Update changelog

pushed encode.c change upstream
prefer limits.h over sys/limits.h
2016-05-30 09:08:29 -05:00 · 2016-05-03 09:25:59 -05:00 · 2016-05-03 02:13:13 -05:00 · 2016-05-02 22:51:07 -05:00 · 2016-05-02 22:47:45 -05:00 · 2016-05-02 22:12:53 -05:00
37 changed files with 259 additions and 816 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -58,7 +58,6 @@ tests/gost2814789t*
 tests/mont*
 tests/rfc5280time*
 tests/timingsafe*
 tests/tls_ext_alpn*
 tests/*test
 tests/tests.h
 tests/*test.c
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,10 +1,9 @@
-cmake_minimum_required (VERSION 2.8.8)
+cmake_minimum_required (VERSION 2.8)
 include(CheckFunctionExists)
 include(CheckLibraryExists)
 include(CheckIncludeFiles)
 include(CheckTypeSize)
-project (LibreSSL C)
+project (LibreSSL)
 enable_testing()
@@ -23,17 +22,6 @@ string(STRIP ${TLS_VERSION} TLS_VERSION)
 string(REPLACE ":" "." TLS_VERSION ${TLS_VERSION})
 string(REGEX REPLACE "\\..*" "" TLS_MAJOR_VERSION ${TLS_VERSION})
 option(ENABLE_ASM "Enable assembly" ON)
 option(ENABLE_EXTRATESTS "Enable extra tests that may be unreliable on some platforms" OFF)
 option(ENABLE_NC "Enable installing TLS-enabled nc(1)" OFF)
 set(OPENSSLDIR ${OPENSSLDIR} CACHE PATH "Set the default openssl directory" FORCE)
 set(BUILD_NC true)
 if(CMAKE_SYSTEM_NAME MATCHES "Darwin")
 	add_definitions(-fno-common)
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "OpenBSD")
 	add_definitions(-DHAVE_ATTRIBUTE__BOUNDED__)
 endif()
@@ -45,34 +33,9 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
 	add_definitions(-D_GNU_SOURCE)
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "MINGW")
 	set(BUILD_NC false)
 endif()
 if(WIN32)
 	set(BUILD_NC false)
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "HP-UX")
 	if(CMAKE_C_COMPILER MATCHES "gcc")
 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing")
 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mlp64")
 	else()
 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -O2 +DD64 +Otype_safety=off")
 	endif()
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT")
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "SunOS")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -std=gnu99 -fno-strict-aliasing")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D__EXTENSIONS__")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_XOPEN_SOURCE=600")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBSD_COMP")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fpic -m64")
 endif()
 add_definitions(-DLIBRESSL_INTERNAL)
 add_definitions(-DOPENSSL_NO_HW_PADLOCK)
 add_definitions(-DOPENSSL_NO_ASM)
 set(CMAKE_POSITION_INDEPENDENT_CODE true)
@@ -80,17 +43,14 @@ if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_C_COMPILER_ID MATCHES "Clang")
 	add_definitions(-Wno-pointer-sign)
 endif()
-if(WIN32)
+if(MSVC)
 	add_definitions(-Dinline=__inline)
 	add_definitions(-Drestrict)
 	add_definitions(-D_CRT_SECURE_NO_WARNINGS)
 	add_definitions(-D_CRT_DEPRECATED_NO_WARNINGS)
 	add_definitions(-D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS)
 	add_definitions(-DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0501)
 	add_definitions(-DCPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG -DNO_CRYPT)
 endif()
 if(MSVC)
 	add_definitions(-Dinline=__inline)
 	set(MSVC_DISABLED_WARNINGS_LIST
 		"C4057" # C4057: 'initializing' : 'unsigned char *' differs in
@@ -146,8 +106,8 @@ if(HAVE_STRNDUP)
 	add_definitions(-DHAVE_STRNDUP)
 endif()
-if(WIN32)
+if(MSVC)
-	set(HAVE_STRNLEN true)
+	set(HAVE_STRNLEN)
 	add_definitions(-DHAVE_STRNLEN)
 else()
 	check_function_exists(strnlen HAVE_STRNLEN)
@@ -171,11 +131,6 @@ if(HAVE_ARC4RANDOM_BUF)
 	add_definitions(-DHAVE_ARC4RANDOM_BUF)
 endif()
 check_function_exists(arc4random_uniform HAVE_ARC4RANDOM_UNIFORM)
 if(HAVE_ARC4RANDOM_UNIFORM)
 	add_definitions(-DHAVE_ARC4RANDOM_UNIFORM)
 endif()
 check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO)
 if(HAVE_EXPLICIT_BZERO)
 	add_definitions(-DHAVE_EXPLICIT_BZERO)
@@ -201,28 +156,11 @@ if(HAVE_MEMCMP)
 	add_definitions(-DHAVE_MEMCMP)
 endif()
 check_function_exists(memmem HAVE_MEMMEM)
 if(HAVE_MEMMEM)
 	add_definitions(-DHAVE_MEMMEM)
 endif()
 check_include_files(err.h HAVE_ERR_H)
 if(HAVE_ERR_H)
 	add_definitions(-DHAVE_ERR_H)
 endif()
 if(ENABLE_ASM)
 	if("${CMAKE_C_COMPILER_ABI}" STREQUAL "ELF")
 		if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "(x86_64|amd64)")
 			set(HOST_ASM_ELF_X86_64 true)
 		elseif(CMAKE_SYSTEM_NAME STREQUAL "SunOS" AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "i386")
 			set(HOST_ASM_ELF_X86_64 true)
 		endif()
 	elseif(APPLE AND "${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "x86_64")
 		set(HOST_ASM_MACOSX_X86_64 true)
 	endif()
 endif()
 set(OPENSSL_LIBS ssl crypto)
 if(CMAKE_HOST_WIN32)
 	set(OPENSSL_LIBS ${OPENSSL_LIBS} ws2_32)
@@ -233,25 +171,11 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
 		set(OPENSSL_LIBS ${OPENSSL_LIBS} rt)
 	endif()
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "HP-UX")
 	set(OPENSSL_LIBS ${OPENSSL_LIBS} pthread)
 endif()
 if(CMAKE_SYSTEM_NAME MATCHES "SunOS")
 	set(OPENSSL_LIBS ${OPENSSL_LIBS} nsl socket)
 endif()
-if(NOT (CMAKE_SYSTEM_NAME MATCHES "(Darwin|CYGWIN)"))
+if(NOT (CMAKE_SYSTEM_NAME MATCHES "Darwin" OR MSVC))
 	set(BUILD_SHARED true)
 endif()
 check_type_size(time_t SIZEOF_TIME_T)
 if(SIZEOF_TIME_T STREQUAL "4")
 	set(SMALL_TIME_T true)
 	message(WARNING " ** Warning, this system is unable to represent times past 2038\n"
 	                " ** It will behave incorrectly when handling valid RFC5280 dates")
 endif()
 add_definitions(-DSIZEOF_TIME_T=${SIZEOF_TIME_T})
 add_subdirectory(crypto)
 add_subdirectory(ssl)
 add_subdirectory(apps)
@@ -261,11 +185,3 @@ if(NOT MSVC)
 	add_subdirectory(man)
 	add_subdirectory(tests)
 endif()
 configure_file(
 	"${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in"
 	"${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake"
 	IMMEDIATE @ONLY)
 add_custom_target(uninstall
 	COMMAND ${CMAKE_COMMAND} -P ${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake)
--- a/140
+++ b/140
@@ -28,146 +28,6 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
 2.5.0 - New APIs, bug fixes and improvements
 	* libtls now supports ALPN and SNI
 	* libtls adds a new callback interface for integrating custom IO
 	  functions. Thanks to Tobias Pape.
 	* libtls now handles 4 cipher suite groups:
 	    "secure" (TLSv1.2+AEAD+PFS)
 	    "compat" (HIGH:!aNULL)
 	    "legacy" (HIGH:MEDIUM:!aNULL)
 	    "insecure" (ALL:!aNULL:!eNULL)
 	    This allows for flexibility and finer grained control, rather than
 	    having two extremes (an issue raised by Marko Kreen some time ago).
 	* Tightened error handling for tls_config_set_ciphers().
 	* libtls now always loads CA, key and certificate files at the time the
 	  configuration function is called. This simplifies code and results in
 	  a single memory based code path being used to provide data to libssl.
 	* Add support for OCSP intermediate certificates.
 	* Added functions used by stunnel and exim from BoringSSL - this
 	  brings in X509_check_host, X509_check_email, X509_check_ip, and
 	  X509_check_ip_asc.
 	* Added initial support for iOS, thanks to Jacob Berkman.
 	* Improved behavior of arc4random on Windows when using memory leak
 	  analysis software.
 	* Correctly handle an EOF that occurs prior to the TLS handshake
 	  completing. Reported by Vasily Kolobkov, based on a diff from Marko
 	  Kreen.
 	* Limit the support of the "backward compatible" ssl2 handshake to
 	  only be used if TLS 1.0 is enabled.
 	* Fix incorrect results in certain cases on 64-bit systems when
 	  BN_mod_word() can return incorrect results. BN_mod_word() now can
 	  return an error condition. Thanks to Brian Smith.
 	* Added constant-time updates to address CVE-2016-0702
 	* Fixed undefined behavior in BN_GF2m_mod_arr()
 	* Removed unused Cryptographic Message Support (CMS)
 	* More conversions of long long idioms to time_t
 	* Improved compatibility by avoiding printing NULL strings with
 	  printf.
 	* Reverted change that cleans up the EVP cipher context in
 	  EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the
 	  previous behaviour.
 	* Avoid unbounded memory growth in libssl, which can be triggered by a
 	  TLS client repeatedly renegotiating and sending OCSP Status Request
 	  TLS extensions.
 	* Avoid falling back to a weak digest for (EC)DH when using SNI with
 	  libssl.
 2.4.2 - Bug fixes and improvements
 	* Fixed loading default certificate locations with openssl s_client.
 	* Ensured OSCP only uses and compares GENERALIZEDTIME values as per
 	  RFC6960. Also added fixes for OCSP to work with intermediate
 	  certificates provided in responses.
 	* Improved behavior of arc4random on Windows to not appear to leak
 	  memory in debug tools, reduced privileges of allocated memory.
 	* Fixed incorrect results from BN_mod_word() when the modulus is too
 	  large, thanks to Brian Smith from BoringSSL.
 	* Correctly handle an EOF prior to completing the TLS handshake in
 	  libtls.
 	* Improved libtls ceritificate loading and cipher string validation.
 	* Updated libtls cipher group suites into four categories:
 	    "secure"   (TLSv1.2+AEAD+PFS)
 	    "compat"   (HIGH:!aNULL)
 	    "legacy"   (HIGH:MEDIUM:!aNULL)
 	    "insecure" (ALL:!aNULL:!eNULL)
 	  This allows for flexibility and finer grained control, rather than
 	  having two extremes.
 	* Limited support for 'backward compatible' SSLv2 handshake packets to
 	  when TLS 1.0 is enabled, providing more restricted compatibility
 	  with TLS 1.0 clients.
 	* openssl(1) and other documentation improvements.
 	* Removed flags for disabling constant-time operations.
 	  This removes support for DSA_FLAG_NO_EXP_CONSTTIME,
 	  DH_FLAG_NO_EXP_CONSTTIME, and RSA_FLAG_NO_CONSTTIME flags, making
 	  all of these operations unconditionally constant-time.
 2.4.1 - Security fix
 	* Correct a problem that prevents the DSA signing algorithm from
 	  running in constant time even if the flag BN_FLG_CONSTTIME is set.
 	  This issue was reported by Cesar Pereida (Aalto University), Billy
 	  Brumley (Tampere University of Technology), and Yuval Yarom (The
 	  University of Adelaide and NICTA). The fix was developed by Cesar
 	  Pereida.
 2.4.0 - Build improvements, new features
 	* Many improvements to the CMake build infrastructure, including
 	  Solaris, mingw-w64, Cygwin, and HP-UX support. Thanks to Kinichiro
 	  Inoguchi for this work.
 	* Added missing error handling around bn_wexpand() calls.
 	* Added explicit_bzero calls for freed ASN.1 objects.
 	* Fixed X509_*set_object functions to return 0 on allocation failure.
 	* Implemented the IETF ChaCha20-Poly1305 cipher suites.
 	* Changed default EVP_aead_chacha20_poly1305() implementation to the
 	  IETF version, which is now the default.
 	* Fixed password prompts from openssl(1) to properly handle ^C.
 	* Reworked error handling in libtls so that configuration errors are
 	  visible.
 	* Deprecated internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.
 	* Manpage fixes and updates
 2.3.5 - Reliability fix
 	* Fixed an error in libcrypto when parsing some ASN.1 elements > 16k.
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@ pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcrypto.pc libssl.pc libtls.pc openssl.pc
 EXTRA_DIST = README.md README.windows VERSION config scripts
-EXTRA_DIST += CMakeLists.txt cmake_uninstall.cmake.in
+EXTRA_DIST += CMakeLists.txt
 .PHONY: install_sw
 install_sw: install
--- a/2
+++ b/2
@@ -1 +1 @@
-master
+OPENBSD_5_9
--- a/README.md
+++ b/README.md
@@ -30,7 +30,7 @@ At the time of this writing, LibreSSL is know to build and work on:
 * Linux (kernel 3.17 or later recommended)
 * FreeBSD (tested with 9.2 and later)
-* NetBSD (7.0 or later recommended)
+* NetBSD (tested with 6.1.5)
 * HP-UX (11i)
 * Solaris (11 and later preferred)
 * Mac OS X (tested with 10.8 and later)
--- a/apps/CMakeLists.txt
+++ b/apps/CMakeLists.txt
@@ -1,2 +1,80 @@
-add_subdirectory(openssl)
+include_directories(
-add_subdirectory(nc)
+	.
 	../include
 	../include/compat
 )
 set(
 	OPENSSL_SRC
 	openssl/apps.c
 	openssl/asn1pars.c
 	openssl/ca.c
 	openssl/ciphers.c
 	openssl/cms.c
 	openssl/crl.c
 	openssl/crl2p7.c
 	openssl/dgst.c
 	openssl/dh.c
 	openssl/dhparam.c
 	openssl/dsa.c
 	openssl/dsaparam.c
 	openssl/ec.c
 	openssl/ecparam.c
 	openssl/enc.c
 	openssl/errstr.c
 	openssl/gendh.c
 	openssl/gendsa.c
 	openssl/genpkey.c
 	openssl/genrsa.c
 	openssl/nseq.c
 	openssl/ocsp.c
 	openssl/openssl.c
 	openssl/passwd.c
 	openssl/pkcs12.c
 	openssl/pkcs7.c
 	openssl/pkcs8.c
 	openssl/pkey.c
 	openssl/pkeyparam.c
 	openssl/pkeyutl.c
 	openssl/prime.c
 	openssl/rand.c
 	openssl/req.c
 	openssl/rsa.c
 	openssl/rsautl.c
 	openssl/s_cb.c
 	openssl/s_client.c
 	openssl/s_server.c
 	openssl/s_socket.c
 	openssl/s_time.c
 	openssl/sess_id.c
 	openssl/smime.c
 	openssl/speed.c
 	openssl/spkac.c
 	openssl/ts.c
 	openssl/verify.c
 	openssl/version.c
 	openssl/x509.c
 )
 if(CMAKE_HOST_UNIX)
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/apps_posix.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/certhash.c)
 endif()
 if(CMAKE_HOST_WIN32)
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/apps_win.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/certhash_win.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/compat/poll_win.c)
 endif()
 check_function_exists(strtonum HAVE_STRTONUM)
 if(HAVE_STRTONUM)
 	add_definitions(-DHAVE_STRTONUM)
 else()
 	set(OPENSSL_SRC ${OPENSSL_SRC} openssl/compat/strtonum.c)
 endif()
 add_executable(openssl ${OPENSSL_SRC})
 target_link_libraries(openssl ${OPENSSL_LIBS})
 install(TARGETS openssl DESTINATION bin)
--- a/apps/nc/CMakeLists.txt
+++ b/apps/nc/CMakeLists.txt
@@ -1,60 +0,0 @@
 if(BUILD_NC)
 include_directories(
 	.
 	./compat
 	../../include
 	../../include/compat
 )
 set(
 	NC_SRC
 	atomicio.c
 	netcat.c
 	socks.c
 	compat/socket.c
 )
 check_function_exists(b64_ntop HAVE_B64_NTOP)
 if(HAVE_B64_NTOP)
 	add_definitions(-DHAVE_B64_NTOP)
 else()
 	set(NC_SRC ${NC_SRC} compat/base64.c)
 endif()
 check_function_exists(accept4 HAVE_ACCEPT4)
 if(HAVE_ACCEPT4)
 	add_definitions(-DHAVE_ACCEPT4)
 else()
 	set(NC_SRC ${NC_SRC} compat/accept4.c)
 endif()
 check_function_exists(readpassphrase HAVE_READPASSPHRASE)
 if(HAVE_READPASSPHRASE)
 	add_definitions(-DHAVE_READPASSPHRASE)
 else()
 	set(NC_SRC ${NC_SRC} compat/readpassphrase.c)
 endif()
 check_function_exists(strtonum HAVE_STRTONUM)
 if(HAVE_STRTONUM)
 	add_definitions(-DHAVE_STRTONUM)
 else()
 	set(NC_SRC ${NC_SRC} compat/strtonum.c)
 endif()
 if(NOT "${OPENSSLDIR}" STREQUAL "")
 	add_definitions(-DDEFAULT_CA_FILE=\"${OPENSSLDIR}/cert.pem\")
 else()
 	add_definitions(-DDEFAULT_CA_FILE=\"${CMAKE_INSTALL_PREFIX}/etc/ssl/cert.pem\")
 endif()
 add_executable(nc ${NC_SRC})
 target_link_libraries(nc tls ${OPENSSL_LIBS})
 if(ENABLE_NC)
 	install(TARGETS nc DESTINATION bin)
 	install(FILES nc.1 DESTINATION share/man/man1)
 endif()
 endif()
--- a/apps/nc/Makefile.am
+++ b/apps/nc/Makefile.am
@@ -9,7 +9,6 @@ noinst_PROGRAMS = nc
 endif
 EXTRA_DIST = nc.1
 EXTRA_DIST += CMakeLists.txt
 nc_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
 nc_LDADD += $(abs_top_builddir)/crypto/libcrypto.la
@@ -17,6 +16,11 @@ nc_LDADD += $(abs_top_builddir)/ssl/libssl.la
 nc_LDADD += $(abs_top_builddir)/tls/libtls.la
 AM_CPPFLAGS += -I$(top_srcdir)/apps/nc/compat
 if OPENSSLDIR_DEFINED
 AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"@OPENSSLDIR@/cert.pem\"
 else
 AM_CPPFLAGS += -DDEFAULT_CA_FILE=\"$(sysconfdir)/ssl/cert.pem\"
 endif
 nc_SOURCES = atomicio.c
 nc_SOURCES += netcat.c
--- a/apps/openssl/CMakeLists.txt
+++ b/apps/openssl/CMakeLists.txt
@@ -1,88 +0,0 @@
 include_directories(
 	.
 	../../include
 	../../include/compat
 )
 set(
 	OPENSSL_SRC
 	apps.c
 	asn1pars.c
 	ca.c
 	ciphers.c
 	crl.c
 	crl2p7.c
 	dgst.c
 	dh.c
 	dhparam.c
 	dsa.c
 	dsaparam.c
 	ec.c
 	ecparam.c
 	enc.c
 	errstr.c
 	gendh.c
 	gendsa.c
 	genpkey.c
 	genrsa.c
 	nseq.c
 	ocsp.c
 	openssl.c
 	passwd.c
 	pkcs12.c
 	pkcs7.c
 	pkcs8.c
 	pkey.c
 	pkeyparam.c
 	pkeyutl.c
 	prime.c
 	rand.c
 	req.c
 	rsa.c
 	rsautl.c
 	s_cb.c
 	s_client.c
 	s_server.c
 	s_socket.c
 	s_time.c
 	sess_id.c
 	smime.c
 	speed.c
 	spkac.c
 	ts.c
 	verify.c
 	version.c
 	x509.c
 )
 if(CMAKE_HOST_UNIX)
 	set(OPENSSL_SRC ${OPENSSL_SRC} apps_posix.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} certhash.c)
 endif()
 if(CMAKE_HOST_WIN32)
 	set(OPENSSL_SRC ${OPENSSL_SRC} apps_win.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} certhash_win.c)
 	set(OPENSSL_SRC ${OPENSSL_SRC} compat/poll_win.c)
 endif()
 check_function_exists(strtonum HAVE_STRTONUM)
 if(HAVE_STRTONUM)
 	add_definitions(-DHAVE_STRTONUM)
 else()
 	set(OPENSSL_SRC ${OPENSSL_SRC} compat/strtonum.c)
 endif()
 add_executable(openssl ${OPENSSL_SRC})
 target_link_libraries(openssl ${OPENSSL_LIBS})
 install(TARGETS openssl DESTINATION bin)
 install(FILES openssl.1 DESTINATION share/man/man1)
 if(NOT "${OPENSSLDIR}" STREQUAL "")
 	set(CONF_DIR "${OPENSSLDIR}")
 else()
 	set(CONF_DIR "${CMAKE_INSTALL_PREFIX}/etc/ssl")
 endif()
 install(FILES cert.pem openssl.cnf x509v3.cnf DESTINATION ${CONF_DIR})
 install(DIRECTORY DESTINATION ${CONF_DIR}/cert)
--- a/apps/openssl/Makefile.am
+++ b/apps/openssl/Makefile.am
@@ -12,6 +12,7 @@ openssl_SOURCES = apps.c
 openssl_SOURCES += asn1pars.c
 openssl_SOURCES += ca.c
 openssl_SOURCES += ciphers.c
 openssl_SOURCES += cms.c
 openssl_SOURCES += crl.c
 openssl_SOURCES += crl2p7.c
 openssl_SOURCES += dgst.c
@@ -88,7 +89,6 @@ noinst_HEADERS += timeouts.h
 EXTRA_DIST = cert.pem
 EXTRA_DIST += openssl.cnf
 EXTRA_DIST += x509v3.cnf
 EXTRA_DIST += CMakeLists.txt
 install-exec-hook:
 	@if [ "@OPENSSLDIR@x" != "x" ]; then \
--- a/cmake_uninstall.cmake.in
+++ b/cmake_uninstall.cmake.in
@@ -1,21 +0,0 @@
 if(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
 	message(FATAL_ERROR "Cannot find install manifest: @CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
 endif(NOT EXISTS "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt")
 file(READ "@CMAKE_CURRENT_BINARY_DIR@/install_manifest.txt" files)
 string(REGEX REPLACE "\n" ";" files "${files}")
 foreach(file ${files})
 	message(STATUS "Uninstalling $ENV{DESTDIR}${file}")
 	if(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
 		exec_program(
 			"@CMAKE_COMMAND@" ARGS "-E remove \"$ENV{DESTDIR}${file}\""
 			OUTPUT_VARIABLE rm_out
 			RETURN_VALUE rm_retval
 			)
 		if(NOT "${rm_retval}" STREQUAL 0)
 			message(FATAL_ERROR "Problem when removing $ENV{DESTDIR}${file}")
 		endif(NOT "${rm_retval}" STREQUAL 0)
 	else(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
 		message(STATUS "File $ENV{DESTDIR}${file} does not exist.")
 	endif(IS_SYMLINK "$ENV{DESTDIR}${file}" OR EXISTS "$ENV{DESTDIR}${file}")
 endforeach(file)
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -8,94 +8,9 @@ include_directories(
 	modes
 )
-if(HOST_ASM_ELF_X86_64)
+set(
 	set(
 		ASM_X86_64_ELF_SRC
 		aes/aes-elf-x86_64.s
 		aes/bsaes-elf-x86_64.s
 		aes/vpaes-elf-x86_64.s
 		aes/aesni-elf-x86_64.s
 		aes/aesni-sha1-elf-x86_64.s
 		bn/modexp512-elf-x86_64.s
 		bn/mont-elf-x86_64.s
 		bn/mont5-elf-x86_64.s
 		bn/gf2m-elf-x86_64.s
 		camellia/cmll-elf-x86_64.s
 		md5/md5-elf-x86_64.s
 		modes/ghash-elf-x86_64.s
 		rc4/rc4-elf-x86_64.s
 		rc4/rc4-md5-elf-x86_64.s
 		sha/sha1-elf-x86_64.s
 		sha/sha256-elf-x86_64.S
 		sha/sha512-elf-x86_64.S
 		whrlpool/wp-elf-x86_64.s
 		cpuid-elf-x86_64.S
 	)
 	add_definitions(-DAES_ASM)
 	add_definitions(-DBSAES_ASM)
 	add_definitions(-DVPAES_ASM)
 	add_definitions(-DOPENSSL_IA32_SSE2)
 	add_definitions(-DOPENSSL_BN_ASM_MONT)
 	add_definitions(-DOPENSSL_BN_ASM_MONT5)
 	add_definitions(-DOPENSSL_BN_ASM_GF2m)
 	add_definitions(-DMD5_ASM)
 	add_definitions(-DGHASH_ASM)
 	add_definitions(-DRSA_ASM)
 	add_definitions(-DSHA1_ASM)
 	add_definitions(-DSHA256_ASM)
 	add_definitions(-DSHA512_ASM)
 	add_definitions(-DWHIRLPOOL_ASM)
 	add_definitions(-DOPENSSL_CPUID_OBJ)
 	set(CRYPTO_SRC ${CRYPTO_SRC} ${ASM_X86_64_ELF_SRC})
 	set_property(SOURCE ${ASM_X86_64_ELF_SRC} PROPERTY LANGUAGE C)
 endif()
 if(HOST_ASM_MACOSX_X86_64)
 	set(
 		ASM_X86_64_MACOSX_SRC
 		aes/aes-macosx-x86_64.s
 		aes/bsaes-macosx-x86_64.s
 		aes/vpaes-macosx-x86_64.s
 		aes/aesni-macosx-x86_64.s
 		aes/aesni-sha1-macosx-x86_64.s
 		bn/modexp512-macosx-x86_64.s
 		bn/mont-macosx-x86_64.s
 		bn/mont5-macosx-x86_64.s
 		bn/gf2m-macosx-x86_64.s
 		camellia/cmll-macosx-x86_64.s
 		md5/md5-macosx-x86_64.s
 		modes/ghash-macosx-x86_64.s
 		rc4/rc4-macosx-x86_64.s
 		rc4/rc4-md5-macosx-x86_64.s
 		sha/sha1-macosx-x86_64.s
 		sha/sha256-macosx-x86_64.S
 		sha/sha512-macosx-x86_64.S
 		whrlpool/wp-macosx-x86_64.s
 		cpuid-macosx-x86_64.S
 	)
 	add_definitions(-DAES_ASM)
 	add_definitions(-DBSAES_ASM)
 	add_definitions(-DVPAES_ASM)
 	add_definitions(-DOPENSSL_IA32_SSE2)
 	add_definitions(-DOPENSSL_BN_ASM_MONT)
 	add_definitions(-DOPENSSL_BN_ASM_MONT5)
 	add_definitions(-DOPENSSL_BN_ASM_GF2m)
 	add_definitions(-DMD5_ASM)
 	add_definitions(-DGHASH_ASM)
 	add_definitions(-DRSA_ASM)
 	add_definitions(-DSHA1_ASM)
 	add_definitions(-DSHA256_ASM)
 	add_definitions(-DSHA512_ASM)
 	add_definitions(-DWHIRLPOOL_ASM)
 	add_definitions(-DOPENSSL_CPUID_OBJ)
 	set(CRYPTO_SRC ${CRYPTO_SRC} ${ASM_X86_64_MACOSX_SRC})
 	set_property(SOURCE ${ASM_X86_64_MACOSX_SRC} PROPERTY LANGUAGE C)
 endif()
 if((NOT HOST_ASM_ELF_X86_64) AND (NOT HOST_ASM_MACOSX_X86_64))
 	set(
 	CRYPTO_SRC
-		${CRYPTO_SRC}
+
 	aes/aes_cbc.c
 	aes/aes_core.c
 	camellia/camellia.c
@@ -103,12 +18,6 @@ if((NOT HOST_ASM_ELF_X86_64) AND (NOT HOST_ASM_MACOSX_X86_64))
 	rc4/rc4_enc.c
 	rc4/rc4_skey.c
 	whrlpool/wp_block.c
 	)
 endif()
 set(
 	CRYPTO_SRC
 	${CRYPTO_SRC}
 	cpt_err.c
 	cryptlib.c
 	cversion.c
@@ -708,24 +617,18 @@ if(NOT HAVE_ARC4RANDOM_BUF)
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_aix.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "FreeBSD")
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_freebsd.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "HP-UX")
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_hpux.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "Linux")
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_linux.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "NetBSD")
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_netbsd.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "Darwin")
-			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_osx.c)
+			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_darwin.c)
 		elseif(CMAKE_SYSTEM_NAME MATCHES "SunOS")
 			set(CRYPTO_SRC ${CRYPTO_SRC} compat/getentropy_solaris.c)
 		endif()
 	endif()
 endif()
 if(NOT HAVE_ARC4RANDOM_UNIFORM)
 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/arc4random_uniform.c)
 endif()
 if(NOT HAVE_TIMINGSAFE_BCMP)
 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_bcmp.c)
 endif()
@@ -734,30 +637,11 @@ if(NOT HAVE_TIMINGSAFE_MEMCMP)
 	set(CRYPTO_SRC ${CRYPTO_SRC} compat/timingsafe_memcmp.c)
 endif()
 if(NOT ENABLE_ASM)
 	add_definitions(-DOPENSSL_NO_ASM)
 else()
 	if(CMAKE_HOST_WIN32)
 		add_definitions(-DOPENSSL_NO_ASM)
 	endif()
 endif()
 if(NOT "${OPENSSLDIR}" STREQUAL "")
 	add_definitions(-DOPENSSLDIR=\"${OPENSSLDIR}\")
 else()
 	add_definitions(-DOPENSSLDIR=\"${CMAKE_INSTALL_PREFIX}/etc/ssl\")
 endif()
 if (BUILD_SHARED)
 	add_library(crypto-objects OBJECT ${CRYPTO_SRC})
 	add_library(crypto STATIC $<TARGET_OBJECTS:crypto-objects>)
 	add_library(crypto-shared SHARED $<TARGET_OBJECTS:crypto-objects>)
-	if (WIN32)
+	set_target_properties(crypto-shared PROPERTIES OUTPUT_NAME crypto)
 		target_link_libraries(crypto-shared crypto Ws2_32.lib)
 		set(CRYPTO_POSTFIX -${CRYPTO_MAJOR_VERSION})
 	endif()
 	set_target_properties(crypto-shared PROPERTIES
 		OUTPUT_NAME crypto${CRYPTO_POSTFIX} ARCHIVE_OUTPUT_NAME crypto)
 	set_target_properties(crypto-shared PROPERTIES VERSION
 		${CRYPTO_VERSION} SOVERSION ${CRYPTO_MAJOR_VERSION})
 	install(TARGETS crypto crypto-shared DESTINATION lib)
--- a/include/CMakeLists.txt
+++ b/include/CMakeLists.txt
@@ -2,4 +2,4 @@ install(DIRECTORY .
        DESTINATION include
        PATTERN "CMakeLists.txt" EXCLUDE
        PATTERN "compat" EXCLUDE
-        PATTERN "Makefile*" EXCLUDE)
+        PATTERN "Makefile.*" EXCLUDE)
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -29,6 +29,7 @@ noinst_HEADERS += compat/netinet/in.h
 noinst_HEADERS += compat/netinet/ip.h
 noinst_HEADERS += compat/netinet/tcp.h
 noinst_HEADERS += compat/sys/cdefs.h
 noinst_HEADERS += compat/sys/ioctl.h
 noinst_HEADERS += compat/sys/mman.h
 noinst_HEADERS += compat/sys/param.h
--- a/include/compat/sys/cdefs.h
+++ b/include/compat/sys/cdefs.h
@@ -0,0 +1,31 @@
 /*
 * Public domain
 * sys/cdefs.h compatibility shim
 */
 #ifndef LIBCRYPTOCOMPAT_SYS_CDEFS_H
 #define LIBCRYPTOCOMPAT_SYS_CDEFS_H
 #ifdef _WIN32
 #define __warn_references(sym,msg)
 #else
 #include_next <sys/cdefs.h>
 #ifndef __warn_references
 #if defined(__GNUC__)  && defined (HAS_GNU_WARNING_LONG)
 #define __warn_references(sym,msg)          \
  __asm__(".section .gnu.warning." __STRING(sym)  \
         " ; .ascii \"" msg "\" ; .text");
 #else
 #define __warn_references(sym,msg)
 #endif
 #endif /* __warn_references */
 #endif /* _WIN32 */
 #endif /* LIBCRYPTOCOMPAT_SYS_CDEFS_H */
--- a/include/compat/sys/types.h
+++ b/include/compat/sys/types.h
@@ -44,25 +44,4 @@ typedef SSIZE_T ssize_t;
 # define __bounded__(x, y, z)
 #endif
 #ifdef _WIN32
 #define __warn_references(sym,msg)
 #else
 #ifndef __warn_references
 #ifndef __STRING
 #define __STRING(x) #x
 #endif
 #if defined(__GNUC__)  && defined (HAS_GNU_WARNING_LONG)
 #define __warn_references(sym,msg)          \
  __asm__(".section .gnu.warning." __STRING(sym)  \
         " ; .ascii \"" msg "\" ; .text");
 #else
 #define __warn_references(sym,msg)
 #endif
 #endif /* __warn_references */
 #endif /* _WIN32 */
 #endif
--- a/libcrypto.pc.in
+++ b/libcrypto.pc.in
@@ -11,5 +11,5 @@ Version: @VERSION@
 Requires:
 Conflicts:
 Libs: -L${libdir} -lcrypto
-Libs.private: @LIBS@ @PLATFORM_LDADD@
+Libs.private: @LIBS@
 Cflags: -I${includedir}
--- a/libssl.pc.in
+++ b/libssl.pc.in
@@ -12,5 +12,5 @@ Requires:
 Requires.private: libcrypto
 Conflicts:
 Libs: -L${libdir} -lssl
-Libs.private: @LIBS@ -lcrypto @PLATFORM_LDADD@
+Libs.private: @LIBS@ -lcrypto
 Cflags: -I${includedir}
--- a/libtls-standalone/src/Makefile.am
+++ b/libtls-standalone/src/Makefile.am
@@ -8,7 +8,6 @@ libtls_la_LIBADD += $(top_builddir)/compat/libcompat.la
 libtls_la_LIBADD += $(top_builddir)/compat/libcompatnoopt.la
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_bio_cb.c
 libtls_la_SOURCES += tls_client.c
 libtls_la_SOURCES += tls_config.c
 libtls_la_SOURCES += tls_server.c
--- a/libtls.pc.in
+++ b/libtls.pc.in
@@ -12,5 +12,5 @@ Requires:
 Requires.private: libcrypto libssl
 Conflicts:
 Libs: -L${libdir} -ltls
-Libs.private: @LIBS@ -lcrypto -lssl @PLATFORM_LDADD@
+Libs.private: @LIBS@ -lcrypto -lssl
 Cflags: -I${includedir}
--- a/m4/check-libc.m4
+++ b/m4/check-libc.m4
@@ -59,7 +59,7 @@ AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp"
 # Override arc4random_buf implementations with known issues
 AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
-	[test "x$USE_BUILTIN_ARC4RANDOM" != xyes \
+	[test "x$USE_BUILTIN_ARC4RANDOM" != yes \
 	   -a "x$ac_cv_func_arc4random_buf" = xyes])
 # Check for getentropy fallback dependencies
--- a/m4/check-os-options.m4
+++ b/m4/check-os-options.m4
@@ -21,8 +21,6 @@ case $host_os in
 		# public source:
 		# http://www.opensource.apple.com/source/Libc/Libc-997.90.3/gen/FreeBSD/arc4random.c
 		USE_BUILTIN_ARC4RANDOM=yes
 		# Not available on iOS
 		AC_CHECK_HEADER([arpa/telnet.h], [], [BUILD_NC=no])
 		;;
 	*freebsd*)
 		HOST_OS=freebsd
--- a/patches/modes_lcl.h
+++ b/patches/modes_lcl.h
@@ -1,21 +0,0 @@
 --- openbsd/src/lib/libssl/src/crypto/modes/modes_lcl.h	Sat Dec  6 17:15:50 2014
 +++ crypto/modes/modes_lcl.h	Sun Jul 17 17:45:27 2016
@@ -43,14 +43,16 @@
 			asm ("bswapl %0"		\
 			: "+r"(ret));	ret;		})
 # elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
 -#  define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
 +#  if (__ARM_ARCH >= 6)
 +#   define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
 			asm ("rev %0,%0; rev %1,%1"	\
 			: "+r"(hi),"+r"(lo));		\
 			(u64)hi<<32|lo;			})
 -#  define BSWAP4(x) ({	u32 ret;			\
 +#   define BSWAP4(x) ({	u32 ret;			\
 			asm ("rev %0,%1"		\
 			: "=r"(ret) : "r"((u32)(x)));	\
 			ret;				})
 +#  endif
 # endif
 #endif
 #endif
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@@ -1,6 +1,27 @@
--- apps/nc/netcat.c.orig	Sun Sep  4 05:37:35 2016
+--- apps/nc/netcat.c.orig	Mon Dec 28 08:46:10 2015
-+++ apps/nc/netcat.c	Sun Sep  4 05:40:24 2016
+++ apps/nc/netcat.c	Mon Dec 28 08:46:19 2015
-@@ -92,9 +92,13 @@
+@@ -57,6 +57,10 @@
 #include <tls.h>
 #include "atomicio.h"
 +#ifndef IPV6_TCLASS
 +#define IPV6_TCLASS -1
 +#endif
 +
 #define PORT_MAX	65535
 #define UNIX_DG_TMP_SOCKET_SIZE	19
@@ -65,7 +69,9 @@
 #define POLL_NETIN 2
 #define POLL_STDOUT 3
 #define BUFSIZE 16384
 +#ifndef DEFAULT_CA_FILE
 #define DEFAULT_CA_FILE "/etc/ssl/cert.pem"
 +#endif
 #define TLS_LEGACY	(1 << 1)
 #define TLS_NOVERIFY	(1 << 2)
@@ -92,9 +98,13 @@
 int	Dflag;					/* sodebug */
 int	Iflag;					/* TCP receive buffer size */
 int	Oflag;					/* TCP send buffer size */
@@ -14,7 +35,7 @@
 int	usetls;					/* use TLS */
 char    *Cflag;					/* Public cert file */
-@@ -146,7 +150,7 @@
+@@ -150,7 +160,7 @@
 	struct servent *sv;
 	socklen_t len;
 	struct sockaddr_storage cliaddr;
@@ -23,7 +44,7 @@
 	const char *errstr, *proxyhost = "", *proxyport = NULL;
 	struct addrinfo proxyhints;
 	char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE];
-@@ -256,12 +260,14 @@
+@@ -251,12 +261,14 @@
 		case 'u':
 			uflag = 1;
 			break;
@@ -38,7 +59,7 @@
 		case 'v':
 			vflag = 1;
 			break;
-@@ -294,9 +300,11 @@
+@@ -289,9 +301,11 @@
 				errx(1, "TCP send window %s: %s",
 				    errstr, optarg);
 			break;
@@ -50,7 +71,7 @@
 		case 'T':
 			errstr = NULL;
 			errno = 0;
-@@ -320,9 +328,11 @@
+@@ -315,9 +329,11 @@
 	argc -= optind;
 	argv += optind;
@@ -62,19 +83,31 @@
 	if (family == AF_UNIX) {
 		if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
-@@ -825,7 +835,10 @@
+@@ -460,7 +476,10 @@
 				errx(1, "-H and -T noverify may not be used"
 				    "together");
 			tls_config_insecure_noverifycert(tls_cfg);
 -		}
 +		} else {
 +                        if (Rflag && access(Rflag, R_OK) == -1)
 +                                errx(1, "unable to find root CA file %s", Rflag);
 +                }
 	}
 	if (lflag) {
 		struct tls *tls_cctx = NULL;
@@ -807,7 +826,10 @@
 remote_connect(const char *host, const char *port, struct addrinfo hints)
 {
 	struct addrinfo *res, *res0;
-	int s = -1, error, on = 1, save_errno;
+-	int s, error, on = 1;
-+	int s = -1, error, save_errno;
+	int s, error;
 +#ifdef SO_BINDANY
 +	int on = 1;
 +#endif
- 	if ((error = getaddrinfo(host, port, &hints, &res0)))
+ 	if ((error = getaddrinfo(host, port, &hints, &res)))
 		errx(1, "getaddrinfo: %s", gai_strerror(error));
-@@ -839,8 +852,10 @@
+@@ -822,8 +844,10 @@
 		if (sflag || pflag) {
 			struct addrinfo ahints, *ares;
@@ -83,22 +116,22 @@
 			setsockopt(s, SOL_SOCKET, SO_BINDANY, &on, sizeof(on));
 +#endif
 			memset(&ahints, 0, sizeof(struct addrinfo));
- 			ahints.ai_family = res->ai_family;
+ 			ahints.ai_family = res0->ai_family;
 			ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -911,7 +926,10 @@
+@@ -892,7 +916,10 @@
 local_listen(char *host, char *port, struct addrinfo hints)
 {
 	struct addrinfo *res, *res0;
-	int s = -1, ret, x = 1, save_errno;
+-	int s, ret, x = 1;
-+	int s = -1, save_errno;
+	int s;
 +#ifdef SO_REUSEPORT
 +	int ret, x = 1;
 +#endif
 	int error;
 	/* Allow nodename to be null. */
-@@ -932,9 +950,11 @@
+@@ -914,9 +941,11 @@
- 		    res->ai_protocol)) < 0)
+ 		    res0->ai_protocol)) < 0)
 			continue;
 +#ifdef SO_REUSEPORT
@@ -107,9 +140,9 @@
 			err(1, NULL);
 +#endif
- 		set_common_sockopts(s, res->ai_family);
+ 		set_common_sockopts(s, res0->ai_family);
-@@ -1392,11 +1412,13 @@
+@@ -1356,11 +1385,13 @@
 {
 	int x = 1;
@@ -123,26 +156,7 @@
 	if (Dflag) {
 		if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
 			&x, sizeof(x)) == -1)
-@@ -1433,13 +1455,17 @@
+@@ -1538,14 +1569,22 @@
 	}
 	if (minttl != -1) {
 +#ifdef IP_MINTTL
 		if (af == AF_INET && setsockopt(s, IPPROTO_IP,
 		    IP_MINTTL, &minttl, sizeof(minttl)))
 			err(1, "set IP min TTL");
 +#endif
 -		else if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
 +#ifdef IPV6_MINHOPCOUNT
 +		if (af == AF_INET6 && setsockopt(s, IPPROTO_IPV6,
 		    IPV6_MINHOPCOUNT, &minttl, sizeof(minttl)))
 			err(1, "set IPv6 min hop count");
 +#endif
 	}
 }
@@ -1596,14 +1622,22 @@
 	\t-P proxyuser\tUsername for proxy authentication\n\
 	\t-p port\t	Specify local port for remote connects\n\
 	\t-R CAfile	CA bundle\n\
--- a/patches/ssl_txt.c.patch
+++ b/patches/ssl_txt.c.patch
@@ -1,19 +0,0 @@
 --- ssl/ssl_txt.orig	Sun Jul 17 17:26:59 2016
 +++ ssl/ssl_txt.c	Sun Jul 17 17:35:44 2016
@@ -82,6 +82,7 @@
  * OTHERWISE.
  */
 +#include <inttypes.h>
 #include <stdio.h>
 #include <openssl/buffer.h>
@@ -163,7 +164,7 @@
 	}
 	if (x->time != 0) {
 -		if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
 +		if (BIO_printf(bp, "\n    Start Time: %"PRId64, (int64_t)x->time) <= 0)
 			goto err;
 	}
 	if (x->timeout != 0L) {
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -52,12 +52,7 @@ if (BUILD_SHARED)
 	add_library(ssl-objects OBJECT ${SSL_SRC})
 	add_library(ssl STATIC $<TARGET_OBJECTS:ssl-objects>)
 	add_library(ssl-shared SHARED $<TARGET_OBJECTS:ssl-objects>)
-	if (WIN32)
+	set_target_properties(ssl-shared PROPERTIES OUTPUT_NAME ssl)
 		target_link_libraries(ssl-shared crypto-shared Ws2_32.lib)
 		set(SSL_POSTFIX -${SSL_MAJOR_VERSION})
 	endif()
 	set_target_properties(ssl-shared PROPERTIES
 		OUTPUT_NAME ssl${SSL_POSTFIX} ARCHIVE_OUTPUT_NAME ssl)
 	set_target_properties(ssl-shared PROPERTIES VERSION ${SSL_VERSION}
 		SOVERSION ${SSL_MAJOR_VERSION})
 	install(TARGETS ssl ssl-shared DESTINATION lib)
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -9,13 +9,14 @@ include_directories(
 	../apps/openssl/compat
 )
-add_definitions(-D_PATH_SSL_CA_FILE=\"${CMAKE_CURRENT_SOURCE_DIR}/../apps/openssl/cert.pem\")
+set(ENV{srcdir} ${CMAKE_CURRENT_SOURCE_DIR})
 # aeadtest
-add_executable(aeadtest aeadtest.c)
+#add_executable(aeadtest aeadtest.c)
-target_link_libraries(aeadtest ${OPENSSL_LIBS})
+#target_link_libraries(aeadtest ${OPENSSL_LIBS})
-add_test(aeadtest ${CMAKE_CURRENT_SOURCE_DIR}/aeadtest.sh)
+#add_test(aeadtest aeadtest.sh)
-set_tests_properties(aeadtest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
+#configure_file(aeadtests.txt aeadtests.txt COPYONLY)
 #configure_file(aeadtest.sh aeadtest.sh COPYONLY)
 # aes_wrap
 add_executable(aes_wrap aes_wrap.c)
@@ -24,7 +25,7 @@ add_test(aes_wrap aes_wrap)
 # arc4randomforktest
 # Windows/mingw does not have fork, but Cygwin does.
-if(NOT CMAKE_HOST_WIN32 AND NOT CMAKE_SYSTEM_NAME MATCHES "MINGW")
+if(NOT CMAKE_HOST_WIN32)
 add_executable(arc4randomforktest arc4randomforktest.c)
 target_link_libraries(arc4randomforktest ${OPENSSL_LIBS})
 add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh)
@@ -50,14 +51,6 @@ add_executable(bftest bftest.c)
 target_link_libraries(bftest ${OPENSSL_LIBS})
 add_test(bftest bftest)
 # biotest
 # the BIO tests rely on resolver results that are OS and environment-specific
 if(ENABLE_EXTRATESTS)
 	add_executable(biotest biotest.c)
 	target_link_libraries(biotest ${OPENSSL_LIBS})
 	add_test(biotest biotest)
 endif()
 # bntest
 add_executable(bntest bntest.c)
 target_link_libraries(bntest ${OPENSSL_LIBS})
@@ -134,21 +127,19 @@ target_link_libraries(enginetest ${OPENSSL_LIBS})
 add_test(enginetest enginetest)
 # evptest
-add_executable(evptest evptest.c)
+#add_executable(evptest evptest.c)
-target_link_libraries(evptest ${OPENSSL_LIBS})
+#target_link_libraries(evptest ${OPENSSL_LIBS})
-add_test(evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptest.sh)
+#add_test(evptest ${CMAKE_CURRENT_SOURCE_DIR}/evptest.sh)
 set_tests_properties(evptest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # explicit_bzero
 # explicit_bzero relies on SA_ONSTACK, which is unavailable on Windows
 if(NOT CMAKE_HOST_WIN32)
-if(HAVE_MEMMEM)
+add_executable(explicit_bzero explicit_bzero.c)
 	add_executable(explicit_bzero explicit_bzero.c)
 else()
 	add_executable(explicit_bzero explicit_bzero.c memmem.c)
 endif()
 target_link_libraries(explicit_bzero ${OPENSSL_LIBS})
 add_test(explicit_bzero explicit_bzero)
 #if !HAVE_MEMMEM
 #explicit_bzero_SOURCES += memmem.c
 #endif
 endif()
 # exptest
@@ -196,13 +187,6 @@ add_executable(mont mont.c)
 target_link_libraries(mont ${OPENSSL_LIBS})
 add_test(mont mont)
 # ocsp_test
 if(ENABLE_EXTRATESTS)
 	add_executable(ocsp_test ocsp_test.c)
 	target_link_libraries(ocsp_test ${OPENSSL_LIBS})
 	add_test(ocsptest ${CMAKE_CURRENT_SOURCE_DIR}/ocsptest.sh)
 endif()
 # optionstest
 add_executable(optionstest optionstest.c)
 target_link_libraries(optionstest ${OPENSSL_LIBS})
@@ -213,15 +197,6 @@ add_executable(pbkdf2 pbkdf2.c)
 target_link_libraries(pbkdf2 ${OPENSSL_LIBS})
 add_test(pbkdf2 pbkdf2)
 # pidwraptest
 # pidwraptest relies on an OS-specific way to give out pids and is generally
 # awkward on systems with slow fork
 if(ENABLE_EXTRATESTS)
 	add_executable(pidwraptest pidwraptest.c)
 	target_link_libraries(pidwraptest ${OPENSSL_LIBS})
 	add_test(pidwraptest ${CMAKE_CURRENT_SOURCE_DIR}/pidwraptest.sh)
 endif()
 # pkcs7test
 add_executable(pkcs7test pkcs7test.c)
 target_link_libraries(pkcs7test ${OPENSSL_LIBS})
@@ -233,10 +208,9 @@ target_link_libraries(poly1305test ${OPENSSL_LIBS})
 add_test(poly1305test poly1305test)
 # pq_test
-add_executable(pq_test pq_test.c)
+#add_executable(pq_test pq_test.c)
-target_link_libraries(pq_test ${OPENSSL_LIBS})
+#target_link_libraries(pq_test ${OPENSSL_LIBS})
-add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh)
+#add_test(pq_test ${CMAKE_CURRENT_SOURCE_DIR}/pq_test.sh)
 set_tests_properties(pq_test PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # randtest
 add_executable(randtest randtest.c)
@@ -256,11 +230,7 @@ add_test(rc4test rc4test)
 # rfc5280time
 add_executable(rfc5280time rfc5280time.c)
 target_link_libraries(rfc5280time ${OPENSSL_LIBS})
-if(SMALL_TIME_T)
+add_test(rfc5280time rfc5280time)
 	add_test(rfc5280time ${CMAKE_CURRENT_SOURCE_DIR}/rfc5280time_small.test)
 else()
 	add_test(rfc5280time rfc5280time)
 endif()
 # rmdtest
 add_executable(rmdtest rmdtest.c)
@@ -283,33 +253,24 @@ target_link_libraries(sha512test ${OPENSSL_LIBS})
 add_test(sha512test sha512test)
 # ssltest
-add_executable(ssltest ssltest.c)
+#add_executable(ssltest ssltest.c)
-target_link_libraries(ssltest ${OPENSSL_LIBS})
+#target_link_libraries(ssltest ${OPENSSL_LIBS})
-add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh)
+#add_test(ssltest ${CMAKE_CURRENT_SOURCE_DIR}/ssltest.sh)
 set_tests_properties(ssltest PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # testdsa
-add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh)
+#add_test(testdsa ${CMAKE_CURRENT_SOURCE_DIR}/testdsa.sh)
 set_tests_properties(testdsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # testenc
 add_test(testenc ${CMAKE_CURRENT_SOURCE_DIR}/testenc.sh)
 set_tests_properties(testenc PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # testrsa
-add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh)
+#add_test(testrsa ${CMAKE_CURRENT_SOURCE_DIR}/testrsa.sh)
 set_tests_properties(testrsa PROPERTIES ENVIRONMENT "srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
 # timingsafe
 add_executable(timingsafe timingsafe.c)
 target_link_libraries(timingsafe ${OPENSSL_LIBS})
 add_test(timingsafe timingsafe)
 # tls_ext_alpn
 add_executable(tls_ext_alpn tls_ext_alpn.c)
 target_link_libraries(tls_ext_alpn ${OPENSSL_LIBS})
 add_test(tls_ext_alpn tls_ext_alpn)
 # utf8test
 add_executable(utf8test utf8test.c)
 target_link_libraries(utf8test ${OPENSSL_LIBS})
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -5,7 +5,6 @@ AM_CPPFLAGS += -I $(top_srcdir)/crypto/asn1
 AM_CPPFLAGS += -I $(top_srcdir)/ssl
 AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl
 AM_CPPFLAGS += -I $(top_srcdir)/apps/openssl/compat
 AM_CPPFLAGS += -D_PATH_SSL_CA_FILE=\"$(top_srcdir)/apps/openssl/cert.pem\"
 LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
 LDADD += $(abs_top_builddir)/ssl/libssl.la
@@ -209,14 +208,6 @@ TESTS += mont
 check_PROGRAMS += mont
 mont_SOURCES = mont.c
 # ocsp_test
 if ENABLE_EXTRATESTS
 TESTS += ocsptest.sh
 check_PROGRAMS += ocsp_test
 ocsp_test_SOURCES = ocsp_test.c
 endif
 EXTRA_DIST += ocsptest.sh
 # optionstest
 TESTS += optionstest
 check_PROGRAMS += optionstest
@@ -324,11 +315,6 @@ TESTS += timingsafe
 check_PROGRAMS += timingsafe
 timingsafe_SOURCES = timingsafe.c
 # tls_ext_alpn
 TESTS += tls_ext_alpn
 check_PROGRAMS += tls_ext_alpn
 tls_ext_alpn_SOURCES = tls_ext_alpn.c
 # utf8test
 TESTS += utf8test
 check_PROGRAMS += utf8test
--- a/tests/ocsptest.sh
+++ b/tests/ocsptest.sh
@@ -1,8 +0,0 @@
 #!/bin/sh
 set -e
 TEST=./ocsp_test
 if [ -e ./ocsp_test.exe ]; then
 	TEST=./ocsp_test.exe
 fi
 $TEST www.amazon.com 443
 $TEST cloudflare.com 443
--- a/tests/ssltest.sh
+++ b/tests/ssltest.sh
@@ -6,16 +6,9 @@ if [ -e ./ssltest.exe ]; then
 	ssltest_bin=./ssltest.exe
 fi
-if [ -d ../apps/openssl ]; then
+openssl_bin=../apps/openssl/openssl
-	openssl_bin=../apps/openssl/openssl
+if [ -e ../apps/openssl/openssl.exe ]; then
 	if [ -e ../apps/openssl/openssl.exe ]; then
 	openssl_bin=../apps/openssl/openssl.exe
 	fi
 else
 	openssl_bin=../apps/openssl
 	if [ -e ../apps/openssl.exe ]; then
 		openssl_bin=../apps/openssl.exe
 	fi
 fi
 if [ -z $srcdir ]; then
--- a/tests/testdsa.sh
+++ b/tests/testdsa.sh
@@ -4,16 +4,9 @@
 #Test DSA certificate generation of openssl
-if [ -d ../apps/openssl ]; then
+cmd=../apps/openssl/openssl
-	cmd=../apps/openssl/openssl
+if [ -e ../apps/openssl/openssl.exe ]; then
 	if [ -e ../apps/openssl/openssl.exe ]; then
 	cmd=../apps/openssl/openssl.exe
 	fi
 else
 	cmd=../apps/openssl
 	if [ -e ../apps/openssl.exe ]; then
 		cmd=../apps/openssl.exe
 	fi
 fi
 if [ -z $srcdir ]; then
--- a/tests/testenc.sh
+++ b/tests/testenc.sh
@@ -2,23 +2,12 @@
 #	$OpenBSD: testenc.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
 test=p
-if [ -d ../apps/openssl ]; then
+cmd=../apps/openssl/openssl
-	cmd=../apps/openssl/openssl
+if [ -e ../apps/openssl/openssl.exe ]; then
 	if [ -e ../apps/openssl/openssl.exe ]; then
 	cmd=../apps/openssl/openssl.exe
 	fi
 else
 	cmd=../apps/openssl
 	if [ -e ../apps/openssl.exe ]; then
 		cmd=../apps/openssl.exe
 	fi
 fi
-if [ -z $srcdir ]; then
+cat openssl.cnf >$test;
 	srcdir=.
 fi
 cat $srcdir/openssl.cnf >$test;
 echo cat
 $cmd enc < $test > $test.cipher
--- a/tests/testrsa.sh
+++ b/tests/testrsa.sh
@@ -4,16 +4,9 @@
 #Test RSA certificate generation of openssl
-if [ -d ../apps/openssl ]; then
+cmd=../apps/openssl/openssl
-	cmd=../apps/openssl/openssl
+if [ -e ../apps/openssl/openssl.exe ]; then
 	if [ -e ../apps/openssl/openssl.exe ]; then
 	cmd=../apps/openssl/openssl.exe
 	fi
 else
 	cmd=../apps/openssl
 	if [ -e ../apps/openssl.exe ]; then
 		cmd=../apps/openssl.exe
 	fi
 fi
 if [ -z $srcdir ]; then
--- a/tls/CMakeLists.txt
+++ b/tls/CMakeLists.txt
@@ -7,7 +7,6 @@ include_directories(
 set(
 	TLS_SRC
 	tls.c
 	tls_bio_cb.c
 	tls_client.c
 	tls_config.c
 	tls_conninfo.c
@@ -18,26 +17,15 @@ set(
 )
-if(NOT HAVE_STRSEP)
+if(NOT HAVE_STRCASECMP)
 	set(TLS_SRC ${TLS_SRC} strsep.c)
 endif()
 if(NOT "${OPENSSLDIR}" STREQUAL "")
 	add_definitions(-D_PATH_SSL_CA_FILE=\"${OPENSSLDIR}/cert.pem\")
 else()
 	add_definitions(-D_PATH_SSL_CA_FILE=\"${CMAKE_INSTALL_PREFIX}/etc/ssl/cert.pem\")
 endif()
 if (BUILD_SHARED)
 	add_library(tls-objects OBJECT ${TLS_SRC})
 	add_library(tls STATIC $<TARGET_OBJECTS:tls-objects>)
 	add_library(tls-shared SHARED $<TARGET_OBJECTS:tls-objects>)
-	if (WIN32)
+	set_target_properties(tls-shared PROPERTIES OUTPUT_NAME tls)
 		target_link_libraries(tls-shared ssl-shared crypto-shared Ws2_32.lib)
 		set(TLS_POSTFIX -${TLS_MAJOR_VERSION})
 	endif()
 	set_target_properties(tls-shared PROPERTIES
 		OUTPUT_NAME tls${TLS_POSTFIX} ARCHIVE_OUTPUT_NAME tls)
 	set_target_properties(tls-shared PROPERTIES VERSION ${TLS_VERSION}
 		SOVERSION ${TLS_MAJOR_VERSION})
 	install(TARGETS tls tls-shared DESTINATION lib)
--- a/tls/Makefile.am
+++ b/tls/Makefile.am
@@ -19,7 +19,6 @@ endif
 libtls_la_SOURCES = tls.c
 libtls_la_SOURCES += tls_client.c
 libtls_la_SOURCES += tls_bio_cb.c
 libtls_la_SOURCES += tls_config.c
 libtls_la_SOURCES += tls_conninfo.c
 libtls_la_SOURCES += tls_server.c
--- a/update.sh
+++ b/update.sh
@@ -29,12 +29,12 @@ libtls_regress=$CWD/openbsd/src/regress/lib/libtls
 app_src=$CWD/openbsd/src/usr.bin
 # load library versions
-. $libcrypto_src/shlib_version
+. $libcrypto_src/crypto/shlib_version
 libcrypto_version=$major:$minor:0
 echo "libcrypto version $libcrypto_version"
 echo $libcrypto_version > crypto/VERSION
-. $libssl_src/shlib_version
+. $libssl_src/ssl/shlib_version
 libssl_version=$major:$minor:0
 echo "libssl version $libssl_version"
 echo $libssl_version > ssl/VERSION
@@ -62,11 +62,11 @@ CP_LIBC='do_cp_libc'
 CP='cp -p'
-$CP $libssl_src/LICENSE COPYING
+$CP $libssl_src/src/LICENSE COPYING
-$CP $libcrypto_src/arch/amd64/opensslconf.h include/openssl
+$CP $libcrypto_src/crypto/arch/amd64/opensslconf.h include/openssl
-$CP $libcrypto_src/opensslfeatures.h include/openssl
+$CP $libssl_src/src/crypto/opensslfeatures.h include/openssl
-$CP $libssl_src/pqueue.h include
+$CP $libssl_src/src/ssl/pqueue.h include
 $CP $libtls_src/tls.h include
 $CP $libtls_src/tls.h libtls-standalone/include
@@ -84,8 +84,8 @@ for i in crypto/compat libtls-standalone/compat; do
 	    $libc_src/string/strnlen.c \
 	    $libc_src/string/timingsafe_bcmp.c \
 	    $libc_src/string/timingsafe_memcmp.c \
-	    $libcrypto_src/arc4random/getentropy_*.c \
+	    $libcrypto_src/crypto/getentropy_*.c \
-	    $libcrypto_src/arc4random/arc4random_*.h; do
+	    $libcrypto_src/crypto/arc4random_*.h; do
 		$CP_LIBC $j $i
 	done
 done
@@ -99,20 +99,20 @@ $CP crypto/compat/arc4random*.h \
 	crypto/compat/bsd-asprintf.c \
 	libtls-standalone/compat
-(cd $libcrypto_src/objects/;
+(cd $libssl_src/src/crypto/objects/;
 	perl objects.pl objects.txt obj_mac.num obj_mac.h;
 	perl obj_dat.pl obj_mac.h obj_dat.h )
 mkdir -p include/openssl crypto/objects
-$MV $libcrypto_src/objects/obj_mac.h ./include/openssl/obj_mac.h
+$MV $libssl_src/src/crypto/objects/obj_mac.h ./include/openssl/obj_mac.h
-$MV $libcrypto_src/objects/obj_dat.h ./crypto/objects/obj_dat.h
+$MV $libssl_src/src/crypto/objects/obj_dat.h ./crypto/objects/obj_dat.h
 copy_hdrs() {
 	for file in $2; do
-		$CP $1/$file include/openssl
+		$CP $libssl_src/src/$1/$file include/openssl
 	done
 }
-copy_hdrs $libcrypto_src "stack/stack.h lhash/lhash.h stack/safestack.h
+copy_hdrs crypto "stack/stack.h lhash/lhash.h stack/safestack.h
 	ossl_typ.h err/err.h crypto.h comp/comp.h x509/x509.h buffer/buffer.h
 	objects/objects.h asn1/asn1.h bn/bn.h ec/ec.h ecdsa/ecdsa.h
 	ecdh/ecdh.h rsa/rsa.h sha/sha.h x509/x509_vfy.h pkcs7/pkcs7.h pem/pem.h
@@ -120,15 +120,15 @@ copy_hdrs $libcrypto_src "stack/stack.h lhash/lhash.h stack/safestack.h
 	krb5/krb5_asn.h asn1/asn1_mac.h x509v3/x509v3.h conf/conf.h ocsp/ocsp.h
 	aes/aes.h modes/modes.h asn1/asn1t.h dso/dso.h bf/blowfish.h
 	bio/bio.h cast/cast.h cmac/cmac.h conf/conf_api.h des/des.h dh/dh.h
-	dsa/dsa.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h
+	dsa/dsa.h cms/cms.h engine/engine.h ui/ui.h pkcs12/pkcs12.h ts/ts.h
 	md4/md4.h ripemd/ripemd.h whrlpool/whrlpool.h idea/idea.h
 	rc2/rc2.h rc4/rc4.h ui/ui_compat.h txt_db/txt_db.h
 	chacha/chacha.h evp/evp.h poly1305/poly1305.h camellia/camellia.h
 	gost/gost.h"
-copy_hdrs $libssl_src "srtp.h ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h"
+copy_hdrs ssl "srtp.h ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h"
-$CP $libcrypto_src/opensslv.h include/openssl
+$CP $libssl_src/src/crypto/opensslv.h include/openssl
 awk '/LIBRESSL_VERSION_TEXT/ {print $4}' < include/openssl/opensslv.h | cut -d\" -f1 > VERSION
 echo "LibreSSL version `cat VERSION`"
@@ -139,8 +139,8 @@ for i in `awk '/SOURCES|HEADERS/ { print $3 }' crypto/Makefile.am` ; do
 	dir=`dirname $i`
 	mkdir -p crypto/$dir
 	if [ $dir != "compat" ]; then
-		if [ -e $libcrypto_src/$i ]; then
+		if [ -e $libssl_src/src/crypto/$i ]; then
-			$CP $libcrypto_src/$i crypto/$i
+			$CP $libssl_src/src/crypto/$i crypto/$i
 		fi
 	fi
 done
@@ -148,7 +148,7 @@ $CP crypto/compat/b_win.c crypto/bio
 $CP crypto/compat/ui_openssl_win.c crypto/ui
 # generate assembly crypto algorithms
-asm_src=$libcrypto_src
+asm_src=$libssl_src/src/crypto
 gen_asm_stdout() {
 	perl $asm_src/$2 $1 > $3.tmp
 	[ $1 = "elf" ] && cat <<-EOF >> $3.tmp
@@ -238,7 +238,7 @@ done
 echo "copying libssl source"
 rm -f ssl/*.c ssl/*.h
 for i in `awk '/SOURCES|HEADERS/ { print $3 }' ssl/Makefile.am` ; do
-	$CP $libssl_src/$i ssl
+	$CP $libssl_src/src/ssl/$i ssl
 done
 # copy libcrypto tests
@@ -320,7 +320,7 @@ echo "dist_man_MANS += tls_init.3" >> man/Makefile.am
 (cd man
 	# update new-style manpages
-	for i in `ls -1 $libssl_src/doc/*.3 | sort`; do
+	for i in `ls -1 $libssl_src/src/doc/ssl/*.3 | sort`; do
 		NAME=`basename "$i"`
 		$CP $i .
 		echo "dist_man_MANS += $NAME" >> Makefile.am
@@ -333,7 +333,7 @@ echo "dist_man_MANS += tls_init.3" >> man/Makefile.am
 	done
 	# convert remaining POD manpages
-	for i in `ls -1 $libcrypto_src/doc/*.pod | sort`; do
+	for i in `ls -1 $libssl_src/src/doc/crypto/*.pod | sort`; do
 		BASE=`echo $i|sed -e "s/\.pod//"`
 		NAME=`basename "$BASE"`
 		# reformat file if new
Author	SHA1	Message	Date
Brent Cook	5b39a35bf8	Update changelog	2016-05-30 09:08:29 -05:00
Brent Cook	41d8aa6aef	pushed encode.c change upstream	2016-05-03 09:25:59 -05:00
Brent Cook	b8b8628640	prefer limits.h over sys/limits.h	2016-05-03 02:13:13 -05:00
Brent Cook	6cb804b342	update changelog	2016-05-02 22:51:07 -05:00
Brent Cook	00eb776ee9	add constant_time_locl.h	2016-05-02 22:47:45 -05:00
Brent Cook	534ee348a9	check linker flags before checking for functions	2016-05-02 22:12:53 -05:00
kinichiro	ad914139c4	fix ld warning "attempted multiple inclusion of file" on Solaris - To avoid ld warning on Solaris, use abs_top_builddir in Makefile.am	2016-05-02 22:12:53 -05:00
Brent Cook	6a136f72ff	update changelog	2016-03-21 21:56:24 -05:00
Brent Cook	3b3f213ca5	updated changelog	2016-03-21 21:56:24 -05:00
Brent Cook	4b5daaaf44	set windows binary OPENSSLDIR to something plausible	2016-03-21 21:56:24 -05:00
kinichiro	1ffdb2ae25	modify include/compat/netinet/ip.h - add including <netinet/in_systm.h> for n_long on HP-UX	2016-03-13 13:09:25 -05:00
Brent Cook	ef874034cf	connect to the OPENBSD_5_9 branch	2016-03-12 17:30:33 -06:00