From 4350a6bd427f52d38f32b19f1c4b38a3afe62941 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Thu, 16 Apr 2020 10:17:07 +1000
Subject: [PATCH] doc: note that the FIPS provider contains some non-approved
 algorithms.

Also note how to select them.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11371)
---
 doc/man7/provider.pod | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/man7/provider.pod b/doc/man7/provider.pod
index de8e2499d9..fcb9fa1122 100644
--- a/doc/man7/provider.pod
+++ b/doc/man7/provider.pod
@@ -274,9 +274,10 @@ be loaded explicitly, either in code or through OpenSSL configuration
 (see L<config(5)>).
 Should it be needed (if other providers are loaded and offer
 implementations of the same algorithms), the property "provider=fips" can
-be used as a search criterion for these implementations. All algorithm
+be used as a search criterion for these implementations. All approved algorithm
 implementations in the FIPS provider can also be selected with the property
-"fips=yes".
+"fips=yes". The FIPS provider also contains a number of non-approved algorithm
+implementations and these can be selected with the property "fips=no".
 
 =head2 Legacy provider
 
-- 
2.25.1