group_set_curve"},
     {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
@@ -110,10 +97,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
      "ec_GFp_simple_group_check_discriminant"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),
      "ec_GFp_simple_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),
-     "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),
-     "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
@@ -121,29 +104,20 @@ static ERR_STRING_DATA EC_str_functs[] = {
      "ec_GFp_simple_points_make_affine"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),
      "ec_GFp_simple_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),
      "ec_GFp_simple_point_set_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
     {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),
      "ec_GFp_simple_set_compressed_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
     {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
     {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),
      "EC_GROUP_check_discriminant"},
     {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_ECPARAMETERS), "EC_GROUP_get_ecparameters"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_ECPKPARAMETERS),
      "EC_GROUP_get_ecpkparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),
      "EC_GROUP_get_pentanomial_basis"},
     {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),
@@ -155,10 +129,8 @@ static ERR_STRING_DATA EC_str_functs[] = {
      "EC_GROUP_new_from_ecparameters"},
     {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS),
      "EC_GROUP_new_from_ecpkparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
     {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
     {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"},
     {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
     {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
     {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
@@ -189,7 +161,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
     {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
     {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
-    {ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"},
     {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
     {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
     {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
@@ -204,7 +175,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
     {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),
      "EC_POINT_set_Jprojective_coordinates_GFp"},
     {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
-    {ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"},
     {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "ec_pre_comp_new"},
     {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
     {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
@@ -231,7 +201,6 @@ static ERR_STRING_DATA EC_str_functs[] = {
 
 static ERR_STRING_DATA EC_str_reasons[] = {
     {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
-    {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
     {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"},
     {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
     {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
@@ -267,18 +236,14 @@ static ERR_STRING_DATA EC_str_reasons[] = {
     {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
     {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
     {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
-    {ERR_REASON(EC_R_KDF_FAILED), "kdf failed"},
     {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
     {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
     {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
     {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
     {ERR_REASON(EC_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
     {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
-    {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),
-     "not a supported NIST prime"},
     {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
     {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
-    {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
     {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
     {ERR_REASON(EC_R_NO_PRIVATE_VALUE), "no private value"},
     {ERR_REASON(EC_R_OPERATION_NOT_SUPPORTED), "operation not supported"},
diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
index 507f239..c8f628b 100644
--- a/crypto/engine/eng_err.c
+++ b/crypto/engine/eng_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/engine.h>
@@ -35,9 +30,7 @@ static ERR_STRING_DATA ENGINE_str_functs[] = {
     {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
     {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
     {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
-    {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"},
     {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
     {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
     {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
     {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
@@ -55,17 +48,14 @@ static ERR_STRING_DATA ENGINE_str_functs[] = {
     {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
     {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),
      "ENGINE_set_default_string"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
     {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
     {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
     {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "engine_table_register"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
     {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "engine_unlocked_finish"},
     {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
     {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "int_ctrl_helper"},
     {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "int_engine_configure"},
     {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "int_engine_module_init"},
-    {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"},
     {0, NULL}
 };
 
@@ -79,8 +69,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
     {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
     {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
      "ctrl command not implemented"},
-    {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED), "dh not implemented"},
-    {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
     {ERR_REASON(ENGINE_R_DSO_FAILURE), "DSO failure"},
     {ERR_REASON(ENGINE_R_DSO_NOT_FOUND), "dso not found"},
     {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
@@ -93,8 +81,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
     {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
      "failed loading public key"},
     {ERR_REASON(ENGINE_R_FINISH_FAILED), "finish failed"},
-    {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED),
-     "could not obtain hardware handle"},
     {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING), "'id' or 'name' missing"},
     {ERR_REASON(ENGINE_R_INIT_FAILED), "init failed"},
     {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
@@ -110,9 +96,6 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
     {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION), "no load function"},
     {ERR_REASON(ENGINE_R_NO_REFERENCE), "no reference"},
     {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
-    {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION), "no unload function"},
-    {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS), "provide parameters"},
-    {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
     {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
     {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
     {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 6362429..1035e4c 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -95,26 +95,14 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
     {ERR_R_DSA_LIB, "DSA lib"},
     {ERR_R_X509_LIB, "X509 lib"},
     {ERR_R_ASN1_LIB, "ASN1 lib"},
-    {ERR_R_CONF_LIB, "CONF lib"},
-    {ERR_R_CRYPTO_LIB, "CRYPTO lib"},
     {ERR_R_EC_LIB, "EC lib"},
-    {ERR_R_SSL_LIB, "SSL lib"},
     {ERR_R_BIO_LIB, "BIO lib"},
     {ERR_R_PKCS7_LIB, "PKCS7 lib"},
     {ERR_R_X509V3_LIB, "X509V3 lib"},
-    {ERR_R_PKCS12_LIB, "PKCS12 lib"},
-    {ERR_R_RAND_LIB, "RAND lib"},
-    {ERR_R_DSO_LIB, "DSO lib"},
     {ERR_R_ENGINE_LIB, "ENGINE lib"},
-    {ERR_R_OCSP_LIB, "OCSP lib"},
-    {ERR_R_TS_LIB, "TS lib"},
     {ERR_R_ECDSA_LIB, "ECDSA lib"},
 
     {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
-    {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"},
-    {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"},
-    {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"},
-    {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"},
     {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},
 
     {ERR_R_FATAL, "fatal"},
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index 6e18e7d..1abd774 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -31,7 +31,7 @@ L COMP		include/openssl/comp.h		crypto/comp/comp_err.c
 L TS		include/openssl/ts.h		crypto/ts/ts_err.c
 #L HMAC		include/openssl/hmac.h		crypto/hmac/hmac_err.c
 L CMS		include/openssl/cms.h		crypto/cms/cms_err.c
-L FIPS		include/openssl/fips.h		crypto/fips_err.h
+#L FIPS		include/openssl/fips.h		crypto/fips_err.h
 L CT		include/openssl/ct.h		crypto/ct/ct_err.c
 L ASYNC		include/openssl/async.h		crypto/async/async_err.c
 L KDF		include/openssl/kdf.h		crypto/kdf/kdf_err.c
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index e564e87..c9c9dc7 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
@@ -25,22 +20,13 @@
 
 static ERR_STRING_DATA EVP_str_functs[] = {
     {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "aesni_init_key"},
-    {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
     {ERR_FUNC(EVP_F_AES_INIT_KEY), "aes_init_key"},
     {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"},
-    {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
-    {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
     {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"},
     {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"},
     {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"},
-    {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
     {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"},
-    {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
     {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "do_sigver_init"},
-    {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
     {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
     {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
     {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
@@ -73,7 +59,6 @@ static ERR_STRING_DATA EVP_str_functs[] = {
     {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
     {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DH), "EVP_PKEY_get0_DH"},
     {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DSA), "EVP_PKEY_get0_DSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_ECDSA), "EVP_PKEY_GET0_ECDSA"},
     {ERR_FUNC(EVP_F_EVP_PKEY_GET0_EC_KEY), "EVP_PKEY_get0_EC_KEY"},
     {ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"},
     {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
@@ -88,23 +73,13 @@ static ERR_STRING_DATA EVP_str_functs[] = {
     {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
     {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
      "EVP_PKEY_verify_recover_init"},
-    {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
     {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
     {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),
-     "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
-    {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
-    {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
-    {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
     {ERR_FUNC(EVP_F_INT_CTX_NEW), "int_ctx_new"},
     {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
     {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
     {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_v2_PBKDF2_keyivgen"},
     {ERR_FUNC(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN), "PKCS5_v2_scrypt_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
     {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "pkey_set_type"},
     {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "rc2_magic_to_meth"},
     {ERR_FUNC(EVP_F_RC5_CTRL), "rc5_ctrl"},
@@ -112,16 +87,11 @@ static ERR_STRING_DATA EVP_str_functs[] = {
 };
 
 static ERR_STRING_DATA EVP_str_reasons[] = {
-    {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"},
     {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
-    {ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"},
-    {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"},
     {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"},
-    {ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"},
-    {ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"},
     {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
+    {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
+     "camellia key setup failed"},
     {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
     {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
     {ERR_REASON(EVP_R_COPY_ERROR), "copy error"},
@@ -133,25 +103,21 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
     {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
     {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
-    {ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
-    {ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"},
     {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
     {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
-    {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
     {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"},
     {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
     {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY), "expecting a ecdsa key"},
     {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
     {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-    {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS), "illegal scrypt parameters"},
+    {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS),
+     "illegal scrypt parameters"},
     {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
     {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
     {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
     {ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
     {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
     {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
-    {ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
     {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
     {ERR_REASON(EVP_R_MEMORY_LIMIT_EXCEEDED), "memory limit exceeded"},
     {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
@@ -160,21 +126,14 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
     {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
     {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
-    {ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"},
     {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
     {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
-    {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),
-     "no sign function configured"},
-    {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),
-     "no verify function configured"},
     {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
      "operation not supported for this keytype"},
     {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
-    {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
     {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
     {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
     {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
-    {ERR_REASON(EVP_R_TOO_LARGE), "too large"},
     {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
     {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
     {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
@@ -193,7 +152,6 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"},
     {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"},
     {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
-    {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
     {0, NULL}
 };
 
diff --git a/crypto/fips_err.h b/crypto/fips_err.h
deleted file mode 100644
index b4db33c..0000000
--- a/crypto/fips_err.h
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/fips.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason)
-
-static ERR_STRING_DATA FIPS_str_functs[] = {
-    {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
-    {ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"},
-    {ERR_FUNC(FIPS_F_DRBG_RESEED), "DRBG_RESEED"},
-    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
-    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
-    {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
-    {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
-    {ERR_FUNC(FIPS_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
-    {ERR_FUNC(FIPS_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
-    {ERR_FUNC(FIPS_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
-    {ERR_FUNC(FIPS_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA_PRNG), "fips_check_dsa_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC_PRNG), "fips_check_ec_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT),
-     "FIPS_check_incore_fingerprint"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA_PRNG), "fips_check_rsa_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHER), "FIPS_cipher"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTFINAL), "FIPS_digestfinal"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTUPDATE), "FIPS_digestupdate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "FIPS_DRBG_CHECK"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "FIPS_DRBG_ERROR_CHECK"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
-    {ERR_FUNC(FIPS_F_FIPS_DSA_SIGN_DIGEST), "FIPS_dsa_sign_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_DSA_VERIFY_DIGEST), "FIPS_dsa_verify_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "FIPS_GET_ENTROPY"},
-    {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"},
-    {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_PSEUDO_BYTES), "FIPS_rand_pseudo_bytes"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"},
-    {ERR_FUNC(FIPS_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"},
-    {ERR_FUNC(FIPS_F_FIPS_SET_PRNG_KEY), "FIPS_SET_PRNG_KEY"},
-    {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
-    {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA FIPS_str_reasons[] = {
-    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
-     "additional input error undetected"},
-    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
-     "additional input too long"},
-    {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"},
-    {ERR_REASON(FIPS_R_AUTHENTICATION_FAILURE), "authentication failure"},
-    {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE), "contradicting evidence"},
-    {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"},
-    {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"},
-    {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"},
-    {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
-     "entropy not requested for reseed"},
-    {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"},
-    {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
-    {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
-     "error retrieving additional input"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
-     "fingerprint does not match"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),
-     "fingerprint does not match nonpic relocated"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),
-     "fingerprint does not match segment aliasing"},
-    {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"},
-    {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"},
-    {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"},
-    {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"},
-    {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),
-     "generate error undetected"},
-    {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
-    {ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),
-     "insufficient security strength"},
-    {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"},
-    {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(FIPS_R_INVALID_PARAMETERS), "invalid parameters"},
-    {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"},
-    {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"},
-    {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"},
-    {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"},
-    {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"},
-    {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"},
-    {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"},
-    {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"},
-    {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
-     "personalisation error undetected"},
-    {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),
-     "personalisation string too long"},
-    {ERR_REASON(FIPS_R_PRNG_STRENGTH_TOO_LOW), "prng strength too low"},
-    {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
-    {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
-    {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
-     "request length error undetected"},
-    {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
-     "request too large for drbg"},
-    {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"},
-    {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"},
-    {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"},
-    {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"},
-    {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),
-     "strength error undetected"},
-    {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"},
-    {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"},
-    {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
-     "uninstantiate zeroise error"},
-    {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"},
-    {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_FIPS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, FIPS_str_functs);
-        ERR_load_strings(0, FIPS_str_reasons);
-    }
-#endif
-}
diff --git a/crypto/fips_ers.c b/crypto/fips_ers.c
deleted file mode 100644
index 6440a38..0000000
--- a/crypto/fips_ers.c
+++ /dev/null
@@ -1,16 +0,0 @@
-/*
- * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_FIPS
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include "fips_err.h"
-#endif
diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c
index 3a0b6b1..6707a52 100644
--- a/crypto/kdf/kdf_err.c
+++ b/crypto/kdf/kdf_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/kdf.h>
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index b8a9057..2dd80be 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/objects.h>
@@ -35,7 +30,6 @@ static ERR_STRING_DATA OBJ_str_functs[] = {
 };
 
 static ERR_STRING_DATA OBJ_str_reasons[] = {
-    {ERR_REASON(OBJ_R_MALLOC_FAILURE), "malloc failure"},
     {ERR_REASON(OBJ_R_OID_EXISTS), "oid exists"},
     {ERR_REASON(OBJ_R_UNKNOWN_NID), "unknown nid"},
     {0, NULL}
diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
index b8e96b8..59bcf85 100644
--- a/crypto/ocsp/ocsp_err.c
+++ b/crypto/ocsp/ocsp_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/ocsp.h>
@@ -24,7 +19,6 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
 
 static ERR_STRING_DATA OCSP_str_functs[] = {
-    {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"},
     {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "d2i_ocsp_nonce"},
     {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
     {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
@@ -39,15 +33,11 @@ static ERR_STRING_DATA OCSP_str_functs[] = {
     {ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
     {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
     {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
-    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
-    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"},
     {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "parse_http_line1"},
-    {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA OCSP_str_reasons[] = {
-    {ERR_REASON(OCSP_R_BAD_DATA), "bad data"},
     {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
     {ERR_REASON(OCSP_R_DIGEST_ERR), "digest err"},
     {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
@@ -61,8 +51,6 @@ static ERR_STRING_DATA OCSP_str_reasons[] = {
      "nextupdate before thisupdate"},
     {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE), "not basic response"},
     {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
-    {ERR_REASON(OCSP_R_NO_CONTENT), "no content"},
-    {ERR_REASON(OCSP_R_NO_PUBLIC_KEY), "no public key"},
     {ERR_REASON(OCSP_R_NO_RESPONSE_DATA), "no response data"},
     {ERR_REASON(OCSP_R_NO_REVOKED_TIME), "no revoked time"},
     {ERR_REASON(OCSP_R_NO_SIGNER_KEY), "no signer key"},
@@ -72,11 +60,9 @@ static ERR_STRING_DATA OCSP_str_reasons[] = {
     {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
      "response contains no revocation data"},
     {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED), "root ca not trusted"},
-    {ERR_REASON(OCSP_R_SERVER_READ_ERROR), "server read error"},
     {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
     {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
      "server response parse error"},
-    {ERR_REASON(OCSP_R_SERVER_WRITE_ERROR), "server write error"},
     {ERR_REASON(OCSP_R_SIGNATURE_FAILURE), "signature failure"},
     {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
      "signer certificate not found"},
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index 2282e06..7a42535 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
@@ -47,10 +42,7 @@ static ERR_STRING_DATA PEM_str_functs[] = {
     {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
     {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
     {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
-    {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
-     "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
     {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
-    {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
     {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
     {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
     {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_read_bio_DHparams"},
@@ -82,7 +74,8 @@ static ERR_STRING_DATA PEM_str_reasons[] = {
      "error converting private key"},
     {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
      "expecting private key blob"},
-    {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB), "expecting public key blob"},
+    {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+     "expecting public key blob"},
     {ERR_REASON(PEM_R_HEADER_TOO_LONG), "header too long"},
     {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
     {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
@@ -93,8 +86,8 @@ static ERR_STRING_DATA PEM_str_reasons[] = {
     {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
     {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
     {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
-    {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD), "problems getting password"},
-    {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
+    {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
+     "problems getting password"},
     {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
     {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
     {ERR_REASON(PEM_R_READ_KEY), "read key"},
diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
index fcd19da..36053f1 100644
--- a/crypto/pkcs12/pk12err.c
+++ b/crypto/pkcs12/pk12err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/pkcs12.h>
@@ -24,14 +19,6 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
 
 static ERR_STRING_DATA PKCS12_str_functs[] = {
-    {ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"},
-    {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),
-     "PKCS12_add_friendlyname_asc"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),
-     "PKCS12_add_friendlyname_uni"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"},
     {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
     {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
     {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
@@ -57,7 +44,6 @@ static ERR_STRING_DATA PKCS12_str_functs[] = {
     {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
     {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
     {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
     {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
     {ERR_FUNC(PKCS12_F_PKCS8_SET0_PBE), "PKCS8_set0_pbe"},
     {0, NULL}
@@ -80,7 +66,6 @@ static ERR_STRING_DATA PKCS12_str_reasons[] = {
     {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
     {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
     {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
-    {ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR), "mac verify error"},
     {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"},
     {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"},
     {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
index 233de26..bcb479d 100644
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/pkcs7.h>
@@ -24,13 +19,11 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
 
 static ERR_STRING_DATA PKCS7_str_functs[] = {
-    {ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
-    {ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
     {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "do_pkcs7_signed_attrib"},
-    {ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"},
     {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
      "PKCS7_add0_attrib_signing_time"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP), "PKCS7_add_attrib_smimecap"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
+     "PKCS7_add_attrib_smimecap"},
     {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
     {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
     {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
@@ -43,7 +36,6 @@ static ERR_STRING_DATA PKCS7_str_functs[] = {
     {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
     {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
     {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
     {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
     {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
     {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "pkcs7_decrypt_rinfo"},
@@ -64,21 +56,18 @@ static ERR_STRING_DATA PKCS7_str_functs[] = {
     {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
     {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
     {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
-    {ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
-    {ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA PKCS7_str_reasons[] = {
-    {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+    {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),
+     "certificate verify error"},
     {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
      "cipher has no object identifier"},
     {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
-    {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT), "content and data present"},
+    {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
+     "content and data present"},
     {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
-    {ERR_REASON(PKCS7_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),
-     "decrypted key is wrong length"},
     {ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
     {ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
     {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
@@ -86,37 +75,23 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
      "encryption not supported for this key type"},
     {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
     {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
-    {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE), "invalid mime type"},
     {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
-    {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE), "invalid signed data type"},
-    {ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
-    {ERR_REASON(PKCS7_R_MIME_PARSE_ERROR), "mime parse error"},
-    {ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
-    {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
+    {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
+     "invalid signed data type"},
     {ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
-    {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE), "no content type"},
     {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
     {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
      "no matching digest type found"},
-    {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),
-     "no multipart body failure"},
-    {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
     {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
      "no recipient matches certificate"},
-    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY), "no recipient matches key"},
     {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
     {ERR_REASON(PKCS7_R_NO_SIGNERS), "no signers"},
-    {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
     {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
      "operation not supported on this type"},
     {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
      "pkcs7 add signature error"},
     {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL), "pkcs7 datafinal"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
     {ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
-    {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR), "pkcs7 parse error"},
-    {ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"},
     {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
      "private key does not match certificate"},
     {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
@@ -125,7 +100,6 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
     {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
     {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
      "signing not supported for this key type"},
-    {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
     {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
     {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
      "unable to find certificate"},
@@ -135,7 +109,8 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
     {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
     {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION), "unknown operation"},
     {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
-    {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
+    {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
+     "unsupported content type"},
     {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE), "wrong content type"},
     {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
     {0, NULL}
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
index d027338..c58e7ee 100644
--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
@@ -24,25 +19,12 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
 
 static ERR_STRING_DATA RAND_str_functs[] = {
-    {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"},
-    {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"},
-    {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"},
-    {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"},
-    {ERR_FUNC(RAND_F_FIPS_X931_SET_DT), "FIPS_x931_set_dt"},
     {ERR_FUNC(RAND_F_RAND_BYTES), "RAND_bytes"},
-    {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA RAND_str_reasons[] = {
-    {ERR_REASON(RAND_R_NOT_IN_TEST_MODE), "not in test mode"},
-    {ERR_REASON(RAND_R_NO_KEY_SET), "no key set"},
-    {ERR_REASON(RAND_R_PRNG_ERROR), "prng error"},
-    {ERR_REASON(RAND_R_PRNG_KEYED), "prng keyed"},
     {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
-    {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),
-     "prng seed must not match key"},
-    {ERR_REASON(RAND_R_PRNG_STUCK), "prng stuck"},
     {0, NULL}
 };
 
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 54aea98..a92ea5d 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/rsa.h>
@@ -25,12 +20,7 @@
 
 static ERR_STRING_DATA RSA_str_functs[] = {
     {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "check_padding_md"},
-    {ERR_FUNC(RSA_F_DO_RSA_PRINT), "do_rsa_print"},
-    {ERR_FUNC(RSA_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
-    {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_rsa_verify"},
-    {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
     {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "int_rsa_verify"},
-    {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
     {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "old_rsa_priv_decode"},
     {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"},
     {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"},
@@ -41,7 +31,6 @@ static ERR_STRING_DATA RSA_str_functs[] = {
     {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
     {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"},
     {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
     {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"},
     {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
     {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"},
@@ -50,18 +39,17 @@ static ERR_STRING_DATA RSA_str_functs[] = {
     {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "rsa_mgf1_to_md"},
     {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
     {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
-    {ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
     {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_null_private_decrypt"},
     {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_null_private_encrypt"},
     {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_null_public_decrypt"},
     {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_null_public_encrypt"},
-    {ERR_FUNC(RSA_F_RSA_OAEP_TO_CTX), "RSA_OAEP_TO_CTX"},
     {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"},
     {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"},
     {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"},
     {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"},
     {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
+     "RSA_padding_add_PKCS1_OAEP"},
     {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1),
      "RSA_padding_add_PKCS1_OAEP_mgf1"},
     {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
@@ -86,13 +74,13 @@ static ERR_STRING_DATA RSA_str_functs[] = {
     {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
     {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
     {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
-    {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
     {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "rsa_priv_encode"},
     {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "rsa_pss_to_ctx"},
     {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "rsa_pub_decode"},
     {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
     {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
-    {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
+    {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
+     "RSA_sign_ASN1_OCTET_STRING"},
     {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
     {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
      "RSA_verify_ASN1_OCTET_STRING"},
@@ -108,7 +96,8 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
     {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"},
     {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"},
     {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"},
-    {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), "data greater than mod len"},
+    {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),
+     "data greater than mod len"},
     {ERR_REASON(RSA_R_DATA_TOO_LARGE), "data too large"},
     {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
      "data too large for key size"},
@@ -129,7 +118,6 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
     {ERR_REASON(RSA_R_INVALID_DIGEST), "invalid digest"},
     {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
     {ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
-    {ERR_REASON(RSA_R_INVALID_KEYBITS), "invalid keybits"},
     {ERR_REASON(RSA_R_INVALID_LABEL), "invalid label"},
     {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
     {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
@@ -146,7 +134,8 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
     {ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
     {ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
     {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
-    {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING), "null before block missing"},
+    {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
+     "null before block missing"},
     {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q), "n does not equal p q"},
     {ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
     {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
@@ -166,7 +155,6 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
     {ERR_REASON(RSA_R_UNKNOWN_DIGEST), "unknown digest"},
     {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
     {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
-    {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST), "unknown pss digest"},
     {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
      "unsupported encryption type"},
     {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"},
diff --git a/crypto/ts/ts_err.c b/crypto/ts/ts_err.c
index 9b0d76d..08217f7 100644
--- a/crypto/ts/ts_err.c
+++ b/crypto/ts/ts_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/ts.h>
@@ -24,7 +19,6 @@
 # define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
 
 static ERR_STRING_DATA TS_str_functs[] = {
-    {ERR_FUNC(TS_F_D2I_TS_RESP), "d2i_TS_RESP"},
     {ERR_FUNC(TS_F_DEF_SERIAL_CB), "def_serial_cb"},
     {ERR_FUNC(TS_F_DEF_TIME_CB), "def_time_cb"},
     {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_add_signing_cert"},
@@ -73,7 +67,6 @@ static ERR_STRING_DATA TS_str_functs[] = {
     {ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"},
     {ERR_FUNC(TS_F_TS_RESP_SIGN), "ts_RESP_sign"},
     {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"},
-    {ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN), "TS_RESP_verify_token"},
     {ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY), "TS_TST_INFO_set_accuracy"},
     {ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),
      "TS_TST_INFO_set_msg_imprint"},
@@ -96,7 +89,6 @@ static ERR_STRING_DATA TS_str_reasons[] = {
     {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
     {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE), "could not set engine"},
     {ERR_REASON(TS_R_COULD_NOT_SET_TIME), "could not set time"},
-    {ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED), "d2i ts resp int failed"},
     {ERR_REASON(TS_R_DETACHED_CONTENT), "detached content"},
     {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),
      "ess add signing cert error"},
diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
index fbcb886..03cd2bc 100644
--- a/crypto/ui/ui_err.c
+++ b/crypto/ui/ui_err.c
@@ -1,4 +1,5 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -20,7 +21,6 @@
 static ERR_STRING_DATA UI_str_functs[] = {
     {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "general_allocate_boolean"},
     {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "general_allocate_prompt"},
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
     {ERR_FUNC(UI_F_UI_CREATE_METHOD), "UI_create_method"},
     {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
     {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index dd9778e..dbebbaa 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -94,7 +94,6 @@ static ERR_STRING_DATA X509_str_reasons[] = {
      "cert already in hash table"},
     {ERR_REASON(X509_R_CRL_ALREADY_DELTA), "crl already delta"},
     {ERR_REASON(X509_R_CRL_VERIFY_FAILURE), "crl verify failure"},
-    {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
     {ERR_REASON(X509_R_IDP_MISMATCH), "idp mismatch"},
     {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
     {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c
index 5ef62bd..1f838bc 100644
--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,12 +8,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
 #include <stdio.h>
 #include <openssl/err.h>
 #include <openssl/x509v3.h>
@@ -25,6 +20,8 @@
 
 static ERR_STRING_DATA X509V3_str_functs[] = {
     {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "a2i_GENERAL_NAME"},
+    {ERR_FUNC(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL),
+     "addr_validate_path_internal"},
     {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
      "ASIdentifierChoice_canonize"},
     {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
@@ -32,10 +29,8 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
     {ERR_FUNC(X509V3_F_COPY_EMAIL), "copy_email"},
     {ERR_FUNC(X509V3_F_COPY_ISSUER), "copy_issuer"},
     {ERR_FUNC(X509V3_F_DO_DIRNAME), "do_dirname"},
-    {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
     {ERR_FUNC(X509V3_F_DO_EXT_I2D), "do_ext_i2d"},
     {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "do_ext_nconf"},
-    {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
     {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "gnames_from_sectname"},
     {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
     {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "i2s_ASN1_IA5STRING"},
@@ -51,7 +46,6 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
     {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "s2i_ASN1_IA5STRING"},
     {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
     {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
     {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "s2i_skey_id"},
     {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "set_dist_point_name"},
     {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
@@ -77,14 +71,11 @@ static ERR_STRING_DATA X509V3_str_functs[] = {
     {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "v2i_POLICY_MAPPINGS"},
     {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "v2i_subject_alt"},
     {ERR_FUNC(X509V3_F_V2I_TLS_FEATURE), "v2i_TLS_FEATURE"},
-    {ERR_FUNC(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL),
-     "addr_validate_path_internal"},
     {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "v3_generic_extension"},
     {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
     {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
     {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
     {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
     {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
     {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
     {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
@@ -156,7 +147,6 @@ static ERR_STRING_DATA X509V3_str_reasons[] = {
      "no proxy cert policy language defined"},
     {ERR_REASON(X509V3_R_NO_PUBLIC_KEY), "no public key"},
     {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS), "no subject details"},
-    {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
     {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
     {ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
     {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
@@ -164,8 +154,6 @@ static ERR_STRING_DATA X509V3_str_reasons[] = {
     {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
     {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
      "policy path length already defined"},
-    {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),
-     "policy syntax not currently supported"},
     {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
      "policy when proxy language requires no policy"},
     {ERR_REASON(X509V3_R_SECTION_NOT_FOUND), "section not found"},
diff --git a/include/internal/dso.h b/include/internal/dso.h
index 7d9c739..d371fbe 100644
--- a/include/internal/dso.h
+++ b/include/internal/dso.h
@@ -152,24 +152,18 @@ void *DSO_global_lookup(const char *name);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_DSO_strings(void);
 
 /* Error codes for the DSO functions. */
 
 /* Function codes. */
-# define DSO_F_BEOS_BIND_FUNC                             144
-# define DSO_F_BEOS_BIND_VAR                              145
-# define DSO_F_BEOS_LOAD                                  146
-# define DSO_F_BEOS_NAME_CONVERTER                        147
-# define DSO_F_BEOS_UNLOAD                                148
 # define DSO_F_DLFCN_BIND_FUNC                            100
-# define DSO_F_DLFCN_BIND_VAR                             101
 # define DSO_F_DLFCN_LOAD                                 102
 # define DSO_F_DLFCN_MERGER                               130
 # define DSO_F_DLFCN_NAME_CONVERTER                       123
 # define DSO_F_DLFCN_UNLOAD                               103
 # define DSO_F_DL_BIND_FUNC                               104
-# define DSO_F_DL_BIND_VAR                                105
 # define DSO_F_DL_LOAD                                    106
 # define DSO_F_DL_MERGER                                  131
 # define DSO_F_DL_NAME_CONVERTER                          124
@@ -179,22 +173,18 @@ void ERR_load_DSO_strings(void);
 # define DSO_F_DSO_CTRL                                   110
 # define DSO_F_DSO_FREE                                   111
 # define DSO_F_DSO_GET_FILENAME                           127
-# define DSO_F_DSO_GET_LOADED_FILENAME                    128
 # define DSO_F_DSO_GLOBAL_LOOKUP                          139
 # define DSO_F_DSO_LOAD                                   112
 # define DSO_F_DSO_MERGE                                  132
 # define DSO_F_DSO_NEW_METHOD                             113
 # define DSO_F_DSO_SET_FILENAME                           129
 # define DSO_F_DSO_UP_REF                                 114
-# define DSO_F_GLOBAL_LOOKUP_FUNC                         138
 # define DSO_F_VMS_BIND_SYM                               115
 # define DSO_F_VMS_LOAD                                   116
 # define DSO_F_VMS_MERGER                                 133
 # define DSO_F_VMS_UNLOAD                                 117
-# define DSO_F_WIN32_BIND_FUNC                            118
-# define DSO_F_WIN32_BIND_VAR                             119
+# define DSO_F_WIN32_BIND_FUNC                            101
 # define DSO_F_WIN32_GLOBALLOOKUP                         142
-# define DSO_F_WIN32_GLOBALLOOKUP_FUNC                    143
 # define DSO_F_WIN32_JOINER                               135
 # define DSO_F_WIN32_LOAD                                 120
 # define DSO_F_WIN32_MERGER                               134
@@ -213,7 +203,6 @@ void ERR_load_DSO_strings(void);
 # define DSO_R_LOAD_FAILED                                103
 # define DSO_R_NAME_TRANSLATION_FAILED                    109
 # define DSO_R_NO_FILENAME                                111
-# define DSO_R_NO_FILE_SPECIFICATION                      116
 # define DSO_R_NULL_HANDLE                                104
 # define DSO_R_SET_FILENAME_FAILED                        112
 # define DSO_R_STACK_ERROR                                105
@@ -221,7 +210,7 @@ void ERR_load_DSO_strings(void);
 # define DSO_R_UNLOAD_FAILED                              107
 # define DSO_R_UNSUPPORTED                                108
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 6443caa..a596126 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -866,20 +866,19 @@ int SMIME_text(BIO *in, BIO *out);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_ASN1_strings(void);
 
 /* Error codes for the ASN1 functions. */
 
 /* Function codes. */
 # define ASN1_F_A2D_ASN1_OBJECT                           100
-# define ASN1_F_A2I_ASN1_ENUMERATED                       101
 # define ASN1_F_A2I_ASN1_INTEGER                          102
 # define ASN1_F_A2I_ASN1_STRING                           103
 # define ASN1_F_APPEND_EXP                                176
 # define ASN1_F_ASN1_BIT_STRING_SET_BIT                   183
 # define ASN1_F_ASN1_CB                                   177
 # define ASN1_F_ASN1_CHECK_TLEN                           104
-# define ASN1_F_ASN1_COLLATE_PRIMITIVE                    105
 # define ASN1_F_ASN1_COLLECT                              106
 # define ASN1_F_ASN1_D2I_EX_PRIMITIVE                     108
 # define ASN1_F_ASN1_D2I_FP                               109
@@ -887,21 +886,15 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_F_ASN1_DIGEST                               184
 # define ASN1_F_ASN1_DO_ADB                               110
 # define ASN1_F_ASN1_DUP                                  111
-# define ASN1_F_ASN1_ENUMERATED_SET                       112
-# define ASN1_F_ASN1_ENUMERATED_TO_BN                     113
 # define ASN1_F_ASN1_EX_C2I                               204
 # define ASN1_F_ASN1_FIND_END                             190
 # define ASN1_F_ASN1_GENERALIZEDTIME_ADJ                  216
-# define ASN1_F_ASN1_GENERALIZEDTIME_SET                  185
 # define ASN1_F_ASN1_GENERATE_V3                          178
 # define ASN1_F_ASN1_GET_INT64                            224
 # define ASN1_F_ASN1_GET_OBJECT                           114
 # define ASN1_F_ASN1_GET_UINT64                           225
-# define ASN1_F_ASN1_HEADER_NEW                           115
 # define ASN1_F_ASN1_I2D_BIO                              116
 # define ASN1_F_ASN1_I2D_FP                               117
-# define ASN1_F_ASN1_INTEGER_SET                          118
-# define ASN1_F_ASN1_INTEGER_TO_BN                        119
 # define ASN1_F_ASN1_ITEM_D2I_FP                          206
 # define ASN1_F_ASN1_ITEM_DUP                             191
 # define ASN1_F_ASN1_ITEM_EMBED_D2I                       120
@@ -916,12 +909,8 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_F_ASN1_MBSTRING_NCOPY                       122
 # define ASN1_F_ASN1_OBJECT_NEW                           123
 # define ASN1_F_ASN1_OUTPUT_DATA                          214
-# define ASN1_F_ASN1_PACK_STRING                          124
 # define ASN1_F_ASN1_PCTX_NEW                             205
-# define ASN1_F_ASN1_PKCS5_PBE_SET                        125
 # define ASN1_F_ASN1_SCTX_NEW                             221
-# define ASN1_F_ASN1_SEQ_PACK                             126
-# define ASN1_F_ASN1_SEQ_UNPACK                           127
 # define ASN1_F_ASN1_SIGN                                 128
 # define ASN1_F_ASN1_STR2TYPE                             179
 # define ASN1_F_ASN1_STRING_GET_INT64                     227
@@ -934,48 +923,27 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_F_ASN1_TEMPLATE_NEW                         133
 # define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                   131
 # define ASN1_F_ASN1_TIME_ADJ                             217
-# define ASN1_F_ASN1_TIME_SET                             175
 # define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING             134
 # define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                 135
-# define ASN1_F_ASN1_UNPACK_STRING                        136
 # define ASN1_F_ASN1_UTCTIME_ADJ                          218
-# define ASN1_F_ASN1_UTCTIME_SET                          187
 # define ASN1_F_ASN1_VERIFY                               137
 # define ASN1_F_B64_READ_ASN1                             209
 # define ASN1_F_B64_WRITE_ASN1                            210
 # define ASN1_F_BIO_NEW_NDEF                              208
 # define ASN1_F_BITSTR_CB                                 180
-# define ASN1_F_BN_TO_ASN1_ENUMERATED                     138
-# define ASN1_F_BN_TO_ASN1_INTEGER                        139
 # define ASN1_F_BN_TO_ASN1_STRING                         229
 # define ASN1_F_C2I_ASN1_BIT_STRING                       189
 # define ASN1_F_C2I_ASN1_INTEGER                          194
 # define ASN1_F_C2I_ASN1_OBJECT                           196
 # define ASN1_F_C2I_IBUF                                  226
 # define ASN1_F_COLLECT_DATA                              140
-# define ASN1_F_D2I_ASN1_BIT_STRING                       141
-# define ASN1_F_D2I_ASN1_BOOLEAN                          142
-# define ASN1_F_D2I_ASN1_BYTES                            143
-# define ASN1_F_D2I_ASN1_GENERALIZEDTIME                  144
-# define ASN1_F_D2I_ASN1_HEADER                           145
-# define ASN1_F_D2I_ASN1_INTEGER                          146
 # define ASN1_F_D2I_ASN1_OBJECT                           147
-# define ASN1_F_D2I_ASN1_SET                              148
-# define ASN1_F_D2I_ASN1_TYPE_BYTES                       149
 # define ASN1_F_D2I_ASN1_UINTEGER                         150
-# define ASN1_F_D2I_ASN1_UTCTIME                          151
 # define ASN1_F_D2I_AUTOPRIVATEKEY                        207
-# define ASN1_F_D2I_NETSCAPE_RSA                          152
-# define ASN1_F_D2I_NETSCAPE_RSA_2                        153
 # define ASN1_F_D2I_PRIVATEKEY                            154
 # define ASN1_F_D2I_PUBLICKEY                             155
-# define ASN1_F_D2I_X509                                  156
-# define ASN1_F_D2I_X509_CINF                             157
-# define ASN1_F_D2I_X509_PKEY                             159
 # define ASN1_F_DO_TCREATE                                222
 # define ASN1_F_I2D_ASN1_BIO_STREAM                       211
-# define ASN1_F_I2D_ASN1_SET                              188
-# define ASN1_F_I2D_ASN1_TIME                             160
 # define ASN1_F_I2D_DSA_PUBKEY                            161
 # define ASN1_F_I2D_EC_PUBKEY                             181
 # define ASN1_F_I2D_PRIVATEKEY                            163
@@ -993,13 +961,11 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_F_SMIME_READ_ASN1                           212
 # define ASN1_F_SMIME_TEXT                                213
 # define ASN1_F_STBL_MODULE_INIT                          223
-# define ASN1_F_X509_CINF_NEW                             168
 # define ASN1_F_X509_CRL_ADD0_REVOKED                     169
 # define ASN1_F_X509_INFO_NEW                             170
 # define ASN1_F_X509_NAME_ENCODE                          203
 # define ASN1_F_X509_NAME_EX_D2I                          158
 # define ASN1_F_X509_NAME_EX_NEW                          171
-# define ASN1_F_X509_NEW                                  172
 # define ASN1_F_X509_PKEY_NEW                             173
 
 /* Reason codes. */
@@ -1007,10 +973,7 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_ASN1_PARSE_ERROR                          203
 # define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
 # define ASN1_R_AUX_ERROR                                 100
-# define ASN1_R_BAD_CLASS                                 101
 # define ASN1_R_BAD_OBJECT_HEADER                         102
-# define ASN1_R_BAD_PASSWORD_READ                         103
-# define ASN1_R_BAD_TAG                                   104
 # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
 # define ASN1_R_BN_LIB                                    105
 # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
@@ -1019,18 +982,14 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_CONTEXT_NOT_INITIALISED                   217
 # define ASN1_R_DATA_IS_WRONG                             109
 # define ASN1_R_DECODE_ERROR                              110
-# define ASN1_R_DECODING_ERROR                            111
 # define ASN1_R_DEPTH_EXCEEDED                            174
 # define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED         198
 # define ASN1_R_ENCODE_ERROR                              112
 # define ASN1_R_ERROR_GETTING_TIME                        173
 # define ASN1_R_ERROR_LOADING_SECTION                     172
-# define ASN1_R_ERROR_PARSING_SET_ELEMENT                 113
 # define ASN1_R_ERROR_SETTING_CIPHER_PARAMS               114
 # define ASN1_R_EXPECTING_AN_INTEGER                      115
 # define ASN1_R_EXPECTING_AN_OBJECT                       116
-# define ASN1_R_EXPECTING_A_BOOLEAN                       117
-# define ASN1_R_EXPECTING_A_TIME                          118
 # define ASN1_R_EXPLICIT_LENGTH_MISMATCH                  119
 # define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED              120
 # define ASN1_R_FIELD_MISSING                             121
@@ -1066,12 +1025,9 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_INVALID_SCRYPT_PARAMETERS                 227
 # define ASN1_R_INVALID_SEPARATOR                         131
 # define ASN1_R_INVALID_STRING_TABLE_VALUE                218
-# define ASN1_R_INVALID_TIME_FORMAT                       132
 # define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH            133
 # define ASN1_R_INVALID_UTF8STRING                        134
 # define ASN1_R_INVALID_VALUE                             219
-# define ASN1_R_IV_TOO_LARGE                              135
-# define ASN1_R_LENGTH_ERROR                              136
 # define ASN1_R_LIST_ERROR                                188
 # define ASN1_R_MIME_NO_CONTENT_TYPE                      206
 # define ASN1_R_MIME_PARSE_ERROR                          207
@@ -1086,7 +1042,6 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_NOT_ASCII_FORMAT                          190
 # define ASN1_R_NOT_ENOUGH_DATA                           142
 # define ASN1_R_NO_CONTENT_TYPE                           209
-# define ASN1_R_NO_DEFAULT_DIGEST                         201
 # define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
 # define ASN1_R_NO_MULTIPART_BODY_FAILURE                 210
 # define ASN1_R_NO_MULTIPART_BOUNDARY                     211
@@ -1094,7 +1049,6 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_NULL_IS_WRONG_LENGTH                      144
 # define ASN1_R_OBJECT_NOT_ASCII_FORMAT                   191
 # define ASN1_R_ODD_NUMBER_OF_CHARS                       145
-# define ASN1_R_PRIVATE_KEY_HEADER_MISSING                146
 # define ASN1_R_SECOND_NUMBER_TOO_LARGE                   147
 # define ASN1_R_SEQUENCE_LENGTH_MISMATCH                  148
 # define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                  149
@@ -1104,7 +1058,6 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_STREAMING_NOT_SUPPORTED                   202
 # define ASN1_R_STRING_TOO_LONG                           151
 # define ASN1_R_STRING_TOO_SHORT                          152
-# define ASN1_R_TAG_VALUE_TOO_HIGH                        153
 # define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
 # define ASN1_R_TIME_NOT_ASCII_FORMAT                     193
 # define ASN1_R_TOO_LARGE                                 223
@@ -1112,8 +1065,6 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_TOO_SMALL                                 224
 # define ASN1_R_TYPE_NOT_CONSTRUCTED                      156
 # define ASN1_R_TYPE_NOT_PRIMITIVE                        195
-# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                  157
-# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY          158
 # define ASN1_R_UNEXPECTED_EOC                            159
 # define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           215
 # define ASN1_R_UNKNOWN_FORMAT                            160
@@ -1123,16 +1074,13 @@ void ERR_load_ASN1_strings(void);
 # define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM               199
 # define ASN1_R_UNKNOWN_TAG                               194
 # define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE           164
-# define ASN1_R_UNSUPPORTED_CIPHER                        165
-# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM          166
 # define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE               167
 # define ASN1_R_UNSUPPORTED_TYPE                          196
 # define ASN1_R_WRONG_INTEGER_TYPE                        225
 # define ASN1_R_WRONG_PUBLIC_KEY_TYPE                     200
 # define ASN1_R_WRONG_TAG                                 168
-# define ASN1_R_WRONG_TYPE                                169
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/async.h b/include/openssl/async.h
index 584e4a0..160766a 100644
--- a/include/openssl/async.h
+++ b/include/openssl/async.h
@@ -69,6 +69,7 @@ void ASYNC_unblock_pause(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_ASYNC_strings(void);
 
 /* Error codes for the ASYNC functions. */
@@ -82,14 +83,12 @@ void ERR_load_ASYNC_strings(void);
 # define ASYNC_F_ASYNC_START_JOB                          105
 
 /* Reason codes. */
-# define ASYNC_R_CANNOT_CREATE_WAIT_PIPE                  100
 # define ASYNC_R_FAILED_TO_SET_POOL                       101
 # define ASYNC_R_FAILED_TO_SWAP_CONTEXT                   102
 # define ASYNC_R_INIT_FAILED                              105
 # define ASYNC_R_INVALID_POOL_SIZE                        103
-# define ASYNC_R_POOL_ALREADY_INITED                      104
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 9a97009..4b6179f 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -761,12 +761,13 @@ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
                                                       bio_info_cb *));
 
 /* BEGIN ERROR CODES */
-
 /*
- * Content after this point is generated by util/mkerr.pl
- * DO NOT EDIT!
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_BIO_strings(void);
+
 /* Error codes for the BIO functions. */
 
 /* Function codes. */
@@ -775,13 +776,10 @@ void ERR_load_BIO_strings(void);
 # define BIO_F_BIO_ACCEPT                                 101
 # define BIO_F_BIO_ACCEPT_EX                              137
 # define BIO_F_BIO_ADDR_NEW                               144
-# define BIO_F_BIO_BER_GET_HEADER                         102
 # define BIO_F_BIO_CALLBACK_CTRL                          131
 # define BIO_F_BIO_CONNECT                                138
 # define BIO_F_BIO_CTRL                                   103
-# define BIO_F_BIO_GETHOSTBYNAME                          120
 # define BIO_F_BIO_GETS                                   104
-# define BIO_F_BIO_GET_ACCEPT_SOCKET                      105
 # define BIO_F_BIO_GET_HOST_IP                            106
 # define BIO_F_BIO_GET_PORT                               107
 # define BIO_F_BIO_LISTEN                                 139
@@ -811,45 +809,32 @@ void ERR_load_BIO_strings(void);
 # define BIO_F_FILE_CTRL                                  116
 # define BIO_F_FILE_READ                                  130
 # define BIO_F_LINEBUFFER_CTRL                            129
-# define BIO_F_MEM_READ                                   128
 # define BIO_F_MEM_WRITE                                  117
 # define BIO_F_SSL_NEW                                    118
-# define BIO_F_WSASTARTUP                                 119
 
 /* Reason codes. */
 # define BIO_R_ACCEPT_ERROR                               100
 # define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET               141
 # define BIO_R_AMBIGUOUS_HOST_OR_SERVICE                  129
 # define BIO_R_BAD_FOPEN_MODE                             101
-# define BIO_R_BAD_HOSTNAME_LOOKUP                        102
 # define BIO_R_BROKEN_PIPE                                124
 # define BIO_R_CONNECT_ERROR                              103
-# define BIO_R_EOF_ON_MEMORY_BIO                          127
-# define BIO_R_ERROR_SETTING_NBIO                         104
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET      105
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET        106
 # define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
 # define BIO_R_GETSOCKNAME_ERROR                          132
 # define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS              133
 # define BIO_R_GETTING_SOCKTYPE                           134
 # define BIO_R_INVALID_ARGUMENT                           125
-# define BIO_R_INVALID_IP_ADDRESS                         108
 # define BIO_R_INVALID_SOCKET                             135
 # define BIO_R_IN_USE                                     123
-# define BIO_R_KEEPALIVE                                  109
 # define BIO_R_LISTEN_V6_ONLY                             136
 # define BIO_R_LOOKUP_RETURNED_NOTHING                    142
 # define BIO_R_MALFORMED_HOST_OR_SERVICE                  130
 # define BIO_R_NBIO_CONNECT_ERROR                         110
 # define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED        143
-# define BIO_R_NO_ACCEPT_PORT_SPECIFIED                   111
 # define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED           144
-# define BIO_R_NO_HOSTNAME_SPECIFIED                      112
 # define BIO_R_NO_PORT_DEFINED                            113
-# define BIO_R_NO_SERVICE_SPECIFIED                       114
 # define BIO_R_NO_SUCH_FILE                               128
 # define BIO_R_NULL_PARAMETER                             115
-# define BIO_R_TAG_MISMATCH                               116
 # define BIO_R_UNABLE_TO_BIND_SOCKET                      117
 # define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
 # define BIO_R_UNABLE_TO_KEEPALIVE                        137
@@ -865,7 +850,7 @@ void ERR_load_BIO_strings(void);
 # define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
 # define BIO_R_WSASTARTUP                                 122
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 1565a2f..e0f656a 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -487,6 +487,7 @@ int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_BN_strings(void);
 
 /* Error codes for the BN functions. */
@@ -505,10 +506,8 @@ void ERR_load_BN_strings(void);
 # define BN_F_BN_CTX_NEW                                  106
 # define BN_F_BN_CTX_START                                129
 # define BN_F_BN_DIV                                      107
-# define BN_F_BN_DIV_NO_BRANCH                            138
 # define BN_F_BN_DIV_RECP                                 130
 # define BN_F_BN_EXP                                      123
-# define BN_F_BN_EXPAND2                                  108
 # define BN_F_BN_EXPAND_INTERNAL                          120
 # define BN_F_BN_GENCB_NEW                                143
 # define BN_F_BN_GENERATE_DSA_NONCE                       140
@@ -530,7 +529,6 @@ void ERR_load_BN_strings(void);
 # define BN_F_BN_MOD_INVERSE                              110
 # define BN_F_BN_MOD_INVERSE_NO_BRANCH                    139
 # define BN_F_BN_MOD_LSHIFT_QUICK                         119
-# define BN_F_BN_MOD_MUL_RECIPROCAL                       111
 # define BN_F_BN_MOD_SQRT                                 121
 # define BN_F_BN_MPI2BN                                   112
 # define BN_F_BN_NEW                                      113
@@ -562,7 +560,7 @@ void ERR_load_BN_strings(void);
 # define BN_R_TOO_MANY_ITERATIONS                         113
 # define BN_R_TOO_MANY_TEMPORARY_VARIABLES                109
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h
index c006c65..88409fd 100644
--- a/include/openssl/buffer.h
+++ b/include/openssl/buffer.h
@@ -58,6 +58,7 @@ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_BUF_strings(void);
 
 /* Error codes for the BUF functions. */
@@ -69,7 +70,7 @@ void ERR_load_BUF_strings(void);
 
 /* Reason codes. */
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/cms.h b/include/openssl/cms.h
index 0b6dcdc..57c877d 100644
--- a/include/openssl/cms.h
+++ b/include/openssl/cms.h
@@ -334,6 +334,7 @@ int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_CMS_strings(void);
 
 /* Error codes for the CMS functions. */
@@ -439,7 +440,6 @@ void ERR_load_CMS_strings(void);
 # define CMS_R_CTRL_ERROR                                 110
 # define CMS_R_CTRL_FAILURE                               111
 # define CMS_R_DECRYPT_ERROR                              112
-# define CMS_R_DIGEST_ERROR                               161
 # define CMS_R_ERROR_GETTING_PUBLIC_KEY                   113
 # define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
 # define CMS_R_ERROR_SETTING_KEY                          115
@@ -505,9 +505,8 @@ void ERR_load_CMS_strings(void);
 # define CMS_R_VERIFICATION_FAILURE                       158
 # define CMS_R_WRAP_ERROR                                 159
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/comp.h b/include/openssl/comp.h
index 4d66cbb..520d709 100644
--- a/include/openssl/comp.h
+++ b/include/openssl/comp.h
@@ -49,6 +49,7 @@ const BIO_METHOD *BIO_f_zlib(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_COMP_strings(void);
 
 /* Error codes for the COMP functions. */
@@ -64,9 +65,8 @@ void ERR_load_COMP_strings(void);
 # define COMP_R_ZLIB_INFLATE_ERROR                        100
 # define COMP_R_ZLIB_NOT_SUPPORTED                        101
 
-#ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 4bb7e57..147d27b 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -167,6 +167,7 @@ void OPENSSL_load_builtin_modules(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_CONF_strings(void);
 
 /* Error codes for the CONF functions. */
@@ -174,9 +175,7 @@ void ERR_load_CONF_strings(void);
 /* Function codes. */
 # define CONF_F_CONF_DUMP_FP                              104
 # define CONF_F_CONF_LOAD                                 100
-# define CONF_F_CONF_LOAD_BIO                             102
 # define CONF_F_CONF_LOAD_FP                              103
-# define CONF_F_CONF_MODULES_LOAD                         116
 # define CONF_F_CONF_PARSE_LIST                           119
 # define CONF_F_DEF_LOAD                                  120
 # define CONF_F_DEF_LOAD_BIO                              121
@@ -185,7 +184,6 @@ void ERR_load_CONF_strings(void);
 # define CONF_F_MODULE_RUN                                118
 # define CONF_F_NCONF_DUMP_BIO                            105
 # define CONF_F_NCONF_DUMP_FP                             106
-# define CONF_F_NCONF_GET_NUMBER                          107
 # define CONF_F_NCONF_GET_NUMBER_E                        112
 # define CONF_F_NCONF_GET_SECTION                         108
 # define CONF_F_NCONF_GET_STRING                          109
@@ -200,7 +198,6 @@ void ERR_load_CONF_strings(void);
 # define CONF_R_LIST_CANNOT_BE_NULL                       115
 # define CONF_R_MISSING_CLOSE_SQUARE_BRACKET              100
 # define CONF_R_MISSING_EQUAL_SIGN                        101
-# define CONF_R_MISSING_FINISH_FUNCTION                   111
 # define CONF_R_MISSING_INIT_FUNCTION                     112
 # define CONF_R_MODULE_INITIALIZATION_ERROR               109
 # define CONF_R_NO_CLOSE_BRACE                            102
@@ -213,7 +210,7 @@ void ERR_load_CONF_strings(void);
 # define CONF_R_UNKNOWN_MODULE_NAME                       113
 # define CONF_R_VARIABLE_HAS_NO_VALUE                     104
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 84c479c..c98b99b 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -423,6 +423,7 @@ int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_CRYPTO_strings(void);
 
 /* Error codes for the CRYPTO functions. */
@@ -431,29 +432,21 @@ void ERR_load_CRYPTO_strings(void);
 # define CRYPTO_F_CRYPTO_DUP_EX_DATA                      110
 # define CRYPTO_F_CRYPTO_FREE_EX_DATA                     111
 # define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
-# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID                103
-# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID                   101
 # define CRYPTO_F_CRYPTO_MEMDUP                           115
 # define CRYPTO_F_CRYPTO_NEW_EX_DATA                      112
 # define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
-# define CRYPTO_F_DEF_ADD_INDEX                           104
-# define CRYPTO_F_DEF_GET_CLASS                           105
 # define CRYPTO_F_FIPS_MODE_SET                           109
 # define CRYPTO_F_GET_AND_LOCK                            113
-# define CRYPTO_F_INT_DUP_EX_DATA                         106
-# define CRYPTO_F_INT_FREE_EX_DATA                        107
-# define CRYPTO_F_INT_NEW_EX_DATA                         108
 # define CRYPTO_F_OPENSSL_BUF2HEXSTR                      117
-# define CRYPTO_F_OPENSSL_INIT_CRYPTO                     116
-# define CRYPTO_F_OPENSSL_MEMDUP                          114
 # define CRYPTO_F_OPENSSL_HEXSTR2BUF                      118
+# define CRYPTO_F_OPENSSL_INIT_CRYPTO                     116
 
 /* Reason codes. */
 # define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
 # define CRYPTO_R_ILLEGAL_HEX_DIGIT                       102
 # define CRYPTO_R_ODD_NUMBER_OF_DIGITS                    103
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index 69bfa5f..f9586dc 100644
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -479,6 +479,7 @@ __owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_CT_strings(void);
 
 /* Error codes for the CT functions. */
@@ -488,20 +489,11 @@ void ERR_load_CT_strings(void);
 # define CT_F_CTLOG_NEW_FROM_BASE64                       118
 # define CT_F_CTLOG_NEW_FROM_CONF                         119
 # define CT_F_CTLOG_NEW_NULL                              120
-# define CT_F_CTLOG_STORE_GET0_LOG_BY_ID                  121
 # define CT_F_CTLOG_STORE_LOAD_CTX_NEW                    122
 # define CT_F_CTLOG_STORE_LOAD_FILE                       123
 # define CT_F_CT_BASE64_DECODE                            124
-# define CT_F_CT_POLICY_EVAL_CTX_GET0_CERT                130
-# define CT_F_CT_POLICY_EVAL_CTX_GET0_ISSUER              131
-# define CT_F_CT_POLICY_EVAL_CTX_GET0_LOG_STORE           132
 # define CT_F_CT_POLICY_EVAL_CTX_NEW                      133
-# define CT_F_CT_POLICY_EVAL_CTX_SET0_CERT                134
-# define CT_F_CT_POLICY_EVAL_CTX_SET0_ISSUER              135
-# define CT_F_CT_POLICY_EVAL_CTX_SET0_LOG_STORE           136
 # define CT_F_CT_V1_LOG_ID_FROM_PKEY                      125
-# define CT_F_D2I_SCT_LIST                                105
-# define CT_F_I2D_SCT_LIST                                106
 # define CT_F_I2O_SCT                                     107
 # define CT_F_I2O_SCT_LIST                                108
 # define CT_F_I2O_SCT_SIGNATURE                           109
@@ -509,7 +501,6 @@ void ERR_load_CT_strings(void);
 # define CT_F_O2I_SCT_LIST                                111
 # define CT_F_O2I_SCT_SIGNATURE                           112
 # define CT_F_SCT_CTX_NEW                                 126
-# define CT_F_SCT_LIST_VALIDATE                           139
 # define CT_F_SCT_NEW                                     100
 # define CT_F_SCT_NEW_FROM_BASE64                         127
 # define CT_F_SCT_SET0_LOG_ID                             101
@@ -519,8 +510,6 @@ void ERR_load_CT_strings(void);
 # define CT_F_SCT_SET_LOG_ENTRY_TYPE                      102
 # define CT_F_SCT_SET_SIGNATURE_NID                       103
 # define CT_F_SCT_SET_VERSION                             104
-# define CT_F_SCT_SIGNATURE_IS_VALID                      113
-# define CT_F_SCT_VALIDATE                                140
 # define CT_F_SCT_VERIFY                                  128
 # define CT_F_SCT_VERIFY_V1                               129
 
@@ -532,21 +521,18 @@ void ERR_load_CT_strings(void);
 # define CT_R_LOG_CONF_MISSING_DESCRIPTION                111
 # define CT_R_LOG_CONF_MISSING_KEY                        112
 # define CT_R_LOG_KEY_INVALID                             113
-# define CT_R_NOT_ENOUGH_SCTS                             116
 # define CT_R_SCT_INVALID                                 104
 # define CT_R_SCT_INVALID_SIGNATURE                       107
 # define CT_R_SCT_LIST_INVALID                            105
 # define CT_R_SCT_LOG_ID_MISMATCH                         114
 # define CT_R_SCT_NOT_SET                                 106
 # define CT_R_SCT_UNSUPPORTED_VERSION                     115
-# define CT_R_SCT_VALIDATION_STATUS_NOT_SET               117
 # define CT_R_UNRECOGNIZED_SIGNATURE_NID                  101
 # define CT_R_UNSUPPORTED_ENTRY_TYPE                      102
 # define CT_R_UNSUPPORTED_VERSION                         103
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 852aeaf..beb0f9f 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -287,6 +287,7 @@ int DH_meth_set_generate_params(DH_METHOD *dhm,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_DH_strings(void);
 
 /* Error codes for the DH functions. */
@@ -309,7 +310,6 @@ void ERR_load_DH_strings(void);
 # define DH_F_DH_PUB_ENCODE                               109
 # define DH_F_DO_DH_PRINT                                 100
 # define DH_F_GENERATE_KEY                                103
-# define DH_F_GENERATE_PARAMETERS                         104
 # define DH_F_PKEY_DH_DERIVE                              112
 # define DH_F_PKEY_DH_KEYGEN                              113
 
@@ -321,7 +321,6 @@ void ERR_load_DH_strings(void);
 # define DH_R_INVALID_PUBKEY                              102
 # define DH_R_KDF_PARAMETER_ERROR                         112
 # define DH_R_KEYS_NOT_SET                                108
-# define DH_R_KEY_SIZE_TOO_SMALL                          110
 # define DH_R_MODULUS_TOO_LARGE                           103
 # define DH_R_NO_PARAMETERS_SET                           107
 # define DH_R_NO_PRIVATE_VALUE                            100
@@ -329,9 +328,8 @@ void ERR_load_DH_strings(void);
 # define DH_R_PEER_KEY_ERROR                              111
 # define DH_R_SHARED_INFO_ERROR                           113
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index f9034d9..f65ee5d 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -228,16 +228,14 @@ int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *));
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_DSA_strings(void);
 
 /* Error codes for the DSA functions. */
 
 /* Function codes. */
-# define DSA_F_D2I_DSA_SIG                                110
-# define DSA_F_DO_DSA_PRINT                               104
 # define DSA_F_DSAPARAMS_PRINT                            100
 # define DSA_F_DSAPARAMS_PRINT_FP                         101
-# define DSA_F_DSA_BUILTIN_KEYGEN                         124
 # define DSA_F_DSA_BUILTIN_PARAMGEN                       125
 # define DSA_F_DSA_BUILTIN_PARAMGEN2                      126
 # define DSA_F_DSA_DO_SIGN                                112
@@ -254,34 +252,25 @@ void ERR_load_DSA_strings(void);
 # define DSA_F_DSA_PUB_ENCODE                             118
 # define DSA_F_DSA_SIGN                                   106
 # define DSA_F_DSA_SIGN_SETUP                             107
-# define DSA_F_DSA_SIG_NEW                                109
-# define DSA_F_DSA_SIG_PRINT                              123
-# define DSA_F_DSA_VERIFY                                 108
-# define DSA_F_I2D_DSA_SIG                                111
 # define DSA_F_OLD_DSA_PRIV_DECODE                        122
 # define DSA_F_PKEY_DSA_CTRL                              120
 # define DSA_F_PKEY_DSA_KEYGEN                            121
-# define DSA_F_SIG_CB                                     114
 
 /* Reason codes. */
 # define DSA_R_BAD_Q_VALUE                                102
 # define DSA_R_BN_DECODE_ERROR                            108
 # define DSA_R_BN_ERROR                                   109
-# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                100
 # define DSA_R_DECODE_ERROR                               104
 # define DSA_R_INVALID_DIGEST_TYPE                        106
 # define DSA_R_INVALID_PARAMETERS                         112
-# define DSA_R_KEY_SIZE_TOO_SMALL                         111
 # define DSA_R_MISSING_PARAMETERS                         101
 # define DSA_R_MODULUS_TOO_LARGE                          103
-# define DSA_R_NEED_NEW_SETUP_VALUES                      110
 # define DSA_R_NO_PARAMETERS_SET                          107
 # define DSA_R_PARAMETER_ENCODING_ERROR                   105
 # define DSA_R_Q_NOT_PRIME                                113
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index ec0d1d1..9c74053 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1357,13 +1357,13 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_EC_strings(void);
 
 /* Error codes for the EC functions. */
 
 /* Function codes. */
 # define EC_F_BN_TO_FELEM                                 224
-# define EC_F_COMPUTE_WNAF                                143
 # define EC_F_D2I_ECPARAMETERS                            144
 # define EC_F_D2I_ECPKPARAMETERS                          145
 # define EC_F_D2I_ECPRIVATEKEY                            146
@@ -1393,17 +1393,8 @@ void ERR_load_EC_strings(void);
 # define EC_F_ECP_NISTZ256_POINTS_MUL                     241
 # define EC_F_ECP_NISTZ256_PRE_COMP_NEW                   244
 # define EC_F_ECP_NISTZ256_WINDOWED_MUL                   242
-# define EC_F_ECP_NIST_MOD_192                            203
-# define EC_F_ECP_NIST_MOD_224                            204
-# define EC_F_ECP_NIST_MOD_256                            205
-# define EC_F_ECP_NIST_MOD_521                            206
 # define EC_F_EC_ASN1_GROUP2CURVE                         153
 # define EC_F_EC_ASN1_GROUP2FIELDID                       154
-# define EC_F_EC_ASN1_GROUP2PARAMETERS                    155
-# define EC_F_EC_ASN1_GROUP2PKPARAMETERS                  156
-# define EC_F_EC_ASN1_PARAMETERS2GROUP                    157
-# define EC_F_EC_ASN1_PKPARAMETERS2GROUP                  158
-# define EC_F_EC_EX_DATA_SET_DATA                         211
 # define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY           208
 # define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT     159
 # define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE              195
@@ -1418,7 +1409,6 @@ void ERR_load_EC_strings(void);
 # define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE                209
 # define EC_F_EC_GFP_MONT_FIELD_SQR                       132
 # define EC_F_EC_GFP_MONT_GROUP_SET_CURVE                 189
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP             135
 # define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE             225
 # define EC_F_EC_GFP_NISTP224_POINTS_MUL                  228
 # define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
@@ -1433,29 +1423,21 @@ void ERR_load_EC_strings(void);
 # define EC_F_EC_GFP_NIST_GROUP_SET_CURVE                 202
 # define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT      165
 # define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE               166
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP           100
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR           101
 # define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE                   102
 # define EC_F_EC_GFP_SIMPLE_OCT2POINT                     103
 # define EC_F_EC_GFP_SIMPLE_POINT2OCT                     104
 # define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE            137
 # define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES  167
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
 # define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES  168
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
 # define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES    169
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
 # define EC_F_EC_GROUP_CHECK                              170
 # define EC_F_EC_GROUP_CHECK_DISCRIMINANT                 171
 # define EC_F_EC_GROUP_COPY                               106
-# define EC_F_EC_GROUP_GET0_GENERATOR                     139
-# define EC_F_EC_GROUP_GET_COFACTOR                       140
 # define EC_F_EC_GROUP_GET_CURVE_GF2M                     172
 # define EC_F_EC_GROUP_GET_CURVE_GFP                      130
 # define EC_F_EC_GROUP_GET_DEGREE                         173
 # define EC_F_EC_GROUP_GET_ECPARAMETERS                   261
 # define EC_F_EC_GROUP_GET_ECPKPARAMETERS                 262
-# define EC_F_EC_GROUP_GET_ORDER                          141
 # define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS              193
 # define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS                194
 # define EC_F_EC_GROUP_NEW                                108
@@ -1463,10 +1445,8 @@ void ERR_load_EC_strings(void);
 # define EC_F_EC_GROUP_NEW_FROM_DATA                      175
 # define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS              263
 # define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS            264
-# define EC_F_EC_GROUP_PRECOMPUTE_MULT                    142
 # define EC_F_EC_GROUP_SET_CURVE_GF2M                     176
 # define EC_F_EC_GROUP_SET_CURVE_GFP                      109
-# define EC_F_EC_GROUP_SET_EXTRA_DATA                     110
 # define EC_F_EC_GROUP_SET_GENERATOR                      111
 # define EC_F_EC_KEY_CHECK_KEY                            177
 # define EC_F_EC_KEY_COPY                                 178
@@ -1493,7 +1473,6 @@ void ERR_load_EC_strings(void);
 # define EC_F_EC_POINT_IS_AT_INFINITY                     118
 # define EC_F_EC_POINT_IS_ON_CURVE                        119
 # define EC_F_EC_POINT_MAKE_AFFINE                        120
-# define EC_F_EC_POINT_MUL                                184
 # define EC_F_EC_POINT_NEW                                121
 # define EC_F_EC_POINT_OCT2POINT                          122
 # define EC_F_EC_POINT_POINT2OCT                          123
@@ -1503,7 +1482,6 @@ void ERR_load_EC_strings(void);
 # define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP     125
 # define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP    126
 # define EC_F_EC_POINT_SET_TO_INFINITY                    127
-# define EC_F_EC_PRE_COMP_DUP                             207
 # define EC_F_EC_PRE_COMP_NEW                             196
 # define EC_F_EC_WNAF_MUL                                 187
 # define EC_F_EC_WNAF_PRECOMPUTE_MULT                     188
@@ -1528,7 +1506,6 @@ void ERR_load_EC_strings(void);
 
 /* Reason codes. */
 # define EC_R_ASN1_ERROR                                  115
-# define EC_R_ASN1_UNKNOWN_FIELD                          116
 # define EC_R_BAD_SIGNATURE                               156
 # define EC_R_BIGNUM_OUT_OF_RANGE                         144
 # define EC_R_BUFFER_TOO_SMALL                            100
@@ -1558,17 +1535,14 @@ void ERR_load_EC_strings(void);
 # define EC_R_INVALID_PENTANOMIAL_BASIS                   132
 # define EC_R_INVALID_PRIVATE_KEY                         123
 # define EC_R_INVALID_TRINOMIAL_BASIS                     137
-# define EC_R_KDF_FAILED                                  153
 # define EC_R_KDF_PARAMETER_ERROR                         148
 # define EC_R_KEYS_NOT_SET                                140
 # define EC_R_MISSING_PARAMETERS                          124
 # define EC_R_MISSING_PRIVATE_KEY                         125
 # define EC_R_NEED_NEW_SETUP_VALUES                       157
 # define EC_R_NOT_A_NIST_PRIME                            135
-# define EC_R_NOT_A_SUPPORTED_NIST_PRIME                  136
 # define EC_R_NOT_IMPLEMENTED                             126
 # define EC_R_NOT_INITIALIZED                             111
-# define EC_R_NO_FIELD_MOD                                133
 # define EC_R_NO_PARAMETERS_SET                           139
 # define EC_R_NO_PRIVATE_VALUE                            154
 # define EC_R_OPERATION_NOT_SUPPORTED                     152
@@ -1589,9 +1563,8 @@ void ERR_load_EC_strings(void);
 # define EC_R_WRONG_CURVE_PARAMETERS                      145
 # define EC_R_WRONG_ORDER                                 130
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 425d904..e9d3ab2 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -754,6 +754,7 @@ void ENGINE_setup_bsd_cryptodev(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_ENGINE_strings(void);
 
 /* Error codes for the ENGINE functions. */
@@ -770,9 +771,7 @@ void ERR_load_ENGINE_strings(void);
 # define ENGINE_F_ENGINE_CTRL_CMD                         178
 # define ENGINE_F_ENGINE_CTRL_CMD_STRING                  171
 # define ENGINE_F_ENGINE_FINISH                           107
-# define ENGINE_F_ENGINE_FREE_UTIL                        108
 # define ENGINE_F_ENGINE_GET_CIPHER                       185
-# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE                 177
 # define ENGINE_F_ENGINE_GET_DIGEST                       186
 # define ENGINE_F_ENGINE_GET_NEXT                         115
 # define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH               193
@@ -787,17 +786,14 @@ void ERR_load_ENGINE_strings(void);
 # define ENGINE_F_ENGINE_NEW                              122
 # define ENGINE_F_ENGINE_REMOVE                           123
 # define ENGINE_F_ENGINE_SET_DEFAULT_STRING               189
-# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE                 126
 # define ENGINE_F_ENGINE_SET_ID                           129
 # define ENGINE_F_ENGINE_SET_NAME                         130
 # define ENGINE_F_ENGINE_TABLE_REGISTER                   184
-# define ENGINE_F_ENGINE_UNLOAD_KEY                       152
 # define ENGINE_F_ENGINE_UNLOCKED_FINISH                  191
 # define ENGINE_F_ENGINE_UP_REF                           190
 # define ENGINE_F_INT_CTRL_HELPER                         172
 # define ENGINE_F_INT_ENGINE_CONFIGURE                    188
 # define ENGINE_F_INT_ENGINE_MODULE_INIT                  187
-# define ENGINE_F_LOG_MESSAGE                             141
 
 /* Reason codes. */
 # define ENGINE_R_ALREADY_LOADED                          100
@@ -807,8 +803,6 @@ void ERR_load_ENGINE_strings(void);
 # define ENGINE_R_COMMAND_TAKES_NO_INPUT                  136
 # define ENGINE_R_CONFLICTING_ENGINE_ID                   103
 # define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED            119
-# define ENGINE_R_DH_NOT_IMPLEMENTED                      139
-# define ENGINE_R_DSA_NOT_IMPLEMENTED                     140
 # define ENGINE_R_DSO_FAILURE                             104
 # define ENGINE_R_DSO_NOT_FOUND                           132
 # define ENGINE_R_ENGINES_SECTION_ERROR                   148
@@ -818,7 +812,6 @@ void ERR_load_ENGINE_strings(void);
 # define ENGINE_R_FAILED_LOADING_PRIVATE_KEY              128
 # define ENGINE_R_FAILED_LOADING_PUBLIC_KEY               129
 # define ENGINE_R_FINISH_FAILED                           106
-# define ENGINE_R_GET_HANDLE_FAILED                       107
 # define ENGINE_R_ID_OR_NAME_MISSING                      108
 # define ENGINE_R_INIT_FAILED                             109
 # define ENGINE_R_INTERNAL_LIST_ERROR                     110
@@ -834,17 +827,13 @@ void ERR_load_ENGINE_strings(void);
 # define ENGINE_R_NO_LOAD_FUNCTION                        125
 # define ENGINE_R_NO_REFERENCE                            130
 # define ENGINE_R_NO_SUCH_ENGINE                          116
-# define ENGINE_R_NO_UNLOAD_FUNCTION                      126
-# define ENGINE_R_PROVIDE_PARAMETERS                      113
-# define ENGINE_R_RSA_NOT_IMPLEMENTED                     141
 # define ENGINE_R_UNIMPLEMENTED_CIPHER                    146
 # define ENGINE_R_UNIMPLEMENTED_DIGEST                    147
 # define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD         101
 # define ENGINE_R_VERSION_INCOMPATIBILITY                 145
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/err.h b/include/openssl/err.h
index d3f08c9..b019d0e 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -138,7 +138,6 @@ typedef struct err_state_st {
 # define ERR_GET_LIB(l)          (int)((((unsigned long)l)>>24L)&0xffL)
 # define ERR_GET_FUNC(l)         (int)((((unsigned long)l)>>12L)&0xfffL)
 # define ERR_GET_REASON(l)       (int)((l)&0xfffL)
-# define ERR_FATAL_ERROR(l)      (int)((l)&ERR_R_FATAL)
 
 /* OS functions */
 # define SYS_F_FOPEN             1
@@ -171,30 +170,14 @@ typedef struct err_state_st {
 # define ERR_R_DSA_LIB   ERR_LIB_DSA/* 10 */
 # define ERR_R_X509_LIB  ERR_LIB_X509/* 11 */
 # define ERR_R_ASN1_LIB  ERR_LIB_ASN1/* 13 */
-# define ERR_R_CONF_LIB  ERR_LIB_CONF/* 14 */
-# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
 # define ERR_R_EC_LIB    ERR_LIB_EC/* 16 */
-# define ERR_R_SSL_LIB   ERR_LIB_SSL/* 20 */
 # define ERR_R_BIO_LIB   ERR_LIB_BIO/* 32 */
 # define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
 # define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
-# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
-# define ERR_R_RAND_LIB  ERR_LIB_RAND/* 36 */
-# define ERR_R_DSO_LIB   ERR_LIB_DSO/* 37 */
 # define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
-# define ERR_R_OCSP_LIB  ERR_LIB_OCSP/* 39 */
-# define ERR_R_UI_LIB    ERR_LIB_UI/* 40 */
-# define ERR_R_COMP_LIB  ERR_LIB_COMP/* 41 */
 # define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
-# define ERR_R_ECDH_LIB  ERR_LIB_ECDH/* 43 */
-# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
-# define ERR_R_TS_LIB    ERR_LIB_TS/* 45 */
 
 # define ERR_R_NESTED_ASN1_ERROR                 58
-# define ERR_R_BAD_ASN1_OBJECT_HEADER            59
-# define ERR_R_BAD_GET_ASN1_OBJECT_CALL          60
-# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE        61
-# define ERR_R_ASN1_LENGTH_MISMATCH              62
 # define ERR_R_MISSING_ASN1_EOS                  63
 
 /* fatal error */
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 894d61f..796f4cc 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1438,28 +1438,20 @@ void EVP_add_alg_module(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_EVP_strings(void);
 
 /* Error codes for the EVP functions. */
 
 /* Function codes. */
 # define EVP_F_AESNI_INIT_KEY                             165
-# define EVP_F_AESNI_XTS_CIPHER                           176
 # define EVP_F_AES_INIT_KEY                               133
 # define EVP_F_AES_T4_INIT_KEY                            178
-# define EVP_F_AES_XTS                                    172
-# define EVP_F_AES_XTS_CIPHER                             175
 # define EVP_F_ALG_MODULE_INIT                            177
 # define EVP_F_CAMELLIA_INIT_KEY                          159
 # define EVP_F_CHACHA20_POLY1305_CTRL                     182
-# define EVP_F_CMAC_INIT                                  173
 # define EVP_F_CMLL_T4_INIT_KEY                           179
-# define EVP_F_D2I_PKEY                                   100
 # define EVP_F_DO_SIGVER_INIT                             161
-# define EVP_F_DSAPKEY2PKCS8                              134
-# define EVP_F_DSA_PKEY2PKCS8                             135
-# define EVP_F_ECDSA_PKEY2PKCS8                           129
-# define EVP_F_ECKEY_PKEY2PKCS8                           132
 # define EVP_F_EVP_CIPHERINIT_EX                          123
 # define EVP_F_EVP_CIPHER_CTX_COPY                        163
 # define EVP_F_EVP_CIPHER_CTX_CTRL                        124
@@ -1491,7 +1483,6 @@ void ERR_load_EVP_strings(void);
 # define EVP_F_EVP_PKEY_ENCRYPT_OLD                       152
 # define EVP_F_EVP_PKEY_GET0_DH                           119
 # define EVP_F_EVP_PKEY_GET0_DSA                          120
-# define EVP_F_EVP_PKEY_GET0_ECDSA                        130
 # define EVP_F_EVP_PKEY_GET0_EC_KEY                       131
 # define EVP_F_EVP_PKEY_GET0_RSA                          121
 # define EVP_F_EVP_PKEY_KEYGEN                            146
@@ -1505,35 +1496,20 @@ void ERR_load_EVP_strings(void);
 # define EVP_F_EVP_PKEY_VERIFY_INIT                       143
 # define EVP_F_EVP_PKEY_VERIFY_RECOVER                    144
 # define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT               145
-# define EVP_F_EVP_RIJNDAEL                               126
 # define EVP_F_EVP_SIGNFINAL                              107
 # define EVP_F_EVP_VERIFYFINAL                            108
-# define EVP_F_FIPS_CIPHERINIT                            166
-# define EVP_F_FIPS_CIPHER_CTX_COPY                       170
-# define EVP_F_FIPS_CIPHER_CTX_CTRL                       167
-# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH             171
-# define EVP_F_FIPS_DIGESTINIT                            168
-# define EVP_F_FIPS_MD_CTX_COPY                           169
-# define EVP_F_HMAC_INIT_EX                               174
 # define EVP_F_INT_CTX_NEW                                157
 # define EVP_F_PKCS5_PBE_KEYIVGEN                         117
 # define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
 # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
 # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN                   180
-# define EVP_F_PKCS8_SET_BROKEN                           112
 # define EVP_F_PKEY_SET_TYPE                              158
 # define EVP_F_RC2_MAGIC_TO_METH                          109
 # define EVP_F_RC5_CTRL                                   125
 
 /* Reason codes. */
-# define EVP_R_AES_IV_SETUP_FAILED                        162
 # define EVP_R_AES_KEY_SETUP_FAILED                       143
-# define EVP_R_ASN1_LIB                                   140
-# define EVP_R_BAD_BLOCK_LENGTH                           136
 # define EVP_R_BAD_DECRYPT                                100
-# define EVP_R_BAD_KEY_LENGTH                             137
-# define EVP_R_BN_DECODE_ERROR                            112
-# define EVP_R_BN_PUBKEY_ERROR                            113
 # define EVP_R_BUFFER_TOO_SMALL                           155
 # define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
 # define EVP_R_CIPHER_PARAMETER_ERROR                     122
@@ -1545,15 +1521,11 @@ void ERR_load_EVP_strings(void);
 # define EVP_R_DECODE_ERROR                               114
 # define EVP_R_DIFFERENT_KEY_TYPES                        101
 # define EVP_R_DIFFERENT_PARAMETERS                       153
-# define EVP_R_DISABLED_FOR_FIPS                          163
-# define EVP_R_ENCODE_ERROR                               115
 # define EVP_R_ERROR_LOADING_SECTION                      165
 # define EVP_R_ERROR_SETTING_FIPS_MODE                    166
-# define EVP_R_EVP_PBE_CIPHERINIT_ERROR                   119
 # define EVP_R_EXPECTING_AN_RSA_KEY                       127
 # define EVP_R_EXPECTING_A_DH_KEY                         128
 # define EVP_R_EXPECTING_A_DSA_KEY                        129
-# define EVP_R_EXPECTING_A_ECDSA_KEY                      141
 # define EVP_R_EXPECTING_A_EC_KEY                         142
 # define EVP_R_FIPS_MODE_NOT_SUPPORTED                    167
 # define EVP_R_ILLEGAL_SCRYPT_PARAMETERS                  171
@@ -1563,7 +1535,6 @@ void ERR_load_EVP_strings(void);
 # define EVP_R_INVALID_FIPS_MODE                          168
 # define EVP_R_INVALID_KEY_LENGTH                         130
 # define EVP_R_INVALID_OPERATION                          148
-# define EVP_R_IV_TOO_LARGE                               102
 # define EVP_R_KEYGEN_FAILURE                             120
 # define EVP_R_MEMORY_LIMIT_EXCEEDED                      172
 # define EVP_R_MESSAGE_DIGEST_IS_NULL                     159
@@ -1572,18 +1543,13 @@ void ERR_load_EVP_strings(void);
 # define EVP_R_NO_CIPHER_SET                              131
 # define EVP_R_NO_DEFAULT_DIGEST                          158
 # define EVP_R_NO_DIGEST_SET                              139
-# define EVP_R_NO_DSA_PARAMETERS                          116
 # define EVP_R_NO_KEY_SET                                 154
 # define EVP_R_NO_OPERATION_SET                           149
-# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED                104
-# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED              105
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151
-# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE                  117
 # define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
 # define EVP_R_PUBLIC_KEY_NOT_RSA                         106
-# define EVP_R_TOO_LARGE                                  164
 # define EVP_R_UNKNOWN_CIPHER                             160
 # define EVP_R_UNKNOWN_DIGEST                             161
 # define EVP_R_UNKNOWN_OPTION                             169
@@ -1599,9 +1565,8 @@ void ERR_load_EVP_strings(void);
 # define EVP_R_UNSUPPORTED_SALT_TYPE                      126
 # define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
 # define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
-# define EVP_R_WRONG_PUBLIC_KEY_TYPE                      110
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index cad3ab8..3078b56 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -55,6 +55,7 @@ extern "C" {
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_KDF_strings(void);
 
 /* Error codes for the KDF functions. */
@@ -68,7 +69,7 @@ void ERR_load_KDF_strings(void);
 # define KDF_R_MISSING_PARAMETER                          101
 # define KDF_R_VALUE_MISSING                              102
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/objects.h b/include/openssl/objects.h
index 647a8ac..4d3de7c 100644
--- a/include/openssl/objects.h
+++ b/include/openssl/objects.h
@@ -1073,6 +1073,7 @@ void OBJ_sigid_free(void);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_OBJ_strings(void);
 
 /* Error codes for the OBJ functions. */
@@ -1087,11 +1088,10 @@ void ERR_load_OBJ_strings(void);
 # define OBJ_F_OBJ_NID2SN                                 104
 
 /* Reason codes. */
-# define OBJ_R_MALLOC_FAILURE                             100
 # define OBJ_R_OID_EXISTS                                 102
 # define OBJ_R_UNKNOWN_NID                                101
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index ee21929..7ded752 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -346,12 +346,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_OCSP_strings(void);
 
 /* Error codes for the OCSP functions. */
 
 /* Function codes. */
-# define OCSP_F_ASN1_STRING_ENCODE                        100
 # define OCSP_F_D2I_OCSP_NONCE                            102
 # define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103
 # define OCSP_F_OCSP_BASIC_SIGN                           104
@@ -366,13 +366,9 @@ void ERR_load_OCSP_strings(void);
 # define OCSP_F_OCSP_REQUEST_SIGN                         110
 # define OCSP_F_OCSP_REQUEST_VERIFY                       116
 # define OCSP_F_OCSP_RESPONSE_GET1_BASIC                  111
-# define OCSP_F_OCSP_SENDREQ_BIO                          112
-# define OCSP_F_OCSP_SENDREQ_NBIO                         117
 # define OCSP_F_PARSE_HTTP_LINE1                          118
-# define OCSP_F_REQUEST_VERIFY                            113
 
 /* Reason codes. */
-# define OCSP_R_BAD_DATA                                  100
 # define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
 # define OCSP_R_DIGEST_ERR                                102
 # define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
@@ -382,8 +378,6 @@ void ERR_load_OCSP_strings(void);
 # define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE              124
 # define OCSP_R_NOT_BASIC_RESPONSE                        104
 # define OCSP_R_NO_CERTIFICATES_IN_CHAIN                  105
-# define OCSP_R_NO_CONTENT                                106
-# define OCSP_R_NO_PUBLIC_KEY                             107
 # define OCSP_R_NO_RESPONSE_DATA                          108
 # define OCSP_R_NO_REVOKED_TIME                           109
 # define OCSP_R_NO_SIGNER_KEY                             130
@@ -391,10 +385,8 @@ void ERR_load_OCSP_strings(void);
 # define OCSP_R_REQUEST_NOT_SIGNED                        128
 # define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA      111
 # define OCSP_R_ROOT_CA_NOT_TRUSTED                       112
-# define OCSP_R_SERVER_READ_ERROR                         113
 # define OCSP_R_SERVER_RESPONSE_ERROR                     114
 # define OCSP_R_SERVER_RESPONSE_PARSE_ERROR               115
-# define OCSP_R_SERVER_WRITE_ERROR                        116
 # define OCSP_R_SIGNATURE_FAILURE                         117
 # define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND              118
 # define OCSP_R_STATUS_EXPIRED                            125
@@ -404,8 +396,8 @@ void ERR_load_OCSP_strings(void);
 # define OCSP_R_UNKNOWN_NID                               120
 # define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE            129
 
-#ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
-#endif
+#  endif
 # endif
 #endif
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index df78fd8..6dd76ee 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -418,6 +418,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_PEM_strings(void);
 
 /* Error codes for the PEM functions. */
@@ -446,9 +447,7 @@ void ERR_load_PEM_strings(void);
 # define PEM_F_PEM_ASN1_WRITE_BIO                         105
 # define PEM_F_PEM_DEF_CALLBACK                           100
 # define PEM_F_PEM_DO_HEADER                              106
-# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY            118
 # define PEM_F_PEM_GET_EVP_CIPHER_INFO                    107
-# define PEM_F_PEM_PK8PKEY                                119
 # define PEM_F_PEM_READ                                   108
 # define PEM_F_PEM_READ_BIO                               109
 # define PEM_F_PEM_READ_BIO_DHPARAMS                      141
@@ -487,7 +486,6 @@ void ERR_load_PEM_strings(void);
 # define PEM_R_NOT_PROC_TYPE                              107
 # define PEM_R_NO_START_LINE                              108
 # define PEM_R_PROBLEMS_GETTING_PASSWORD                  109
-# define PEM_R_PUBLIC_KEY_NO_RSA                          110
 # define PEM_R_PVK_DATA_TOO_SHORT                         124
 # define PEM_R_PVK_TOO_SHORT                              125
 # define PEM_R_READ_KEY                                   111
@@ -497,7 +495,7 @@ void ERR_load_PEM_strings(void);
 # define PEM_R_UNSUPPORTED_ENCRYPTION                     114
 # define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h
index 1499f04..848267c 100644
--- a/include/openssl/pkcs12.h
+++ b/include/openssl/pkcs12.h
@@ -211,17 +211,12 @@ int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_PKCS12_strings(void);
 
 /* Error codes for the PKCS12 functions. */
 
 /* Function codes. */
-# define PKCS12_F_PARSE_BAG                               129
-# define PKCS12_F_PARSE_BAGS                              103
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME                 100
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC             127
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI             102
-# define PKCS12_F_PKCS12_ADD_LOCALKEYID                   104
 # define PKCS12_F_PKCS12_CREATE                           105
 # define PKCS12_F_PKCS12_GEN_MAC                          107
 # define PKCS12_F_PKCS12_INIT                             109
@@ -244,7 +239,6 @@ void ERR_load_PKCS12_strings(void);
 # define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 130
 # define PKCS12_F_PKCS12_UNPACK_P7DATA                    131
 # define PKCS12_F_PKCS12_VERIFY_MAC                       126
-# define PKCS12_F_PKCS8_ADD_KEYUSAGE                      124
 # define PKCS12_F_PKCS8_ENCRYPT                           125
 # define PKCS12_F_PKCS8_SET0_PBE                          132
 
@@ -263,7 +257,6 @@ void ERR_load_PKCS12_strings(void);
 # define PKCS12_R_MAC_GENERATION_ERROR                    109
 # define PKCS12_R_MAC_SETUP_ERROR                         110
 # define PKCS12_R_MAC_STRING_SET_ERROR                    111
-# define PKCS12_R_MAC_VERIFY_ERROR                        112
 # define PKCS12_R_MAC_VERIFY_FAILURE                      113
 # define PKCS12_R_PARSE_ERROR                             114
 # define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR           115
@@ -272,7 +265,7 @@ void ERR_load_PKCS12_strings(void);
 # define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM                118
 # define PKCS12_R_UNSUPPORTED_PKCS12_MODE                 119
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h
index 5104481..6de664f 100644
--- a/include/openssl/pkcs7.h
+++ b/include/openssl/pkcs7.h
@@ -323,15 +323,13 @@ BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_PKCS7_strings(void);
 
 /* Error codes for the PKCS7 functions. */
 
 /* Function codes. */
-# define PKCS7_F_B64_READ_PKCS7                           120
-# define PKCS7_F_B64_WRITE_PKCS7                          121
 # define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                   136
-# define PKCS7_F_I2D_PKCS7_BIO_STREAM                     140
 # define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME           135
 # define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                118
 # define PKCS7_F_PKCS7_ADD_CERTIFICATE                    100
@@ -345,7 +343,6 @@ void ERR_load_PKCS7_strings(void);
 # define PKCS7_F_PKCS7_DATADECODE                         112
 # define PKCS7_F_PKCS7_DATAFINAL                          128
 # define PKCS7_F_PKCS7_DATAINIT                           105
-# define PKCS7_F_PKCS7_DATASIGN                           106
 # define PKCS7_F_PKCS7_DATAVERIFY                         107
 # define PKCS7_F_PKCS7_DECRYPT                            114
 # define PKCS7_F_PKCS7_DECRYPT_RINFO                      133
@@ -366,8 +363,6 @@ void ERR_load_PKCS7_strings(void);
 # define PKCS7_F_PKCS7_SIGN_ADD_SIGNER                    137
 # define PKCS7_F_PKCS7_SIMPLE_SMIMECAP                    119
 # define PKCS7_F_PKCS7_VERIFY                             117
-# define PKCS7_F_SMIME_READ_PKCS7                         122
-# define PKCS7_F_SMIME_TEXT                               123
 
 /* Reason codes. */
 # define PKCS7_R_CERTIFICATE_VERIFY_ERROR                 117
@@ -375,46 +370,29 @@ void ERR_load_PKCS7_strings(void);
 # define PKCS7_R_CIPHER_NOT_INITIALIZED                   116
 # define PKCS7_R_CONTENT_AND_DATA_PRESENT                 118
 # define PKCS7_R_CTRL_ERROR                               152
-# define PKCS7_R_DECODE_ERROR                             130
-# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH            100
 # define PKCS7_R_DECRYPT_ERROR                            119
 # define PKCS7_R_DIGEST_FAILURE                           101
 # define PKCS7_R_ENCRYPTION_CTRL_FAILURE                  149
 # define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
 # define PKCS7_R_ERROR_ADDING_RECIPIENT                   120
 # define PKCS7_R_ERROR_SETTING_CIPHER                     121
-# define PKCS7_R_INVALID_MIME_TYPE                        131
 # define PKCS7_R_INVALID_NULL_POINTER                     143
 # define PKCS7_R_INVALID_SIGNED_DATA_TYPE                 155
-# define PKCS7_R_MIME_NO_CONTENT_TYPE                     132
-# define PKCS7_R_MIME_PARSE_ERROR                         133
-# define PKCS7_R_MIME_SIG_PARSE_ERROR                     134
-# define PKCS7_R_MISSING_CERIPEND_INFO                    103
 # define PKCS7_R_NO_CONTENT                               122
-# define PKCS7_R_NO_CONTENT_TYPE                          135
 # define PKCS7_R_NO_DEFAULT_DIGEST                        151
 # define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND            154
-# define PKCS7_R_NO_MULTIPART_BODY_FAILURE                136
-# define PKCS7_R_NO_MULTIPART_BOUNDARY                    137
 # define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE         115
-# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY                 146
 # define PKCS7_R_NO_SIGNATURES_ON_DATA                    123
 # define PKCS7_R_NO_SIGNERS                               142
-# define PKCS7_R_NO_SIG_CONTENT_TYPE                      138
 # define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE     104
 # define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                124
 # define PKCS7_R_PKCS7_ADD_SIGNER_ERROR                   153
-# define PKCS7_R_PKCS7_DATAFINAL                          126
-# define PKCS7_R_PKCS7_DATAFINAL_ERROR                    125
 # define PKCS7_R_PKCS7_DATASIGN                           145
-# define PKCS7_R_PKCS7_PARSE_ERROR                        139
-# define PKCS7_R_PKCS7_SIG_PARSE_ERROR                    140
 # define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE   127
 # define PKCS7_R_SIGNATURE_FAILURE                        105
 # define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND             128
 # define PKCS7_R_SIGNING_CTRL_FAILURE                     147
 # define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE  148
-# define PKCS7_R_SIG_INVALID_MIME_TYPE                    141
 # define PKCS7_R_SMIME_TEXT_ERROR                         129
 # define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE               106
 # define PKCS7_R_UNABLE_TO_FIND_MEM_BIO                   107
@@ -426,7 +404,7 @@ void ERR_load_PKCS7_strings(void);
 # define PKCS7_R_WRONG_CONTENT_TYPE                       113
 # define PKCS7_R_WRONG_PKCS7_TYPE                         114
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/rand.h b/include/openssl/rand.h
index 582a9b7..679cf09 100644
--- a/include/openssl/rand.h
+++ b/include/openssl/rand.h
@@ -77,29 +77,18 @@ int RAND_event(UINT, WPARAM, LPARAM);
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_RAND_strings(void);
 
 /* Error codes for the RAND functions. */
 
 /* Function codes. */
-# define RAND_F_FIPS_RAND                                 102
-# define RAND_F_FIPS_RAND_SET_DT                          103
-# define RAND_F_FIPS_SET_PRNG_SEED                        104
-# define RAND_F_FIPS_SET_TEST_MODE                        105
-# define RAND_F_FIPS_X931_SET_DT                          106
 # define RAND_F_RAND_BYTES                                100
-# define RAND_F_RAND_GET_RAND_METHOD                      101
 
 /* Reason codes. */
-# define RAND_R_NOT_IN_TEST_MODE                          101
-# define RAND_R_NO_KEY_SET                                102
-# define RAND_R_PRNG_ERROR                                103
-# define RAND_R_PRNG_KEYED                                104
 # define RAND_R_PRNG_NOT_SEEDED                           100
-# define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY              105
-# define RAND_R_PRNG_STUCK                                106
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 1f14fd7..6a68058 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -462,18 +462,14 @@ int RSA_meth_set_keygen(RSA_METHOD *rsa,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_RSA_strings(void);
 
 /* Error codes for the RSA functions. */
 
 /* Function codes. */
 # define RSA_F_CHECK_PADDING_MD                           140
-# define RSA_F_DO_RSA_PRINT                               146
-# define RSA_F_FIPS_RSA_SIGN_DIGEST                       149
-# define RSA_F_FIPS_RSA_VERIFY                            150
-# define RSA_F_FIPS_RSA_VERIFY_DIGEST                     151
 # define RSA_F_INT_RSA_VERIFY                             145
-# define RSA_F_MEMORY_LOCK                                100
 # define RSA_F_OLD_RSA_PRIV_DECODE                        147
 # define RSA_F_PKEY_RSA_CTRL                              143
 # define RSA_F_PKEY_RSA_CTRL_STR                          144
@@ -484,7 +480,6 @@ void ERR_load_RSA_strings(void);
 # define RSA_F_RSA_CHECK_KEY                              123
 # define RSA_F_RSA_CHECK_KEY_EX                           160
 # define RSA_F_RSA_CMS_DECRYPT                            159
-# define RSA_F_RSA_GENERATE_KEY                           105
 # define RSA_F_RSA_ITEM_VERIFY                            148
 # define RSA_F_RSA_MEMORY_LOCK                            130
 # define RSA_F_RSA_METH_DUP                               161
@@ -493,12 +488,10 @@ void ERR_load_RSA_strings(void);
 # define RSA_F_RSA_MGF1_TO_MD                             157
 # define RSA_F_RSA_NEW_METHOD                             106
 # define RSA_F_RSA_NULL                                   124
-# define RSA_F_RSA_NULL_MOD_EXP                           131
 # define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
 # define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
 # define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
 # define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
-# define RSA_F_RSA_OAEP_TO_CTX                            158
 # define RSA_F_RSA_OSSL_PRIVATE_DECRYPT                   101
 # define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT                   102
 # define RSA_F_RSA_OSSL_PUBLIC_DECRYPT                    103
@@ -521,7 +514,6 @@ void ERR_load_RSA_strings(void);
 # define RSA_F_RSA_PADDING_CHECK_X931                     128
 # define RSA_F_RSA_PRINT                                  115
 # define RSA_F_RSA_PRINT_FP                               116
-# define RSA_F_RSA_PRIV_DECODE                            137
 # define RSA_F_RSA_PRIV_ENCODE                            138
 # define RSA_F_RSA_PSS_TO_CTX                             155
 # define RSA_F_RSA_PUB_DECODE                             139
@@ -556,7 +548,6 @@ void ERR_load_RSA_strings(void);
 # define RSA_R_INVALID_DIGEST                             157
 # define RSA_R_INVALID_DIGEST_LENGTH                      143
 # define RSA_R_INVALID_HEADER                             137
-# define RSA_R_INVALID_KEYBITS                            145
 # define RSA_R_INVALID_LABEL                              160
 # define RSA_R_INVALID_MESSAGE_LENGTH                     131
 # define RSA_R_INVALID_MGF1_MD                            156
@@ -590,7 +581,6 @@ void ERR_load_RSA_strings(void);
 # define RSA_R_UNKNOWN_DIGEST                             166
 # define RSA_R_UNKNOWN_MASK_DIGEST                        151
 # define RSA_R_UNKNOWN_PADDING_TYPE                       118
-# define RSA_R_UNKNOWN_PSS_DIGEST                         152
 # define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                162
 # define RSA_R_UNSUPPORTED_LABEL_SOURCE                   163
 # define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
@@ -599,9 +589,8 @@ void ERR_load_RSA_strings(void);
 # define RSA_R_VALUE_MISSING                              147
 # define RSA_R_WRONG_SIGNATURE_LENGTH                     119
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index cf760db..f019f64 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2007,6 +2007,7 @@ extern const char SSL_version_str[];
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_SSL_strings(void);
 
 /* Error codes for the SSL functions. */
@@ -2021,21 +2022,12 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_DANE_TLSA_ADD                              394
 # define SSL_F_DO_DTLS1_WRITE                             245
 # define SSL_F_DO_SSL3_WRITE                              104
-# define SSL_F_DTLS1_ADD_CERT_TO_BUF                      295
 # define SSL_F_DTLS1_BUFFER_RECORD                        247
 # define SSL_F_DTLS1_CHECK_TIMEOUT_NUM                    318
-# define SSL_F_DTLS1_ENC                                  250
-# define SSL_F_DTLS1_GET_HELLO_VERIFY                     251
-# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT                 253
-# define SSL_F_DTLS1_HANDLE_TIMEOUT                       297
 # define SSL_F_DTLS1_HEARTBEAT                            305
 # define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
-# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE           256
 # define SSL_F_DTLS1_PROCESS_RECORD                       257
 # define SSL_F_DTLS1_READ_BYTES                           258
-# define SSL_F_DTLS1_READ_FAILED                          259
-# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST             260
-# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST            264
 # define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                 268
 # define SSL_F_DTLSV1_LISTEN                              350
 # define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC          371
@@ -2044,11 +2036,8 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
 # define SSL_F_OPENSSL_INIT_SSL                           342
 # define SSL_F_READ_STATE_MACHINE                         352
-# define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
-# define SSL_F_SSL3_CALLBACK_CTRL                         233
 # define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
 # define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
-# define SSL_F_SSL3_CHECK_FINISHED                        339
 # define SSL_F_SSL3_CTRL                                  213
 # define SSL_F_SSL3_CTX_CTRL                              133
 # define SSL_F_SSL3_DIGEST_CACHED_RECORDS                 293
@@ -2057,9 +2046,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
 # define SSL_F_SSL3_GENERATE_MASTER_SECRET                388
 # define SSL_F_SSL3_GET_RECORD                            143
-# define SSL_F_SSL3_NEW_SESSION_TICKET                    287
 # define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
-# define SSL_F_SSL3_PEEK                                  235
 # define SSL_F_SSL3_READ_BYTES                            148
 # define SSL_F_SSL3_READ_N                                149
 # define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
@@ -2067,7 +2054,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL3_SETUP_WRITE_BUFFER                    291
 # define SSL_F_SSL3_WRITE_BYTES                           158
 # define SSL_F_SSL3_WRITE_PENDING                         159
-# define SSL_F_SSL_ACCEPT                                 390
 # define SSL_F_SSL_ADD_CERT_CHAIN                         316
 # define SSL_F_SSL_ADD_CERT_TO_BUF                        319
 # define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT        298
@@ -2083,7 +2069,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
 # define SSL_F_SSL_CERT_ADD0_CHAIN_CERT                   346
 # define SSL_F_SSL_CERT_DUP                               221
-# define SSL_F_SSL_CERT_INSTANTIATE                       214
 # define SSL_F_SSL_CERT_NEW                               162
 # define SSL_F_SSL_CERT_SET0_CHAIN                        340
 # define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
@@ -2104,10 +2089,8 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
 # define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             290
 # define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK         396
-# define SSL_F_SSL_CTX_SET_PURPOSE                        226
 # define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
 # define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
-# define SSL_F_SSL_CTX_SET_TRUST                          229
 # define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
 # define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
 # define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
@@ -2125,12 +2108,9 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_DO_CONFIG                              391
 # define SSL_F_SSL_DO_HANDSHAKE                           180
 # define SSL_F_SSL_ENABLE_CT                              402
-# define SSL_F_SSL_GET0_PEER_SCTS                         397
 # define SSL_F_SSL_GET_NEW_SESSION                        181
 # define SSL_F_SSL_GET_PREV_SESSION                       217
 # define SSL_F_SSL_GET_SERVER_CERT_INDEX                  322
-# define SSL_F_SSL_GET_SERVER_SEND_CERT                   182
-# define SSL_F_SSL_GET_SERVER_SEND_PKEY                   317
 # define SSL_F_SSL_GET_SIGN_PKEY                          183
 # define SSL_F_SSL_INIT_WBIO_BUFFER                       184
 # define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
@@ -2143,8 +2123,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT               303
 # define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT         311
 # define SSL_F_SSL_PEEK                                   270
-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT             281
-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT             282
 # define SSL_F_SSL_READ                                   223
 # define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT                320
 # define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT                321
@@ -2158,17 +2136,14 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK             399
 # define SSL_F_SSL_SET_FD                                 192
 # define SSL_F_SSL_SET_PKEY                               193
-# define SSL_F_SSL_SET_PURPOSE                            227
 # define SSL_F_SSL_SET_RFD                                194
 # define SSL_F_SSL_SET_SESSION                            195
 # define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
 # define SSL_F_SSL_SET_SESSION_TICKET_EXT                 294
-# define SSL_F_SSL_SET_TRUST                              228
 # define SSL_F_SSL_SET_WFD                                196
 # define SSL_F_SSL_SHUTDOWN                               224
 # define SSL_F_SSL_SRP_CTX_INIT                           313
 # define SSL_F_SSL_START_ASYNC_JOB                        389
-# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION               243
 # define SSL_F_SSL_UNDEFINED_FUNCTION                     197
 # define SSL_F_SSL_UNDEFINED_VOID_FUNCTION                244
 # define SSL_F_SSL_USE_CERTIFICATE                        198
@@ -2188,12 +2163,9 @@ void ERR_load_SSL_strings(void);
 # define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
 # define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
 # define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS            341
-# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT              274
 # define SSL_F_TLS1_ENC                                   401
 # define SSL_F_TLS1_EXPORT_KEYING_MATERIAL                314
 # define SSL_F_TLS1_GET_CURVELIST                         338
-# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT            275
-# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT            276
 # define SSL_F_TLS1_PRF                                   284
 # define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
 # define SSL_F_TLS1_SET_SERVER_SIGALGS                    335
@@ -2235,43 +2207,23 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
 # define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE       143
 # define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE     158
-# define SSL_R_BAD_ALERT_RECORD                           101
 # define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
 # define SSL_R_BAD_DATA                                   390
 # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
 # define SSL_R_BAD_DECOMPRESSION                          107
-# define SSL_R_BAD_DH_G_LENGTH                            108
-# define SSL_R_BAD_DH_G_VALUE                             375
-# define SSL_R_BAD_DH_PUB_KEY_LENGTH                      109
-# define SSL_R_BAD_DH_PUB_KEY_VALUE                       393
-# define SSL_R_BAD_DH_P_LENGTH                            110
-# define SSL_R_BAD_DH_P_VALUE                             395
 # define SSL_R_BAD_DH_VALUE                               102
 # define SSL_R_BAD_DIGEST_LENGTH                          111
-# define SSL_R_BAD_DSA_SIGNATURE                          112
 # define SSL_R_BAD_ECC_CERT                               304
-# define SSL_R_BAD_ECDSA_SIGNATURE                        305
 # define SSL_R_BAD_ECPOINT                                306
 # define SSL_R_BAD_HANDSHAKE_LENGTH                       332
 # define SSL_R_BAD_HELLO_REQUEST                          105
 # define SSL_R_BAD_LENGTH                                 271
-# define SSL_R_BAD_MAC_LENGTH                             333
-# define SSL_R_BAD_MESSAGE_TYPE                           114
 # define SSL_R_BAD_PACKET_LENGTH                          115
 # define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
-# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH               316
-# define SSL_R_BAD_RSA_DECRYPT                            118
 # define SSL_R_BAD_RSA_ENCRYPT                            119
-# define SSL_R_BAD_RSA_E_LENGTH                           120
-# define SSL_R_BAD_RSA_MODULUS_LENGTH                     121
-# define SSL_R_BAD_RSA_SIGNATURE                          122
 # define SSL_R_BAD_SIGNATURE                              123
 # define SSL_R_BAD_SRP_A_LENGTH                           347
-# define SSL_R_BAD_SRP_B_LENGTH                           348
-# define SSL_R_BAD_SRP_G_LENGTH                           349
-# define SSL_R_BAD_SRP_N_LENGTH                           350
 # define SSL_R_BAD_SRP_PARAMETERS                         371
-# define SSL_R_BAD_SRP_S_LENGTH                           351
 # define SSL_R_BAD_SRTP_MKI_VALUE                         352
 # define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST           353
 # define SSL_R_BAD_SSL_FILETYPE                           124
@@ -2281,7 +2233,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
 # define SSL_R_BN_LIB                                     130
 # define SSL_R_CA_DN_LENGTH_MISMATCH                      131
-# define SSL_R_CA_DN_TOO_LONG                             132
 # define SSL_R_CA_KEY_TOO_SMALL                           397
 # define SSL_R_CA_MD_TOO_WEAK                             398
 # define SSL_R_CCS_RECEIVED_EARLY                         133
@@ -2321,12 +2272,8 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_DIGEST_CHECK_FAILED                        149
 # define SSL_R_DTLS_MESSAGE_TOO_BIG                       334
 # define SSL_R_DUPLICATE_COMPRESSION_ID                   309
-# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT             317
 # define SSL_R_ECC_CERT_NOT_FOR_SIGNING                   318
-# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE         322
-# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE        323
 # define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE              374
-# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER               310
 # define SSL_R_EE_KEY_TOO_SMALL                           399
 # define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
 # define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
@@ -2337,8 +2284,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_FAILED_TO_INIT_ASYNC                       405
 # define SSL_R_FRAGMENTED_CLIENT_HELLO                    401
 # define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
-# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS                355
-# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION           356
 # define SSL_R_HTTPS_PROXY_REQUEST                        155
 # define SSL_R_HTTP_REQUEST                               156
 # define SSL_R_ILLEGAL_SUITEB_DIGEST                      380
@@ -2350,23 +2295,17 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_INVALID_CONFIGURATION_NAME                 113
 # define SSL_R_INVALID_CT_VALIDATION_TYPE                 212
 # define SSL_R_INVALID_NULL_CMD_NAME                      385
-# define SSL_R_INVALID_PURPOSE                            278
 # define SSL_R_INVALID_SEQUENCE_NUMBER                    402
 # define SSL_R_INVALID_SERVERINFO_DATA                    388
 # define SSL_R_INVALID_SRP_USERNAME                       357
 # define SSL_R_INVALID_STATUS_RESPONSE                    328
 # define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325
-# define SSL_R_INVALID_TRUST                              279
 # define SSL_R_LENGTH_MISMATCH                            159
 # define SSL_R_LENGTH_TOO_LONG                            404
 # define SSL_R_LENGTH_TOO_SHORT                           160
 # define SSL_R_LIBRARY_BUG                                274
 # define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
-# define SSL_R_MISSING_DH_DSA_CERT                        162
-# define SSL_R_MISSING_DH_KEY                             163
-# define SSL_R_MISSING_DH_RSA_CERT                        164
 # define SSL_R_MISSING_DSA_SIGNING_CERT                   165
-# define SSL_R_MISSING_ECDH_CERT                          382
 # define SSL_R_MISSING_ECDSA_SIGNING_CERT                 381
 # define SSL_R_MISSING_RSA_CERTIFICATE                    168
 # define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
@@ -2374,18 +2313,13 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_MISSING_SRP_PARAM                          358
 # define SSL_R_MISSING_TMP_DH_KEY                         171
 # define SSL_R_MISSING_TMP_ECDH_KEY                       311
-# define SSL_R_MISSING_VERIFY_MESSAGE                     174
-# define SSL_R_MULTIPLE_SGC_RESTARTS                      346
 # define SSL_R_NO_CERTIFICATES_RETURNED                   176
 # define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
-# define SSL_R_NO_CERTIFICATE_RETURNED                    178
 # define SSL_R_NO_CERTIFICATE_SET                         179
 # define SSL_R_NO_CIPHERS_AVAILABLE                       181
-# define SSL_R_NO_CIPHERS_PASSED                          182
 # define SSL_R_NO_CIPHERS_SPECIFIED                       183
 # define SSL_R_NO_CIPHER_MATCH                            185
 # define SSL_R_NO_CLIENT_CERT_METHOD                      331
-# define SSL_R_NO_CLIENT_CERT_RECEIVED                    186
 # define SSL_R_NO_COMPRESSION_SPECIFIED                   187
 # define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER           330
 # define SSL_R_NO_METHOD_SPECIFIED                        188
@@ -2398,13 +2332,11 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS              376
 # define SSL_R_NO_SRTP_PROFILES                           359
 # define SSL_R_NO_VALID_SCTS                              216
-# define SSL_R_NO_VERIFY_CALLBACK                         194
 # define SSL_R_NO_VERIFY_COOKIE_CALLBACK                  403
 # define SSL_R_NULL_SSL_CTX                               195
 # define SSL_R_NULL_SSL_METHOD_PASSED                     196
 # define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
 # define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG                  327
 # define SSL_R_PACKET_LENGTH_TOO_LONG                     198
 # define SSL_R_PARSE_TLSEXT                               227
 # define SSL_R_PATH_TOO_LONG                              270
@@ -2412,7 +2344,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_PEM_NAME_BAD_PREFIX                        391
 # define SSL_R_PEM_NAME_TOO_SHORT                         392
 # define SSL_R_PIPELINE_FAILURE                           406
-# define SSL_R_PRE_MAC_LENGTH_TOO_LONG                    205
 # define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
 # define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
 # define SSL_R_PSK_NO_CLIENT_CB                           224
@@ -2420,7 +2351,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_READ_BIO_NOT_SET                           211
 # define SSL_R_READ_TIMEOUT_EXPIRED                       312
 # define SSL_R_RECORD_LENGTH_MISMATCH                     213
-# define SSL_R_RECORD_TOO_LARGE                           214
 # define SSL_R_RECORD_TOO_SMALL                           298
 # define SSL_R_RENEGOTIATE_EXT_TOO_LONG                   335
 # define SSL_R_RENEGOTIATION_ENCODING_ERR                 336
@@ -2431,7 +2361,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_SCT_VERIFICATION_FAILED                    208
 # define SSL_R_SERVERHELLO_TLSEXT                         275
 # define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
-# define SSL_R_SET_FAILED                                 209
 # define SSL_R_SHUTDOWN_WHILE_IN_INIT                     407
 # define SSL_R_SIGNATURE_ALGORITHMS_ERROR                 360
 # define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
@@ -2439,11 +2368,9 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES           362
 # define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG      363
 # define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE            364
-# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT             321
 # define SSL_R_SSL3_EXT_INVALID_SERVERNAME                319
 # define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE           320
 # define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
-# define SSL_R_SSL3_SESSION_ID_TOO_SHORT                  222
 # define SSL_R_SSL_COMMAND_SECTION_EMPTY                  117
 # define SSL_R_SSL_COMMAND_SECTION_NOT_FOUND              125
 # define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
@@ -2457,19 +2384,12 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
 # define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
 # define SSL_R_SSL_SESSION_VERSION_MISMATCH               210
-# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER       232
 # define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT           365
 # define SSL_R_TLS_HEARTBEAT_PENDING                      366
 # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
-# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG    234
-# define SSL_R_UNABLE_TO_DECODE_DH_CERTS                  236
-# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS                313
-# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS               238
 # define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS             314
 # define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
-# define SSL_R_UNABLE_TO_FIND_SSL_METHOD                  240
 # define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
 # define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
 # define SSL_R_UNEXPECTED_MESSAGE                         244
@@ -2485,13 +2405,10 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
 # define SSL_R_UNKNOWN_PKEY_TYPE                          251
 # define SSL_R_UNKNOWN_PROTOCOL                           252
-# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE                  253
 # define SSL_R_UNKNOWN_SSL_VERSION                        254
 # define SSL_R_UNKNOWN_STATE                              255
 # define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED       338
-# define SSL_R_UNSUPPORTED_CIPHER                         256
 # define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
-# define SSL_R_UNSUPPORTED_DIGEST_TYPE                    326
 # define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE                 315
 # define SSL_R_UNSUPPORTED_PROTOCOL                       258
 # define SSL_R_UNSUPPORTED_SSL_VERSION                    259
@@ -2502,7 +2419,6 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_WRONG_CERTIFICATE_TYPE                     383
 # define SSL_R_WRONG_CIPHER_RETURNED                      261
 # define SSL_R_WRONG_CURVE                                378
-# define SSL_R_WRONG_MESSAGE_TYPE                         262
 # define SSL_R_WRONG_SIGNATURE_LENGTH                     264
 # define SSL_R_WRONG_SIGNATURE_SIZE                       265
 # define SSL_R_WRONG_SIGNATURE_TYPE                       370
@@ -2511,7 +2427,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_X509_LIB                                   268
 # define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/ts.h b/include/openssl/ts.h
index 8dbe583..d512648 100644
--- a/include/openssl/ts.h
+++ b/include/openssl/ts.h
@@ -536,12 +536,12 @@ int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_TS_strings(void);
 
 /* Error codes for the TS functions. */
 
 /* Function codes. */
-# define TS_F_D2I_TS_RESP                                 147
 # define TS_F_DEF_SERIAL_CB                               110
 # define TS_F_DEF_TIME_CB                                 111
 # define TS_F_ESS_ADD_SIGNING_CERT                        112
@@ -586,7 +586,6 @@ void ERR_load_TS_strings(void);
 # define TS_F_TS_RESP_SET_TST_INFO                        150
 # define TS_F_TS_RESP_SIGN                                136
 # define TS_F_TS_RESP_VERIFY_SIGNATURE                    106
-# define TS_F_TS_RESP_VERIFY_TOKEN                        107
 # define TS_F_TS_TST_INFO_SET_ACCURACY                    137
 # define TS_F_TS_TST_INFO_SET_MSG_IMPRINT                 138
 # define TS_F_TS_TST_INFO_SET_NONCE                       139
@@ -606,7 +605,6 @@ void ERR_load_TS_strings(void);
 # define TS_R_CERTIFICATE_VERIFY_ERROR                    100
 # define TS_R_COULD_NOT_SET_ENGINE                        127
 # define TS_R_COULD_NOT_SET_TIME                          115
-# define TS_R_D2I_TS_RESP_INT_FAILED                      128
 # define TS_R_DETACHED_CONTENT                            134
 # define TS_R_ESS_ADD_SIGNING_CERT_ERROR                  116
 # define TS_R_ESS_SIGNING_CERTIFICATE_ERROR               101
@@ -639,9 +637,8 @@ void ERR_load_TS_strings(void);
 # define TS_R_VAR_LOOKUP_FAILURE                          136
 # define TS_R_WRONG_CONTENT_TYPE                          114
 
-# ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
+#  endif
 # endif
-# endif
-
 #endif
diff --git a/include/openssl/ui.h b/include/openssl/ui.h
index c6c20b5..4173fe0 100644
--- a/include/openssl/ui.h
+++ b/include/openssl/ui.h
@@ -333,6 +333,7 @@ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_UI_strings(void);
 
 /* Error codes for the UI functions. */
@@ -340,7 +341,6 @@ void ERR_load_UI_strings(void);
 /* Function codes. */
 # define UI_F_GENERAL_ALLOCATE_BOOLEAN                    108
 # define UI_F_GENERAL_ALLOCATE_PROMPT                     109
-# define UI_F_GENERAL_ALLOCATE_STRING                     100
 # define UI_F_UI_CREATE_METHOD                            112
 # define UI_F_UI_CTRL                                     111
 # define UI_F_UI_DUP_ERROR_STRING                         101
@@ -361,8 +361,8 @@ void ERR_load_UI_strings(void);
 # define UI_R_RESULT_TOO_SMALL                            101
 # define UI_R_UNKNOWN_CONTROL_COMMAND                     106
 
-#ifdef  __cplusplus
+#  ifdef  __cplusplus
 }
-#endif
-# endif /* OPENSSL_NO_UI */
+#  endif
+# endif
 #endif
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index fe93b5e..93ded51 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -995,12 +995,13 @@ char *X509_TRUST_get0_name(X509_TRUST *xp);
 int X509_TRUST_get_trust(X509_TRUST *xp);
 
 /* BEGIN ERROR CODES */
-
 /*
- * Content after this point is generated by util/mkerr.pl
- * DO NOT EDIT!
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_X509_strings(void);
+
 /* Error codes for the X509 functions. */
 
 /* Function codes. */
@@ -1050,7 +1051,6 @@ void ERR_load_X509_strings(void);
 # define X509_F_X509_STORE_CTX_INIT                       143
 # define X509_F_X509_STORE_CTX_NEW                        142
 # define X509_F_X509_STORE_CTX_PURPOSE_INHERIT            134
-# define X509_F_X509_STORE_GET_X509_BY_SUBJECT            149
 # define X509_F_X509_TO_X509_REQ                          126
 # define X509_F_X509_TRUST_ADD                            133
 # define X509_F_X509_TRUST_SET                            141
@@ -1065,7 +1065,6 @@ void ERR_load_X509_strings(void);
 # define X509_R_CERT_ALREADY_IN_HASH_TABLE                101
 # define X509_R_CRL_ALREADY_DELTA                         127
 # define X509_R_CRL_VERIFY_FAILURE                        131
-# define X509_R_ERR_ASN1_LIB                              102
 # define X509_R_IDP_MISMATCH                              128
 # define X509_R_INVALID_DIRECTORY                         113
 # define X509_R_INVALID_FIELD_NAME                        119
@@ -1093,7 +1092,7 @@ void ERR_load_X509_strings(void);
 # define X509_R_WRONG_LOOKUP_TYPE                         112
 # define X509_R_WRONG_TYPE                                122
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index fef5e71..299a114 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -868,6 +868,7 @@ int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain,
  * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+
 void ERR_load_X509V3_strings(void);
 
 /* Error codes for the X509V3 functions. */
@@ -880,10 +881,8 @@ void ERR_load_X509V3_strings(void);
 # define X509V3_F_COPY_EMAIL                              122
 # define X509V3_F_COPY_ISSUER                             123
 # define X509V3_F_DO_DIRNAME                              144
-# define X509V3_F_DO_EXT_CONF                             124
 # define X509V3_F_DO_EXT_I2D                              135
 # define X509V3_F_DO_EXT_NCONF                            151
-# define X509V3_F_DO_I2V_NAME_CONSTRAINTS                 148
 # define X509V3_F_GNAMES_FROM_SECTNAME                    156
 # define X509V3_F_I2S_ASN1_ENUMERATED                     121
 # define X509V3_F_I2S_ASN1_IA5STRING                      149
@@ -898,7 +897,6 @@ void ERR_load_X509V3_strings(void);
 # define X509V3_F_S2I_ASN1_IA5STRING                      100
 # define X509V3_F_S2I_ASN1_INTEGER                        108
 # define X509V3_F_S2I_ASN1_OCTET_STRING                   112
-# define X509V3_F_S2I_ASN1_SKEY_ID                        114
 # define X509V3_F_S2I_SKEY_ID                             115
 # define X509V3_F_SET_DIST_POINT_NAME                     158
 # define X509V3_F_SXNET_ADD_ID_ASC                        125
@@ -928,7 +926,6 @@ void ERR_load_X509V3_strings(void);
 # define X509V3_F_X509V3_ADD_VALUE                        105
 # define X509V3_F_X509V3_EXT_ADD                          104
 # define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
-# define X509V3_F_X509V3_EXT_CONF                         107
 # define X509V3_F_X509V3_EXT_I2D                          136
 # define X509V3_F_X509V3_EXT_NCONF                        152
 # define X509V3_F_X509V3_GET_SECTION                      142
@@ -988,13 +985,11 @@ void ERR_load_X509V3_strings(void);
 # define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
 # define X509V3_R_NO_PUBLIC_KEY                           114
 # define X509V3_R_NO_SUBJECT_DETAILS                      125
-# define X509V3_R_ODD_NUMBER_OF_DIGITS                    112
 # define X509V3_R_OPERATION_NOT_DEFINED                   148
 # define X509V3_R_OTHERNAME_ERROR                         147
 # define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
 # define X509V3_R_POLICY_PATH_LENGTH                      156
 # define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
-# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED   158
 # define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
 # define X509V3_R_SECTION_NOT_FOUND                       150
 # define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
@@ -1007,7 +1002,7 @@ void ERR_load_X509V3_strings(void);
 # define X509V3_R_UNSUPPORTED_TYPE                        167
 # define X509V3_R_USER_TOO_LONG                           132
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#endif
+# endif
 #endif
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index b9876bd..377061b 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -1,16 +1,11 @@
 /*
+ * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
  * https://www.openssl.org/source/license.html
-*/
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
  */
 
 #include <stdio.h>
@@ -33,25 +28,14 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DANE_TLSA_ADD), "dane_tlsa_add"},
     {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
     {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "do_ssl3_write"},
-    {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
     {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "dtls1_buffer_record"},
     {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "dtls1_check_timeout_num"},
-    {ERR_FUNC(SSL_F_DTLS1_ENC), "DTLS1_ENC"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT), "DTLS1_GET_MESSAGE_FRAGMENT"},
-    {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "dtls1_handle_timeout"},
     {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "dtls1_heartbeat"},
     {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "dtls1_preprocess_fragment"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
-     "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
     {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "dtls1_process_record"},
     {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "dtls1_read_bytes"},
-    {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "dtls1_read_failed"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
-     "DTLS1_SEND_CERTIFICATE_REQUEST"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
-     "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
-    {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"},
+    {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
+     "dtls1_write_app_data_bytes"},
     {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},
     {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
      "dtls_construct_change_cipher_spec"},
@@ -62,24 +46,21 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
     {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"},
     {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
-    {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
-    {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
     {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "ssl3_change_cipher_state"},
     {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
      "ssl3_check_cert_and_algorithm"},
-    {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
     {ERR_FUNC(SSL_F_SSL3_CTRL), "ssl3_ctrl"},
     {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "ssl3_ctx_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS), "ssl3_digest_cached_records"},
-    {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "ssl3_do_change_cipher_spec"},
+    {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
+     "ssl3_digest_cached_records"},
+    {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
+     "ssl3_do_change_cipher_spec"},
     {ERR_FUNC(SSL_F_SSL3_FINAL_FINISH_MAC), "ssl3_final_finish_mac"},
     {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "ssl3_generate_key_block"},
     {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
      "ssl3_generate_master_secret"},
     {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "ssl3_get_record"},
-    {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
     {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "ssl3_output_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL3_PEEK), "ssl3_peek"},
     {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "ssl3_read_bytes"},
     {ERR_FUNC(SSL_F_SSL3_READ_N), "ssl3_read_n"},
     {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
@@ -87,12 +68,12 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
     {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
     {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
-    {ERR_FUNC(SSL_F_SSL_ACCEPT), "SSL_accept"},
     {ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
     {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_BUF), "ssl_add_cert_to_buf"},
     {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
      "ssl_add_clienthello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT), "ssl_add_clienthello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
+     "ssl_add_clienthello_tlsext"},
     {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
      "ssl_add_clienthello_use_srtp_ext"},
     {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
@@ -101,7 +82,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "SSL_add_file_cert_subjects_to_stack"},
     {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
      "ssl_add_serverhello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT), "ssl_add_serverhello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
+     "ssl_add_serverhello_tlsext"},
     {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
      "ssl_add_serverhello_use_srtp_ext"},
     {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
@@ -109,7 +91,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "ssl_bytes_to_cipher_list"},
     {ERR_FUNC(SSL_F_SSL_CERT_ADD0_CHAIN_CERT), "ssl_cert_add0_chain_cert"},
     {ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
-    {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
     {ERR_FUNC(SSL_F_SSL_CERT_NEW), "ssl_cert_new"},
     {ERR_FUNC(SSL_F_SSL_CERT_SET0_CHAIN), "ssl_cert_set0_chain"},
     {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
@@ -117,7 +98,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "ssl_check_serverhello_tlsext"},
     {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
      "ssl_check_srvr_ecc_cert_and_alg"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR), "ssl_cipher_process_rulestr"},
+    {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
+     "ssl_cipher_process_rulestr"},
     {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "ssl_cipher_strength_sort"},
     {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
     {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
@@ -135,11 +117,9 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "SSL_CTX_set_client_cert_engine"},
     {ERR_FUNC(SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK),
      "SSL_CTX_set_ct_validation_callback"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
     {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
      "SSL_CTX_set_session_id_context"},
     {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
     {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
     {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
      "SSL_CTX_use_certificate_ASN1"},
@@ -165,12 +145,9 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_DO_CONFIG), "ssl_do_config"},
     {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
     {ERR_FUNC(SSL_F_SSL_ENABLE_CT), "SSL_enable_ct"},
-    {ERR_FUNC(SSL_F_SSL_GET0_PEER_SCTS), "SSL_get0_peer_scts"},
     {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
     {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "ssl_get_prev_session"},
     {ERR_FUNC(SSL_F_SSL_GET_SERVER_CERT_INDEX), "ssl_get_server_cert_index"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "ssl_get_server_send_pkey"},
     {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "ssl_get_sign_pkey"},
     {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "ssl_init_wbio_buffer"},
     {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
@@ -189,10 +166,6 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
      "ssl_parse_serverhello_use_srtp_ext"},
     {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
-    {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
-     "ssl_prepare_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
-     "ssl_prepare_serverhello_tlsext"},
     {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
     {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT),
      "ssl_scan_clienthello_tlsext"},
@@ -210,18 +183,16 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "SSL_set_ct_validation_callback"},
     {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
     {ERR_FUNC(SSL_F_SSL_SET_PKEY), "ssl_set_pkey"},
-    {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
     {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
     {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT), "SSL_set_session_id_context"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
-    {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
+    {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
+     "SSL_set_session_id_context"},
+    {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
+     "SSL_set_session_ticket_ext"},
     {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
     {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
     {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
     {ERR_FUNC(SSL_F_SSL_START_ASYNC_JOB), "ssl_start_async_job"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
-     "ssl_undefined_const_function"},
     {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "ssl_undefined_function"},
     {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
      "ssl_undefined_void_function"},
@@ -233,8 +204,10 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
     {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
     {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1), "SSL_use_RSAPrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE), "SSL_use_RSAPrivateKey_file"},
+    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
+     "SSL_use_RSAPrivateKey_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
+     "SSL_use_RSAPrivateKey_file"},
     {ERR_FUNC(SSL_F_SSL_VALIDATE_CT), "ssl_validate_ct"},
     {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
     {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
@@ -243,16 +216,10 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
     {ERR_FUNC(SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS),
      "tls1_check_duplicate_extensions"},
-    {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
-     "TLS1_CHECK_SERVERHELLO_TLSEXT"},
     {ERR_FUNC(SSL_F_TLS1_ENC), "tls1_enc"},
     {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
      "tls1_export_keying_material"},
     {ERR_FUNC(SSL_F_TLS1_GET_CURVELIST), "tls1_get_curvelist"},
-    {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
-     "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
-     "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
     {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_PRF"},
     {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"},
     {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"},
@@ -262,7 +229,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "tls_construct_certificate_request"},
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE),
      "tls_construct_client_certificate"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO), "tls_construct_client_hello"},
+    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO),
+     "tls_construct_client_hello"},
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE),
      "tls_construct_client_key_exchange"},
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY),
@@ -273,7 +241,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE),
      "tls_construct_server_certificate"},
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_DONE), "tls_construct_server_done"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO), "tls_construct_server_hello"},
+    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO),
+     "tls_construct_server_hello"},
     {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE),
      "tls_construct_server_key_exchange"},
     {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_BODY), "tls_get_message_body"},
@@ -304,7 +273,8 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "tls_process_server_certificate"},
     {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_DONE), "tls_process_server_done"},
     {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_HELLO), "tls_process_server_hello"},
-    {ERR_FUNC(SSL_F_USE_CERTIFICATE_CHAIN_FILE), "use_certificate_chain_file"},
+    {ERR_FUNC(SSL_F_USE_CERTIFICATE_CHAIN_FILE),
+     "use_certificate_chain_file"},
     {0, NULL}
 };
 
@@ -316,46 +286,25 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "at least TLS 1.0 needed in FIPS mode"},
     {ERR_REASON(SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE),
      "at least (D)TLS 1.2 needed in Suite B mode"},
-    {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
     {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
     {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
     {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
      "bad data returned by callback"},
     {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
-    {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
-    {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
-    {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
-    {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
-    {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
-    {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
     {ERR_REASON(SSL_R_BAD_DH_VALUE), "bad dh value"},
     {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
-    {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
     {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
-    {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
     {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
     {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
     {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
     {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
-    {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
-    {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
     {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
     {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
      "bad protocol version number"},
-    {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
-     "bad psk identity hint length"},
-    {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
     {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
-    {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
-    {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
-    {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
     {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
     {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
-    {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
-    {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
-    {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
     {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
-    {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
     {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
     {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
      "bad srtp protection profile list"},
@@ -363,14 +312,15 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_BAD_VALUE), "bad value"},
     {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
     {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
-    {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
+    {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
+     "block cipher pad is wrong"},
     {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
     {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
-    {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
     {ERR_REASON(SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
     {ERR_REASON(SSL_R_CA_MD_TOO_WEAK), "ca md too weak"},
     {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
-    {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
+    {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
+     "certificate verify failed"},
     {ERR_REASON(SSL_R_CERT_CB_ERROR), "cert cb error"},
     {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
     {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
@@ -383,7 +333,8 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
     {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
      "compression id not within private range"},
-    {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
+    {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
+     "compression library error"},
     {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
     {ERR_REASON(SSL_R_CONTEXT_NOT_DANE_ENABLED), "context not dane enabled"},
     {ERR_REASON(SSL_R_COOKIE_GEN_CALLBACK_FAILURE),
@@ -395,10 +346,12 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL),
      "dane cannot override mtype full"},
     {ERR_REASON(SSL_R_DANE_NOT_ENABLED), "dane not enabled"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE), "dane tlsa bad certificate"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE),
+     "dane tlsa bad certificate"},
     {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE),
      "dane tlsa bad certificate usage"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH), "dane tlsa bad data length"},
+    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH),
+     "dane tlsa bad data length"},
     {ERR_REASON(SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH),
      "dane tlsa bad digest length"},
     {ERR_REASON(SSL_R_DANE_TLSA_BAD_MATCHING_TYPE),
@@ -418,21 +371,14 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
     {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
     {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
-    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
-     "ecc cert not for key agreement"},
     {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
-    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
-     "ecc cert should have rsa signature"},
-    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
-     "ecc cert should have sha1 signature"},
     {ERR_REASON(SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
      "ecdh required for suiteb mode"},
-    {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
-     "ecgroup too large for cipher"},
     {ERR_REASON(SSL_R_EE_KEY_TOO_SMALL), "ee key too small"},
     {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
      "empty srtp protection profile list"},
-    {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
+    {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
+     "encrypted length too long"},
     {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
      "error in received cipher list"},
     {ERR_REASON(SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN),
@@ -442,10 +388,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_FAILED_TO_INIT_ASYNC), "failed to init async"},
     {ERR_REASON(SSL_R_FRAGMENTED_CLIENT_HELLO), "fragmented client hello"},
     {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
-    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
-     "got next proto before a ccs"},
-    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
-     "got next proto without seeing extension"},
     {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
     {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
     {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST), "illegal Suite B digest"},
@@ -460,24 +402,18 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_INVALID_CT_VALIDATION_TYPE),
      "invalid ct validation type"},
     {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME), "invalid null cmd name"},
-    {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
     {ERR_REASON(SSL_R_INVALID_SEQUENCE_NUMBER), "invalid sequence number"},
     {ERR_REASON(SSL_R_INVALID_SERVERINFO_DATA), "invalid serverinfo data"},
     {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
     {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
     {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
      "invalid ticket keys length"},
-    {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
     {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
     {ERR_REASON(SSL_R_LENGTH_TOO_LONG), "length too long"},
     {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
     {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
     {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
-    {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
-    {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
-    {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
     {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_ECDH_CERT), "missing ecdh cert"},
     {ERR_REASON(SSL_R_MISSING_ECDSA_SIGNING_CERT),
      "missing ecdsa signing cert"},
     {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
@@ -487,18 +423,13 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
     {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
     {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
-    {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
-    {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
     {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
     {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
     {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
     {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
     {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
     {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
     {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
-    {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
     {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
     {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
      "Peer haven't sent GOST certificate, required for selected ciphersuite"},
@@ -513,15 +444,14 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "no shared sigature algorithms"},
     {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
     {ERR_REASON(SSL_R_NO_VALID_SCTS), "no valid scts"},
-    {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
-    {ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK), "no verify cookie callback"},
+    {ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK),
+     "no verify cookie callback"},
     {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
     {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
     {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
      "old session cipher not returned"},
     {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
      "old session compression algorithm not returned"},
-    {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG), "opaque prf input too long"},
     {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
     {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
     {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
@@ -530,7 +460,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX), "pem name bad prefix"},
     {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
     {ERR_REASON(SSL_R_PIPELINE_FAILURE), "pipeline failure"},
-    {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
     {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
     {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
     {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
@@ -538,7 +467,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
     {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
     {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
-    {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
     {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
     {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
     {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
@@ -553,7 +481,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
     {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
      "session id context uninitialized"},
-    {ERR_REASON(SSL_R_SET_FAILED), "set failed"},
     {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"},
     {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
      "signature algorithms error"},
@@ -566,15 +493,13 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "srtp protection profile list too long"},
     {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
      "srtp unknown protection profile"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
-     "ssl3 ext invalid ecpointformat"},
     {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
      "ssl3 ext invalid servername"},
     {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
      "ssl3 ext invalid servername type"},
     {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
-    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
-    {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_EMPTY), "ssl command section empty"},
+    {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_EMPTY),
+     "ssl command section empty"},
     {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_NOT_FOUND),
      "ssl command section not found"},
     {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
@@ -594,8 +519,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "ssl session id has bad length"},
     {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH),
      "ssl session version mismatch"},
-    {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
-     "tls client cert req with anon cipher"},
     {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
      "peer does not accept heartbeats"},
     {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
@@ -604,20 +527,10 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
      "tls illegal exporter label"},
     {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
      "tls invalid ecpointformat list"},
-    {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
-     "tls peer did not respond with certificate list"},
-    {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
-     "tls rsa encrypted value length is wrong"},
-    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
-    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
-     "unable to decode ecdh certs"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
-     "unable to find dh parameters"},
     {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
      "unable to find ecdh parameters"},
     {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
      "unable to find public key parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
     {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
      "unable to load ssl3 md5 routines"},
     {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
@@ -632,18 +545,16 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
     {ERR_REASON(SSL_R_UNKNOWN_COMMAND), "unknown command"},
     {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
+    {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
+     "unknown key exchange type"},
     {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
     {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
-    {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
     {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
     {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
     {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
      "unsafe legacy renegotiation disabled"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
     {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
      "unsupported compression algorithm"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
     {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
      "unsupported elliptic curve"},
     {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
@@ -655,7 +566,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
     {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
     {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
     {ERR_REASON(SSL_R_WRONG_CURVE), "wrong curve"},
-    {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
     {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
     {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
     {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
diff --git a/util/find-unused-errs b/util/find-unused-errs
new file mode 100755
index 0000000..d36789e
--- /dev/null
+++ b/util/find-unused-errs
@@ -0,0 +1,31 @@
+#! /bin/bash
+# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Find unused error function-names and reason-codes, and edit them
+# out of the source.  Doesn't handle line-wrapping, might have to do
+# some manual cleanups to fix compile errors.
+
+export X1=/tmp/f.1.$$
+export X2=/tmp/f.2.$$
+
+cd include/openssl || exit 1
+grep '_[RF]_' * | awk '{print $3;}' | sort -u >$X1
+cd ../..
+
+for F in `cat $X1` ; do
+    git grep -l --full-name -F $F >$X2
+    NUM=`wc -l <$X2`
+    test $NUM -gt 2 && continue
+    echo $F
+    for FILE in `cat $X2` ; do
+        grep -v -w $F <$FILE >$FILE.new
+        mv $FILE.new $FILE
+    done
+done
+
+rm $X1 $X2


More information about the openssl-commits mailing list