Remove trailing whitespace.

ok jmc@

22 files changed, 36 insertions, 36 deletions

diff --git a/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod b/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod
index bc5861ab34..9b5ed719b4 100644
--- a/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod
+++ b/src/lib/libssl/src/doc/ssl/BIO_f_ssl.pod
@@ -36,7 +36,7 @@ BIO_ssl_shutdown - SSL BIO
 
 BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which
 is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to
-SSL I/O. 
+SSL I/O.
 
 I/O performed on an SSL BIO communicates using the SSL protocol with
 the SSLs read and write BIOs. If an SSL connection is not established
@@ -63,7 +63,7 @@ BIO_set_ssl_mode() sets the SSL BIO mode to B<client>. If B<client>
 is 1 client mode is set. If B<client> is 0 server mode is set.
 
 BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count
-to B<num>. When set after every B<num> bytes of I/O (read and write) 
+to B<num>. When set after every B<num> bytes of I/O (read and write)
 the SSL session is automatically renegotiated. B<num> must be at
 least 512 bytes.
 
@@ -84,7 +84,7 @@ BIO_new_buffer_ssl_connect() creates a new BIO chain consisting
 of a buffering BIO, an SSL BIO (using B<ctx>) and a connect
 BIO.
 
-BIO_ssl_copy_session_id() copies an SSL session id between 
+BIO_ssl_copy_session_id() copies an SSL session id between
 BIO chains B<from> and B<to>. It does this by locating the
 SSL BIOs in each chain and calling SSL_copy_session_id() on
 the internal SSL pointer.
@@ -187,7 +187,7 @@ unencrypted example in L<BIO_s_connect(3)|BIO_s_connect(3)>.
  /* Could examine ssl here to get connection info */
 
  BIO_puts(sbio, "GET / HTTP/1.0\n\n");
- for(;;) {      
+ for(;;) {
         len = BIO_read(sbio, tmpbuf, 1024);
         if(len <= 0) break;
         BIO_write(out, tmpbuf, len);
@@ -252,9 +252,9 @@ a client and also echoes the request to standard output.
  /* By doing this when a new connection is established
   * we automatically have sbio inserted into it. The
   * BIO chain is now 'swallowed' by the accept BIO and
-  * will be freed when the accept BIO is freed. 
+  * will be freed when the accept BIO is freed.
   */
- 
+
  BIO_set_accept_bios(acpt,sbio);
 
  out = BIO_new_fp(stdout, BIO_NOCLOSE);
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
index fd927f8d7d..03d03ec9d2 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_add_session.pod
@@ -59,7 +59,7 @@ The following values are returned by all functions:
  session was not found in the cache.
 
 =item C<1>
- 
+
  The operation succeeded.
 
 =back
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod
index 148c36c871..833a3af14d 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.pod
@@ -26,7 +26,7 @@ As sessions will not be reused ones they are expired, they should be
 removed from the cache to save resources. This can either be done
  automatically whenever 255 new sessions were established (see
 L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
-or manually by calling SSL_CTX_flush_sessions(). 
+or manually by calling SSL_CTX_flush_sessions().
 
 The parameter B<tm> specifies the time which should be used for the
 expiration test, in most cases the actual time given by time(0)
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
index c0f4f85708..29a4a7c375 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
@@ -26,7 +26,7 @@ SSL_CTX_set_cert_verify_callback(), the supplied callback function is called
 instead. By setting I<callback> to NULL, the default behaviour is restored.
 
 When the verification must be performed, I<callback> will be called with
-the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The 
+the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The
 argument I<arg> is specified by the application when setting I<callback>.
 
 I<callback> should return 1 to indicate verification success and 0 to
@@ -35,7 +35,7 @@ returns 0, the handshake will fail. As the verification procedure may
 allow to continue the connection in case of failure (by always returning 1)
 the verification result must be set in any case using the B<error>
 member of I<x509_store_ctx> so that the calling application will be informed
-about the detailed result of the verification procedure! 
+about the detailed result of the verification procedure!
 
 Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
 function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
index bcf35dc85b..a68fbd09ee 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -9,7 +9,7 @@ client certificate
 =head1 SYNOPSIS
 
  #include <openssl/ssl.h>
- 
+
  void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
  void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
  int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
@@ -42,7 +42,7 @@ This list must explicitly be set using SSL_CTX_set_client_CA_list() for
 B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
 specified overrides the previous setting. The CAs listed do not become
 trusted (B<list> only contains the names, not the complete certificates); use
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
 to additionally load them for verification.
 
 If the list of acceptable CAs is compiled in a file, the
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod
index 8cb669daeb..0191a846a7 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.pod
@@ -66,7 +66,7 @@ return after the handshake and successful completion.
 When we no longer need a read buffer or a write buffer for a given SSL,
 then release the memory we were using to hold it.  Released memory is
 either appended to a list of unused RAM chunks on the SSL_CTX, or simply
-freed if the list of unused chunks would become longer than 
+freed if the list of unused chunks would become longer than
 SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
 save around 34k per idle SSL connection.
 This flag has no effect on SSL v2 connections, or on DTLS connections.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index 935c9cd09b..434b452c57 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -174,7 +174,7 @@ will send its list of preferences to the client and the client chooses.
 
 If we accept a netscape connection, demand a client cert, have a
 non-self-signed CA which does not have its CA in netscape, and the
-browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta 
+browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
 
 =item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod
index c5d2f43dff..4c5d52ba4e 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.pod
@@ -26,7 +26,7 @@ SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX
 object.
 
 In order to reuse a session, a client must send the session's id to the
-server. It can only send exactly one id.  The server then either 
+server. It can only send exactly one id.  The server then either
 agrees to reuse the session or it starts a full handshake (to create a new
 session).
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
index 29d1f8a6fb..974f1e1829 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
@@ -141,7 +141,7 @@ partly left out.)
       dh_tmp = dh_512;
       break;
     case 1024:
-      if (!dh_1024) 
+      if (!dh_1024)
         dh_1024 = get_dh1024();
       dh_tmp = dh_1024;
       break;
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
index 6fd6c03215..177c59f484 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.pod
@@ -221,7 +221,7 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
         preverify_ok = 0;
         err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
         X509_STORE_CTX_set_error(ctx, err);
-    } 
+    }
     if (!preverify_ok) {
         printf("verify error:num=%d:%s:depth=%d:%s\n", err,
                  X509_verify_cert_error_string(err), depth, buf);
@@ -269,7 +269,7 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
   */
  mydata.verify_depth = verify_depth; ...
  SSL_set_ex_data(ssl, mydata_index, &mydata);
-                                             
+
  ...
  SSL_accept(ssl);       /* check of success left out for clarity */
  if (peer = SSL_get_peer_certificate(ssl))
diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod
index 10be95fdb1..a3b2cf1eb5 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.pod
@@ -66,7 +66,7 @@ SSL_use_certificate_file() loads the certificate from B<file> into B<ssl>.
 See the NOTES section on why SSL_CTX_use_certificate_chain_file()
 should be preferred.
 
-SSL_CTX_use_certificate_chain_file() loads a certificate chain from 
+SSL_CTX_use_certificate_chain_file() loads a certificate chain from
 B<file> into B<ctx>. The certificates must be in PEM format and must
 be sorted starting with the subject's certificate (actual client or server
 certificate), followed by intermediate CA certificates if applicable, and
@@ -81,7 +81,7 @@ If a certificate has already been set and the private does not belong
 to the certificate an error is returned. To change a certificate, private
 key pair the new certificate needs to be set with SSL_use_certificate()
 or SSL_CTX_use_certificate() before setting the private key with
-SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey(). 
+SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey().
 
 
 SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B<pk>
@@ -108,7 +108,7 @@ the same check for B<ssl>. If no key/certificate was explicitly added for
 this B<ssl>, the last item added into B<ctx> will be checked.
 
 =head1 NOTES
-  
+
 The internal certificate store of OpenSSL can hold two private key/certificate
 pairs at a time: one key/certificate of type RSA and one key/certificate
 of type DSA. The certificate used depends on the cipher select, see
@@ -116,7 +116,7 @@ also L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>.
 
 When reading certificates and private keys from file, files of type
 SSL_FILETYPE_ASN1 (also known as B<DER>, binary encoding) can only contain
-one certificate or private key, consequently 
+one certificate or private key, consequently
 SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting.
 Files of type SSL_FILETYPE_PEM can contain more than one item.
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod b/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod
index 490337a32f..450a0127b9 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.pod
@@ -52,7 +52,7 @@ valid values.
 
 SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.
 
-If any of the function is passed the NULL pointer for the session B<s>, 
+If any of the function is passed the NULL pointer for the session B<s>,
 0 is returned.
 
 =head1 SEE ALSO
diff --git a/src/lib/libssl/src/doc/ssl/SSL_accept.pod b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
index 288203f8af..42a539d354 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_accept.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_accept.pod
@@ -18,7 +18,7 @@ B<ssl> by setting an underlying B<BIO>.
 
 =head1 NOTES
 
-The behaviour of SSL_accept() depends on the underlying BIO. 
+The behaviour of SSL_accept() depends on the underlying BIO.
 
 If the underlying BIO is B<blocking>, SSL_accept() will only return once the
 handshake has been finished or an error occurred, except for SGC (Server
diff --git a/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod b/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod
index 0329c34869..8e071e6119 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_alert_type_string.pod
@@ -217,7 +217,7 @@ point. This message is always a warning.
 =item "UP"/"unknown PSK identity"
 
 Sent by the server to indicate that it does not recognize a PSK
-identity or an SRP identity. 
+identity or an SRP identity.
 
 =item "UK"/"unknown"
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_connect.pod b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
index 0087f6b3e1..5b21119a91 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_connect.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_connect.pod
@@ -18,7 +18,7 @@ underlying B<BIO>.
 
 =head1 NOTES
 
-The behaviour of SSL_connect() depends on the underlying BIO. 
+The behaviour of SSL_connect() depends on the underlying BIO.
 
 If the underlying BIO is B<blocking>, SSL_connect() will only return once the
 handshake has been finished or an error occurred.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod b/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod
index 68181b2407..8b5ac0df2c 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.pod
@@ -9,7 +9,7 @@ SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
  #include <openssl/ssl.h>
 
  STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
- STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); 
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
 
 =head1 DESCRIPTION
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod b/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod
index e5ab12491e..2f69109a7a 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_get_current_cipher.pod
@@ -27,7 +27,7 @@ the B<ssl> object.
 
 SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the
 name of the currently used cipher. SSL_get_cipher_bits() is a
-macro to obtain the number of secret/algorithm bits used and 
+macro to obtain the number of secret/algorithm bits used and
 SSL_get_cipher_version() returns the protocol name.
 See L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> for more details.
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_library_init.pod b/src/lib/libssl/src/doc/ssl/SSL_library_init.pod
index 8766776fea..4767c0ba8b 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_library_init.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_library_init.pod
@@ -23,7 +23,7 @@ for SSL_library_init().
 =head1 NOTES
 
 SSL_library_init() must be called before any other action takes place.
-SSL_library_init() is not reentrant. 
+SSL_library_init() is not reentrant.
 
 =head1 WARNING
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod b/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod
index 02527dc2ed..5aa2b73447 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.pod
@@ -30,7 +30,7 @@ Load names of CAs from file and use it as a client CA list:
  SSL_CTX *ctx;
  STACK_OF(X509_NAME) *cert_names;
 
- ... 
+ ...
  cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
  if (cert_names != NULL)
    SSL_CTX_set_client_CA_list(ctx, cert_names);
diff --git a/src/lib/libssl/src/doc/ssl/SSL_read.pod b/src/lib/libssl/src/doc/ssl/SSL_read.pod
index 5f03ec3559..57dfbdfc28 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_read.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_read.pod
@@ -22,7 +22,7 @@ not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
 L<SSL_accept(3)|SSL_accept(3)>. If the
 peer requests a re-negotiation, it will be performed transparently during
 the SSL_read() operation. The behaviour of SSL_read() depends on the
-underlying BIO. 
+underlying BIO.
 
 For the transparent negotiation to succeed, the B<ssl> must have been
 initialized to client or server mode. This is being done by calling
@@ -47,7 +47,7 @@ record is complete and SSL_read() can succeed.
 
 If the underlying BIO is B<blocking>, SSL_read() will only return, once the
 read operation has been finished or an error occurred, except when a
-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
+renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
 This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
 L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
 
diff --git a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
index d86ac7cb13..50f47c20d7 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_shutdown.pod
@@ -12,7 +12,7 @@ SSL_shutdown - shut down a TLS/SSL connection
 
 =head1 DESCRIPTION
 
-SSL_shutdown() shuts down an active TLS/SSL connection. It sends the 
+SSL_shutdown() shuts down an active TLS/SSL connection. It sends the
 "close notify" shutdown alert to the peer.
 
 =head1 NOTES
@@ -64,7 +64,7 @@ complete (return value of the first call is 0). As the shutdown is not
 specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
 the first call.
 
-The behaviour of SSL_shutdown() additionally depends on the underlying BIO. 
+The behaviour of SSL_shutdown() additionally depends on the underlying BIO.
 
 If the underlying BIO is B<blocking>, SSL_shutdown() will only return once the
 handshake step has been finished or an error occurred.
diff --git a/src/lib/libssl/src/doc/ssl/SSL_write.pod b/src/lib/libssl/src/doc/ssl/SSL_write.pod
index b0f73ae520..f248f7d740 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_write.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_write.pod
@@ -22,7 +22,7 @@ not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
 L<SSL_accept(3)|SSL_accept(3)>. If the
 peer requests a re-negotiation, it will be performed transparently during
 the SSL_write() operation. The behaviour of SSL_write() depends on the
-underlying BIO. 
+underlying BIO.
 
 For the transparent negotiation to succeed, the B<ssl> must have been
 initialized to client or server mode. This is being done by calling
@@ -31,7 +31,7 @@ before the first call to an L<SSL_read(3)|SSL_read(3)> or SSL_write() function.
 
 If the underlying BIO is B<blocking>, SSL_write() will only return, once the
 write operation has been finished or an error occurred, except when a
-renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
+renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur.
 This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
 L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.