Various cleanups and fixed by Marc and Ralf to start the OpenTLS project

1998-12-22 15:04:48 +00:00 · 1998-12-22 15:04:48 +00:00 · 651d0aff98
commit 651d0aff98
parent 31b8d86844
140 changed files with 1266 additions and 4983 deletions
--- a/144
+++ b/144
@ -0,0 +1,144 @@
 OpenTLS CHANGES
 _______________
 Changes between 0.9.01b and 0.9.1c
  *) Updated the README file.
     [Ralf S. Engelschall]
  *) Added various .cvsignore files in the CVS repository subdirs
     to make a "cvs update" really silent.
     [Ralf S. Engelschall]
  *) Recompiled the error-definition header files and added
     missing symbols to the Win32 linker tables.
     [Ralf S. Engelschall]
  *) Cleaned up the top-level documents;
     o new files: CHANGES and LICENSE
     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
     o merged COPYRIGHT into LICENSE
     o removed obsolete TODO file
     o renamed MICROSOFT to INSTALL.W32
     [Ralf S. Engelschall]
  *) Removed dummy files from the 0.9.1b source tree: 
     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
     [Ralf S. Engelschall]
  *) Added various platform portability fixed.
     [Marc J. Cox]
  *) The Genesis of the OpenTLS rpject:
     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
     Joung and Tim J. Hudson created while they were working for C2Net until
     summer 1998.
     [The OpenTLS Project]
 Changes between 0.9.0b and 0.9.1b
  *) Updated a few CA certificates under certs/
     [Eric A. Young]
  *) Changed some BIGNUM api stuff.
     [Eric A. Young]
  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
     DGUX x86, Linux Alpha, etc.
     [Eric A. Young]
  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
     available).
     [Eric A. Young]
  *) Add -strparse option to asn1pars program which parses nested 
     binary structures 
     [Dr Stephen Henson <shenson@bigfoot.com>]
  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
     [Eric A. Young]
  *) DSA fix for "ca" program.
     [Eric A. Young]
  *) Added "-genkey" option to "dsaparam" program.
     [Eric A. Young]
  *) Added RIPE MD160 (rmd160) message digest.
     [Eric A. Young]
  *) Added -a (all) option to "ssleay version" command.
     [Eric A. Young]
  *) Added PLATFORM define which is the id given to Configure.
     [Eric A. Young]
  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
     [Eric A. Young]
  *) Extended the ASN.1 parser routines.
     [Eric A. Young]
  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
     [Eric A. Young]
  *) Added a BN_CTX to the BN library.
     [Eric A. Young]
  *) Fixed the weak key values in DES library
     [Eric A. Young]
  *) Changed API in EVP library for cipher aliases.
     [Eric A. Young]
  *) Added support for RC2/64bit cipher.
     [Eric A. Young]
  *) Converted the lhash library to the crypto/mem.c functions.
     [Eric A. Young]
  *) Added more recognized ASN.1 object ids.
     [Eric A. Young]
  *) Added more RSA padding checks for SSL/TLS.
     [Eric A. Young]
  *) Added BIO proxy/filter functionality.
     [Eric A. Young]
  *) Added extra_certs to SSL_CTX which can be used
     send extra CA certificates to the client in the CA cert chain sending
     process. It can be configured with SSL_CTX_add_extra_chain_cert().
     [Eric A. Young]
  *) Now Fortezza is denied in the authentication phase because
     this is key exchange mechanism is not supported by SSLeay at all.
     [Eric A. Young]
  *) Additional PKCS1 checks.
     [Eric A. Young]
  *) Support the string "TLSv1" for all TLS v1 ciphers.
     [Eric A. Young]
  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
     [Eric A. Young]
  *) Fixed a few memory leaks.
     [Eric A. Young]
  *) Fixed various code and comment typos.
     [Eric A. Young]
  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
     bytes sent in the client random.
     [Edward Bishop <ebishop@spyglass.com>]
--- a/CHANGES.SSLeay
+++ b/CHANGES.SSLeay
@ -1,4 +1,527 @@
-SSLeay 0.6.5
+
  SSLeay CHANGES
  ______________
 Changes between 0.8.x and 0.9.0b
 10-Apr-1998
 I said the next version would go out at easter, and so it shall.
 I expect a 0.9.1 will follow with portability fixes in the next few weeks.
 This is a quick, meet the deadline.  Look to ssl-users for comments on what
 is new etc.
 eric (about to go bushwalking for the 4 day easter break :-)
 16-Mar-98
    - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
    - Lots and lots of changes
 29-Jan-98
    - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
      Goetz Babin-Ebell <babinebell@trustcenter.de>.
    - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
      TLS1_VERSION.
 7-Jan-98
    - Finally reworked the cipher string to ciphers again, so it
      works correctly
    - All the app_data stuff is now ex_data with funcion calls to access.
      The index is supplied by a function and 'methods' can be setup
      for the types that are called on XXX_new/XXX_free.  This lets
      applications get notified on creation and destruction.  Some of
      the RSA methods could be implemented this way and I may do so.
    - Oh yes, SSL under perl5 is working at the basic level.
 15-Dec-97
    - Warning - the gethostbyname cache is not fully thread safe,
      but it should work well enough.
    - Major internal reworking of the app_data stuff.  More functions
      but if you were accessing ->app_data directly, things will
      stop working.
    - The perlv5 stuff is working.  Currently on message digests,
      ciphers and the bignum library.
 9-Dec-97
    - Modified re-negotiation so that server initated re-neg
      will cause a SSL_read() to return -1 should retry.
      The danger otherwise was that the server and the
      client could end up both trying to read when using non-blocking
      sockets.
 4-Dec-97
    - Lots of small changes
    - Fix for binaray mode in Windows for the FILE BIO, thanks to
      Bob Denny <rdenny@dc3.com>
 17-Nov-97
    - Quite a few internal cleanups, (removal of errno, and using macros
      defined in e_os.h).
    - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
      the automactic naming out output files was being stuffed up.
 29-Oct-97
    - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
      for x86.
 21-Oct-97
    - Fixed a bug in the BIO_gethostbyname() cache.
 15-Oct-97
    - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
      has also been improved.  At this point in time, on the pentium,
      md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
      des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
      is %62 faster.
 12-Oct-97
    - MEM_BUF_grow() has been fixed so that it always sets the buf->length
      to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
      way to set the length value correctly.
 10-Oct-97
    - I now hash for certificate lookup on the raw DER encoded RDN (md5).
      This breaks things again :-(.  This is efficent since I cache
      the DER encoding of the RDN.
    - The text DN now puts in the numeric OID instead of UNKNOWN.
    - req can now process arbitary OIDs in the config file.
    - I've been implementing md5 in x86 asm, much faster :-).
    - Started sha1 in x86 asm, needs more work.
    - Quite a few speedups in the BN stuff.  RSA public operation
      has been made faster by caching the BN_MONT_CTX structure.
      The calulating of the Ai where A*Ai === 1 mod m was rather
      expensive.  Basically a 40-50% speedup on public operations.
      The RSA speedup is now 15% on pentiums and %20 on pentium
      pro.
 30-Sep-97
    - After doing some profiling, I added x86 adm for bn_add_words(),
      which just adds 2 arrays of longs together.  A %10 speedup
      for 512 and 1024 bit RSA on the pentium pro.
 29-Sep-97
    - Converted the x86 bignum assembler to us the perl scripts
      for generation.
 23-Sep-97
    - If SSL_set_session() is passed a NULL session, it now clears the
      current session-id.
 22-Sep-97
    - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
      certificates.
    - Bug in crypto/evp/encode.c where by decoding of 65 base64
      encoded lines, one line at a time (via a memory BIO) would report
      EOF after the first line was decoded.
    - Fix in X509_find_by_issuer_and_serial() from
      Dr Stephen Henson <shenson@bigfoot.com>
 19-Sep-97
    - NO_FP_API and NO_STDIO added.
    - Put in sh config command.  It auto runs Configure with the correct
      parameters.
 18-Sep-97
    - Fix x509.c so if a DSA cert has different parameters to its parent,
      they are left in place.  Not tested yet.
 16-Sep-97
    - ssl_create_cipher_list() had some bugs, fixes from
      Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
    - Fixed a bug in the Base64 BIO, where it would return 1 instead
      of -1 when end of input was encountered but should retry.
      Basically a Base64/Memory BIO interaction problem.
    - Added a HMAC set of functions in preporarion for TLS work.
 15-Sep-97
    - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
    - Prime generation spead up %25 (512 bit prime, pentium pro linux)
      by using montgomery multiplication in the prime number test.
 11-Sep-97
    - Ugly bug in ssl3_write_bytes().  Basically if application land
      does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
      did not check the size and tried to copy the entire buffer.
      This would tend to cause memory overwrites since SSLv3 has
      a maximum packet size of 16k.  If your program uses
      buffers <= 16k, you would probably never see this problem.
    - Fixed a new errors that were cause by malloc() not returning
      0 initialised memory..
    - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
      SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
      since this flags stops SSLeay being able to handle client
      cert requests correctly.
 08-Sep-97
    - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
      on, the SSL server routines will not use a SSL_SESSION that is
      held in it's cache.  This in intended to be used with the session-id
      callbacks so that while the session-ids are still stored in the
      cache, the decision to use them and how to look them up can be
      done by the callbacks.  The are the 'new', 'get' and 'remove'
      callbacks.  This can be used to determine the session-id
      to use depending on information like which port/host the connection
      is coming from.  Since the are also SSL_SESSION_set_app_data() and
      SSL_SESSION_get_app_data() functions, the application can hold
      information against the session-id as well.
 03-Sep-97
    - Added lookup of CRLs to the by_dir method,
      X509_load_crl_file() also added.  Basically it means you can
      lookup CRLs via the same system used to lookup certificates.
    - Changed things so that the X509_NAME structure can contain
      ASN.1 BIT_STRINGS which is required for the unique
      identifier OID.
    - Fixed some problems with the auto flushing of the session-id
      cache.  It was not occuring on the server side.
 02-Sep-97
    - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
      which is the maximum number of entries allowed in the
      session-id cache.  This is enforced with a simple FIFO list.
      The default size is 20*1024 entries which is rather large :-).
      The Timeout code is still always operating.
 01-Sep-97
    - Added an argument to all the 'generate private key/prime`
      callbacks.  It is the last parameter so this should not
      break existing code but it is needed for C++.
    - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
      BIO.  This lets the BIO read and write base64 encoded data
      without inserting or looking for '\n' characters.  The '-A'
      flag turns this on when using apps/enc.c.
    - RSA_NO_PADDING added to help BSAFE functionality.  This is a
      very dangerous thing to use, since RSA private key
      operations without random padding bytes (as PKCS#1 adds) can
      be attacked such that the private key can be revealed.
    - ASN.1 bug and rc2-40-cbc and rc4-40 added by
      Dr Stephen Henson <shenson@bigfoot.com>
 31-Aug-97 (stuff added while I was away)    
    - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
    - RSA_flags() added allowing bypass of pub/priv match check
      in ssl/ssl_rsa.c - Tim Hudson.
    - A few minor bugs.
 SSLeay 0.8.1 released.
 19-Jul-97
    - Server side initated dynamic renegotiation is broken.  I will fix
      it when I get back from holidays.
 15-Jul-97
    - Quite a few small changes.
    - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
 09-Jul-97
    - Added 2 new values to the SSL info callback.
      SSL_CB_START which is passed when the SSL protocol is started
      and SSL_CB_DONE when it has finished sucsessfully.
 08-Jul-97
    - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
      that related to DSA public/private keys.
    - Added all the relevent PEM and normal IO functions to support
      reading and writing RSAPublic keys.
    - Changed makefiles to use ${AR} instead of 'ar r'
 07-Jul-97
    - Error in ERR_remove_state() that would leave a dangling reference
      to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
    - s_client now prints the X509_NAMEs passed from the server
      when requesting a client cert.
    - Added a ssl->type, which is one of SSL_ST_CONNECT or
      SSL_ST_ACCEPT.  I had to add it so I could tell if I was
      a connect or an accept after the handshake had finished.
    - SSL_get_client_CA_list(SSL *s) now returns the CA names
      passed by the server if called by a client side SSL.
 05-Jul-97
    - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
      0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
 04-Jul-97
    - Fixed some things in X509_NAME_add_entry(), thanks to
      Matthew Donald <matthew@world.net>.
    - I had a look at the cipher section and though that it was a
      bit confused, so I've changed it.
    - I was not setting up the RC4-64-MD5 cipher correctly.  It is
      a MS special that appears in exported MS Money.
    - Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
      spec.  I was missing the two byte length header for the
      ClientDiffieHellmanPublic value.  This is a packet sent from
      the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
      option will enable SSLeay server side SSLv3 accept either
      the correct or my 080 packet format.
    - Fixed a few typos in crypto/pem.org.
 02-Jul-97
    - Alias mapping for EVP_get_(digest|cipher)byname is now
      performed before a lookup for actual cipher.  This means
      that an alias can be used to 're-direct' a cipher or a
      digest.
    - ASN1_read_bio() had a bug that only showed up when using a
      memory BIO.  When EOF is reached in the memory BIO, it is
      reported as a -1 with BIO_should_retry() set to true.
 01-Jul-97
    - Fixed an error in X509_verify_cert() caused by my
      miss-understanding how 'do { contine } while(0);' works.
      Thanks to Emil Sit <sit@mit.edu> for educating me :-)
 30-Jun-97
    - Base64 decoding error.  If the last data line did not end with
      a '=', sometimes extra data would be returned.
    - Another 'cut and paste' bug in x509.c related to setting up the
      STDout BIO.
 27-Jun-97
    - apps/ciphers.c was not printing due to an editing error.
    - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
      a library build error in util/mk1mf.pl
 26-Jun-97
    - Still did not have the auto 'experimental' code removal
      script correct.
    - A few header tweaks for Watcom 11.0 under Win32 from
      Rolf Lindemann <Lindemann@maz-hh.de>
    - 0 length OCTET_STRING bug in asn1_parse
    - A minor fix with an non-existent function in the MS .def files.
    - A few changes to the PKCS7 stuff.
 25-Jun-97
    SSLeay 0.8.0 finally it gets released.
 24-Jun-97
    Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
    use a temporary RSA key.  This is experimental and needs some more work.
    Fixed a few Win16 build problems.
 23-Jun-97
    SSLv3 bug. I was not doing the 'lookup' of the CERT structure
    correctly. I was taking the SSL->ctx->default_cert when I should
    have been using SSL->cert. The bug was in ssl/s3_srvr.c
 20-Jun-97
    X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
    rest of the library. Even though I had the code required to do
    it correctly, apps/req.c was doing the wrong thing.  I have fixed
    and tested everything.
    Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
 19-Jun-97
    Fixed a bug in the SSLv2 server side first packet handling. When
    using the non-blocking test BIO, the ssl->s2->first_packet flag
    was being reset when a would-block failure occurred when reading
    the first 5 bytes of the first packet. This caused the checking
    logic to run at the wrong time and cause an error.
    Fixed a problem with specifying cipher. If RC4-MD5 were used,
    only the SSLv3 version would be picked up.  Now this will pick
    up both SSLv2 and SSLv3 versions. This required changing the
    SSL_CIPHER->mask values so that they only mask the ciphers,
    digests, authentication, export type and key-exchange algorithms.
    I found that when a SSLv23 session is established, a reused
    session, of type SSLv3 was attempting to write the SSLv2 
    ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
    method has been modified so it will only write out cipher which
    that method knows about.  
 Changes between 0.8.0 and 0.8.1
  *) Mostly bug fixes. 
     There is an Ephemeral DH cipher problem which is fixed.
 SSLeay 0.8.0
 This version of SSLeay has quite a lot of things different from the
 previous version.
 Basically check all callback parameters, I will be producing documentation
 about how to use things in th future.  Currently I'm just getting 080 out
 the door.  Please not that there are several ways to do everything, and
 most of the applications in the apps directory are hybrids, some using old
 methods and some using new methods.
 Have a look in demos/bio for some very simple programs and
 apps/s_client.c and apps/s_server.c for some more advanced versions.
 Notes are definitly needed but they are a week or so away.
 Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
 ---
 Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
 get those people that want to move to using the new code base off to
 a quick start.
 Note that Eric has tidied up a lot of the areas of the API that were
 less than desirable and renamed quite a few things (as he had to break
 the API in lots of places anyrate). There are a whole pile of additional
 functions for making dealing with (and creating) certificates a lot
 cleaner.
 01-Jul-97
 Tim Hudson
 tjh@cryptsoft.com
 ---8<---
 To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
 use something like the following (assuming you #include "crypto.h" which
 is something that you really should be doing).
 #if SSLEAY_VERSION_NUMBER >= 0x0800
 #define SSLEAY8
 #endif
 buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
            too if you are working with BIO internal stuff (as distinct
        from simply using the interface in an opaque manner)
 #include "bio.h"    - required along with "buffer.h" if you write
              your own BIO routines as the buffer and bio
              stuff that was intermixed has been separated
              out 
 envelope.h -> evp.h  (which should have been done ages ago)
 Initialisation ... don't forget these or you end up with code that
 is missing the bits required to do useful things (like ciphers):
 SSLeay_add_ssl_algorithms()
 (probably also want SSL_load_error_strings() too but you should have
 already had that call in place)
 SSL_CTX_new()   - requires an extra method parameter
              SSL_CTX_new(SSLv23_method()) 
              SSL_CTX_new(SSLv2_method()) 
              SSL_CTX_new(SSLv3_method()) 
          OR to only have the server or the client code
              SSL_CTX_new(SSLv23_server_method()) 
              SSL_CTX_new(SSLv2_server_method()) 
              SSL_CTX_new(SSLv3_server_method()) 
          or  
              SSL_CTX_new(SSLv23_client_method()) 
              SSL_CTX_new(SSLv2_client_method()) 
              SSL_CTX_new(SSLv3_client_method()) 
 SSL_set_default_verify_paths() ... renamed to the more appropriate
 SSL_CTX_set_default_verify_paths()
 If you want to use client certificates then you have to add in a bit
 of extra stuff in that a SSLv3 server sends a list of those CAs that
 it will accept certificates from ... so you have to provide a list to
 SSLeay otherwise certain browsers will not send client certs.
 SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
 X509_NAME_oneline(X)    -> X509_NAME_oneline(X,NULL,0)  
               or provide a buffer and size to copy the
               result into
 X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
          notes on X509_NAME structure changes too)
 VERIFICATION CODE
 =================
 The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
 more accurately reflect things.
 The verification callback args are now packaged differently so that
 extra fields for verification can be added easily in future without
 having to break things by adding extra parameters each release :-)
 X509_cert_verify_error_string -> X509_verify_cert_error_string
 BIO INTERNALS
 =============
 Eric has fixed things so that extra flags can be introduced in
 the BIO layer in future without having to play with all the BIO
 modules by adding in some macros.
 The ugly stuff using 
    b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
 becomes
    BIO_clear_retry_flags(b)
    b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
 becomes
    BIO_set_retry_read(b)
 Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
 OTHER THINGS
 ============
 X509_NAME has been altered so that it isn't just a STACK ... the STACK
 is now in the "entries" field ... and there are a pile of nice functions
 for getting at the details in a much cleaner manner.
 SSL_CTX has been altered ... "cert" is no longer a direct member of this
 structure ... things are now down under "cert_store" (see x509_vfy.h) and
 things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
 If your code "knows" about this level of detail then it will need some 
 surgery.
 If you depending on the incorrect spelling of a number of the error codes
 then you will have to change your code as these have been fixed.
 ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
 has been all along so this makes things clearer.
 ify_cert_error_string(ctx->error));
 SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
            and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
 Changes between 0.7.x and 0.8.0
  *) There have been lots of changes, mostly the addition of SSLv3.
     There have been many additions from people and amongst
     others, C2Net has assisted greatly.
 Changes between 0.7.x and 0.7.x
  *) Internal development version only
 SSLeay 0.6.6 13-Jan-1997
 The main additions are
 - assember for x86 DES improvments.
  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
  loop and the IP/FP modifications are from
  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
  contribution.
 - The 'DES macros' introduced in 0.6.5 now have 3 types.
  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
  is best and there is a summery of mine in crypto/des/options.txt
 - A few bug fixes.
 - Added blowfish.  It is not used by SSL but all the other stuff that
  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
  the 'Configure' script.
 - There is now a 'get client certificate' callback which can be
  'non-blocking'.  If more details are required, let me know.  It will
  documented more in SSLv3 when I finish it.
 - Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
  now tests the ca program.
 - Lots of little things modified and tweaked.
 SSLeay 0.6.5
 After quite some time (3 months), the new release.  I have been very busy
 for the last few months and so this is mostly bug fixes and improvments.
@ -57,7 +580,7 @@ The main changes in this release
 - 'ssleay ciphers' added, lists the default cipher list for SSLeay.
 - RC2 key setup is now compatable with Netscape.
 - Modifed server side of SSL implementation, big performance difference when
-	  using session-id reuse.
+      using session-id reuse.
 0.6.3
@ -186,16 +709,16 @@ The wrappers are easy to write
 function_fp(fp,x)
 FILE *fp;
-	{
+    {
-	BIO *b;
+    BIO *b;
-	int ret;
+    int ret;
-	if ((b=BIO_new(BIO_s_file())) == NULL) error.....
+    if ((b=BIO_new(BIO_s_file())) == NULL) error.....
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
+    BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret=function_bio(b,x);
+    ret=function_bio(b,x);
-	BIO_free(b);
+    BIO_free(b);
-	return(ret);
+    return(ret);
-	}
+    }
 Remember, there are no functions that take FILE * in SSLeay when
 compiled for Windows 3.1 DLL's.
@ -236,8 +759,8 @@ The list of things to read and do
 dgst -d
 s_client -state (this uses a callback placed in the SSL state loop and
-		will be used else-where to help debug/monitor what
+        will be used else-where to help debug/monitor what
-		is happening.)
+        is happening.)
 doc/why.doc
 doc/bio.doc <- hmmm, needs lots of work.
--- a/316
+++ b/316
@ -1,316 +0,0 @@
 16-Mar-98
 	- Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
 	- Lots and lots of changes
 29-Jan-98
 	- ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
 	  Goetz Babin-Ebell <babinebell@trustcenter.de>.
 	- SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
 	  TLS1_VERSION.
 7-Jan-98
 	- Finally reworked the cipher string to ciphers again, so it
 	  works correctly
 	- All the app_data stuff is now ex_data with funcion calls to access.
 	  The index is supplied by a function and 'methods' can be setup
 	  for the types that are called on XXX_new/XXX_free.  This lets
 	  applications get notified on creation and destruction.  Some of
 	  the RSA methods could be implemented this way and I may do so.
 	- Oh yes, SSL under perl5 is working at the basic level.
 15-Dec-97
 	- Warning - the gethostbyname cache is not fully thread safe,
 	  but it should work well enough.
 	- Major internal reworking of the app_data stuff.  More functions
 	  but if you were accessing ->app_data directly, things will
 	  stop working.
 	- The perlv5 stuff is working.  Currently on message digests,
 	  ciphers and the bignum library.
 9-Dec-97
 	- Modified re-negotiation so that server initated re-neg
 	  will cause a SSL_read() to return -1 should retry.
 	  The danger otherwise was that the server and the
 	  client could end up both trying to read when using non-blocking
 	  sockets.
 4-Dec-97
 	- Lots of small changes
 	- Fix for binaray mode in Windows for the FILE BIO, thanks to
 	  Bob Denny <rdenny@dc3.com>
 17-Nov-97
 	- Quite a few internal cleanups, (removal of errno, and using macros
 	  defined in e_os.h).
 	- A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
 	  the automactic naming out output files was being stuffed up.
 29-Oct-97
 	- The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
 	  for x86.
 21-Oct-97
 	- Fixed a bug in the BIO_gethostbyname() cache.
 15-Oct-97
 	- cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
 	  has also been improved.  At this point in time, on the pentium,
 	  md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
 	  des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
 	  is %62 faster.
 12-Oct-97
 	- MEM_BUF_grow() has been fixed so that it always sets the buf->length
 	  to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
 	  way to set the length value correctly.
 10-Oct-97
 	- I now hash for certificate lookup on the raw DER encoded RDN (md5).
 	  This breaks things again :-(.  This is efficent since I cache
 	  the DER encoding of the RDN.
 	- The text DN now puts in the numeric OID instead of UNKNOWN.
 	- req can now process arbitary OIDs in the config file.
 	- I've been implementing md5 in x86 asm, much faster :-).
 	- Started sha1 in x86 asm, needs more work.
 	- Quite a few speedups in the BN stuff.  RSA public operation
 	  has been made faster by caching the BN_MONT_CTX structure.
 	  The calulating of the Ai where A*Ai === 1 mod m was rather
 	  expensive.  Basically a 40-50% speedup on public operations.
 	  The RSA speedup is now 15% on pentiums and %20 on pentium
 	  pro.
 30-Sep-97
 	- After doing some profiling, I added x86 adm for bn_add_words(),
 	  which just adds 2 arrays of longs together.  A %10 speedup
 	  for 512 and 1024 bit RSA on the pentium pro.
 29-Sep-97
 	- Converted the x86 bignum assembler to us the perl scripts
 	  for generation.
 23-Sep-97
 	- If SSL_set_session() is passed a NULL session, it now clears the
 	  current session-id.
 22-Sep-97
 	- Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
 	  certificates.
 	- Bug in crypto/evp/encode.c where by decoding of 65 base64
 	  encoded lines, one line at a time (via a memory BIO) would report
 	  EOF after the first line was decoded.
 	- Fix in X509_find_by_issuer_and_serial() from
 	  Dr Stephen Henson <shenson@bigfoot.com>
 19-Sep-97
 	- NO_FP_API and NO_STDIO added.
 	- Put in sh config command.  It auto runs Configure with the correct
 	  parameters.
 18-Sep-97
 	- Fix x509.c so if a DSA cert has different parameters to its parent,
 	  they are left in place.  Not tested yet.
 16-Sep-97
 	- ssl_create_cipher_list() had some bugs, fixes from
 	  Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
 	- Fixed a bug in the Base64 BIO, where it would return 1 instead
 	  of -1 when end of input was encountered but should retry.
 	  Basically a Base64/Memory BIO interaction problem.
 	- Added a HMAC set of functions in preporarion for TLS work.
 15-Sep-97
 	- Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
 	- Prime generation spead up %25 (512 bit prime, pentium pro linux)
 	  by using montgomery multiplication in the prime number test.
 11-Sep-97
 	- Ugly bug in ssl3_write_bytes().  Basically if application land
 	  does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
 	  did not check the size and tried to copy the entire buffer.
 	  This would tend to cause memory overwrites since SSLv3 has
 	  a maximum packet size of 16k.  If your program uses
 	  buffers <= 16k, you would probably never see this problem.
 	- Fixed a new errors that were cause by malloc() not returning
 	  0 initialised memory..
 	- SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
 	  SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
 	  since this flags stops SSLeay being able to handle client
 	  cert requests correctly.
 08-Sep-97
 	- SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
 	  on, the SSL server routines will not use a SSL_SESSION that is
 	  held in it's cache.  This in intended to be used with the session-id
 	  callbacks so that while the session-ids are still stored in the
 	  cache, the decision to use them and how to look them up can be
 	  done by the callbacks.  The are the 'new', 'get' and 'remove'
 	  callbacks.  This can be used to determine the session-id
 	  to use depending on information like which port/host the connection
 	  is coming from.  Since the are also SSL_SESSION_set_app_data() and
 	  SSL_SESSION_get_app_data() functions, the application can hold
 	  information against the session-id as well.
 03-Sep-97
 	- Added lookup of CRLs to the by_dir method,
 	  X509_load_crl_file() also added.  Basically it means you can
 	  lookup CRLs via the same system used to lookup certificates.
 	- Changed things so that the X509_NAME structure can contain
 	  ASN.1 BIT_STRINGS which is required for the unique
 	  identifier OID.
 	- Fixed some problems with the auto flushing of the session-id
 	  cache.  It was not occuring on the server side.
 02-Sep-97
 	- Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
 	  which is the maximum number of entries allowed in the
 	  session-id cache.  This is enforced with a simple FIFO list.
 	  The default size is 20*1024 entries which is rather large :-).
 	  The Timeout code is still always operating.
 01-Sep-97
 	- Added an argument to all the 'generate private key/prime`
 	  callbacks.  It is the last parameter so this should not
 	  break existing code but it is needed for C++.
 	- Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
 	  BIO.  This lets the BIO read and write base64 encoded data
 	  without inserting or looking for '\n' characters.  The '-A'
 	  flag turns this on when using apps/enc.c.
 	- RSA_NO_PADDING added to help BSAFE functionality.  This is a
 	  very dangerous thing to use, since RSA private key
 	  operations without random padding bytes (as PKCS#1 adds) can
 	  be attacked such that the private key can be revealed.
 	- ASN.1 bug and rc2-40-cbc and rc4-40 added by
 	  Dr Stephen Henson <shenson@bigfoot.com>
 31-Aug-97 (stuff added while I was away)	
 	- Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
 	- RSA_flags() added allowing bypass of pub/priv match check
 	  in ssl/ssl_rsa.c - Tim Hudson.
 	- A few minor bugs.
 SSLeay 0.8.1 released.
 19-Jul-97
 	- Server side initated dynamic renegotiation is broken.  I will fix
 	  it when I get back from holidays.
 15-Jul-97
 	- Quite a few small changes.
 	- INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
 09-Jul-97
 	- Added 2 new values to the SSL info callback.
 	  SSL_CB_START which is passed when the SSL protocol is started
 	  and SSL_CB_DONE when it has finished sucsessfully.
 08-Jul-97
 	- Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
 	  that related to DSA public/private keys.
 	- Added all the relevent PEM and normal IO functions to support
 	  reading and writing RSAPublic keys.
 	- Changed makefiles to use ${AR} instead of 'ar r'
 07-Jul-97
 	- Error in ERR_remove_state() that would leave a dangling reference
 	  to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
 	- s_client now prints the X509_NAMEs passed from the server
 	  when requesting a client cert.
 	- Added a ssl->type, which is one of SSL_ST_CONNECT or
 	  SSL_ST_ACCEPT.  I had to add it so I could tell if I was
 	  a connect or an accept after the handshake had finished.
 	- SSL_get_client_CA_list(SSL *s) now returns the CA names
 	  passed by the server if called by a client side SSL.
 05-Jul-97
 	- Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
 	  0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
 04-Jul-97
 	- Fixed some things in X509_NAME_add_entry(), thanks to
 	  Matthew Donald <matthew@world.net>.
 	- I had a look at the cipher section and though that it was a
 	  bit confused, so I've changed it.
 	- I was not setting up the RC4-64-MD5 cipher correctly.  It is
 	  a MS special that appears in exported MS Money.
 	- Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
 	  spec.  I was missing the two byte length header for the
 	  ClientDiffieHellmanPublic value.  This is a packet sent from
 	  the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
 	  option will enable SSLeay server side SSLv3 accept either
 	  the correct or my 080 packet format.
 	- Fixed a few typos in crypto/pem.org.
 02-Jul-97
 	- Alias mapping for EVP_get_(digest|cipher)byname is now
 	  performed before a lookup for actual cipher.  This means
 	  that an alias can be used to 're-direct' a cipher or a
 	  digest.
 	- ASN1_read_bio() had a bug that only showed up when using a
 	  memory BIO.  When EOF is reached in the memory BIO, it is
 	  reported as a -1 with BIO_should_retry() set to true.
 01-Jul-97
 	- Fixed an error in X509_verify_cert() caused by my
 	  miss-understanding how 'do { contine } while(0);' works.
 	  Thanks to Emil Sit <sit@mit.edu> for educating me :-)
 30-Jun-97
 	- Base64 decoding error.  If the last data line did not end with
 	  a '=', sometimes extra data would be returned.
 	- Another 'cut and paste' bug in x509.c related to setting up the
 	  STDout BIO.
 27-Jun-97
 	- apps/ciphers.c was not printing due to an editing error.
 	- Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
 	  a library build error in util/mk1mf.pl
 26-Jun-97
 	- Still did not have the auto 'experimental' code removal
 	  script correct.
 	- A few header tweaks for Watcom 11.0 under Win32 from
 	  Rolf Lindemann <Lindemann@maz-hh.de>
 	- 0 length OCTET_STRING bug in asn1_parse
 	- A minor fix with an non-existent function in the MS .def files.
 	- A few changes to the PKCS7 stuff.
 25-Jun-97
 	SSLeay 0.8.0 finally it gets released.
 24-Jun-97
 	Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
 	use a temporary RSA key.  This is experimental and needs some more work.
 	Fixed a few Win16 build problems.
 23-Jun-97
 	SSLv3 bug. I was not doing the 'lookup' of the CERT structure
 	correctly. I was taking the SSL->ctx->default_cert when I should
 	have been using SSL->cert. The bug was in ssl/s3_srvr.c
 20-Jun-97
 	X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
 	rest of the library. Even though I had the code required to do
 	it correctly, apps/req.c was doing the wrong thing.  I have fixed
 	and tested everything.
 	Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
 19-Jun-97
 	Fixed a bug in the SSLv2 server side first packet handling. When
 	using the non-blocking test BIO, the ssl->s2->first_packet flag
 	was being reset when a would-block failure occurred when reading
 	the first 5 bytes of the first packet. This caused the checking
 	logic to run at the wrong time and cause an error.
 	Fixed a problem with specifying cipher. If RC4-MD5 were used,
 	only the SSLv3 version would be picked up.  Now this will pick
 	up both SSLv2 and SSLv3 versions. This required changing the
 	SSL_CIPHER->mask values so that they only mask the ciphers,
 	digests, authentication, export type and key-exchange algorithms.
 	I found that when a SSLv23 session is established, a reused
 	session, of type SSLv3 was attempting to write the SSLv2 
 	ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
 	method has been modified so it will only write out cipher which
 	that method knows about.  
--- a/HISTORY.090
+++ b/HISTORY.090
@ -1,7 +0,0 @@
 -	A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes
 	sent in the client random, thanks to 
 	Edward Bishop <ebishop@spyglass.com>
 -	Changed some BIGNUM api stuff.
 -	I Deleted the HISTORY.090 I was working on and when I found out, it was
 	permanently gone :-(
--- a/INSTALL.W32
+++ b/INSTALL.W32
--- a/59
+++ b/59
@ -1,3 +1,62 @@
 /* ====================================================================
 * Copyright (c) 1998 The OpenTLS Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenTLS Project
 *    for use in the OpenTLS Toolkit. (http://www.opentls.org/)"
 *
 * 4. The names "OpenTLS Toolkit" and "OpenTLS Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@opentls.org.
 *
 * 5. Products derived from this software may not be called "OpenTLS"
 *    nor may "OpenTLS" appear in their names without prior written
 *    permission of the OpenTLS Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenTLS Project
 *    for use in the OpenTLS Toolkit (http://www.opentls.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OPENTLS PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OPENTLS PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric A. Young
 * (eay@cryptsoft.com). This product includes software written by Tim J.
 * Hudson (tjh@cryptsoft.com).
 */
 __________________________________________________________________________
                             Old SSLeay License
 __________________________________________________________________________
 Copyright (C) 1997 Eric Young (eay@cryptsoft.com)
 All rights reserved.
--- a/74
+++ b/74
@ -1,11 +1,11 @@
 RELATIVE_DIRECTORY=.
 AR=ar r
-BASENAME=SSLeay
+BASENAME=opentls
 BF_ENC=bf_enc.o
 BN_ASM=bn_asm.o
 CAST_ENC=c_enc.o
-CC=cl
+CC=cc
-CFLAG=
+CFLAG=-O -DNOPROTO
 DES_ENC=des_enc.o fcrypt_b.o
 DIRS=crypto ssl rsaref apps test tools
 EDIRS=times doc bugs util include certs ms shlib mt demos perl sf dep
@ -20,22 +20,21 @@ MAKEFILE=Makefile.ssl
 MAN1=1
 MAN3=3
 MD5_ASM_OBJ=
-MISC=COPYRIGHT Configure HISTORY.090 HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 README.090 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com config PATENTS
+NAME=opentls-0.9.1c
 NAME=SSLeay-0.9.1b
 ONEDIRS=out tmp
 PEX_LIBS=-L. -L.. -L../.. -L../../..
-PLATFORM=VC-WIN32
+PLATFORM=dist
 RC4_ENC=rc4_enc.o
 RC5_ENC=rc5_enc.o
 RMD160_ASM_OBJ=
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 proxy comp
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7 comp
 SHA1_ASM_OBJ=
 SHELL=/bin/sh
-TARFILE=SSLeay-0.9.1b.tar
+TARFILE=opentls-0.9.1c.tar
 TOP=.
-VERSION=0.9.1b
+VERSION=0.9.1c
 WDIRS=windows
-WTARFILE=SSLeay-0.9.1b-win.tar
+WTARFILE=opentls-0.9.1c-win.tar
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto
 ALL=Makefile README cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c cryptlib.h date.h crypto.h cryptall.h tmdiff.h
@ -62,7 +61,7 @@ MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 PEX_LIBS=
 RM=/bin/rm -f
-SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 proxy comp
+SDIRS=md2 md5 sha mdc2 hmac ripemd des rc2 rc4 rc5 idea bf cast bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7 comp
 SRC=cryptlib.c mem.c cversion.c ex_data.c tmdiff.c cpt_err.c
 TOP=..
 RELATIVE_DIRECTORY=
@ -506,7 +505,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/bio
-ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c bio.h bss_file.c
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h bss_file.c
 APPS=
 AR=ar r
 CC=cc
@ -521,12 +520,12 @@ HEADER=bio.h bss_file.c
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
-LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o bss_cs4a.o
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
-LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bss_cs4a.c
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
@ -821,31 +820,6 @@ SRC=pk7_lib.c pkcs7err.c pk7_doit.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/proxy
 ALL=Makefile proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c proxy.h
 APPS=
 AR=ar r
 CC=cc
 CFLAG=-g
 CFLAGS=-I.. -I../../include -g
 DIR=proxy
 ERR=proxy
 ERRC=pxy_err
 EXHEADER=proxy.h
 GENERAL=Makefile
 HEADER=proxy.h
 INCLUDES=-I.. -I../../include
 INSTALLTOP=/usr/local/ssl
 LIB=../../libcrypto.a
 LIBOBJ=proxy.o pxy_txt.o bf_proxy.o pxy_conf.o pxy_err.o
 LIBSRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
 SRC=proxy.c pxy_txt.c bf_proxy.c pxy_conf.c pxy_err.c
 TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=crypto/comp
 ALL=Makefile comp_lib.c c_rle.c c_zlib.c comp.h
 APPS=
@ -872,7 +846,7 @@ TEST=
 TOP=../..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=ssl
-ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 APPS=
 AR=ar r
 CC=cc
@ -887,12 +861,12 @@ HEADER=ssl.h ssl2.h ssl3.h ssl23.h tls1.h ssl_locl.h
 INCLUDES=-I../crypto -I../include
 INSTALLTOP=/usr/local/ssl
 LIB=../libssl.a
-LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o pxy_ssl.o ssl_err.o
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o t1_meth.o t1_srvr.o t1_clnt.o t1_lib.o t1_enc.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
-LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 MAKE=make -f Makefile.ssl
 MAKEDEPEND=makedepend -f Makefile.ssl
 MAKEFILE=Makefile.ssl
-SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c pxy_ssl.c ssl_err.c
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_enc.c s2_pkt.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_enc.c s3_pkt.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c t1_meth.c t1_srvr.c t1_clnt.c t1_lib.c t1_enc.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
 TEST=ssltest.c
 TOP=..
 RELATIVE_DIRECTORY=
@ -922,7 +896,7 @@ TEST=
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=apps
-ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
 A_OBJ=apps.o
 A_SRC=apps.c
 CC=cc
@ -935,8 +909,8 @@ EXE=ssleay
 EXHEADER=
 EX_LIBS=
 E_EXE=verify asn1pars req dgst dh enc gendh errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
-E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o s_ speed.o s_time.o apps.o s_cb.o s_socket.o bf_perm.o version.o sess_id.o ciphers.o
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
-E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 GENERAL=Makefile
 HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h 
 INCLUDES=-I../include
@ -950,10 +924,10 @@ PEX_LIBS=
 PROGS=ssleay.c
 RM=/bin/rm -f
 SCRIPTS=CA.sh der_chop
-SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c bf_perm.c version.c sess_id.c ciphers.c
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
 SSLEAY=ssleay
-S_OBJ=s_cb.o s_socket.o bf_perm.o
+S_OBJ=s_cb.o s_socket.o
-S_SRC=s_cb.c s_socket.c bf_perm.c
+S_SRC=s_cb.c s_socket.c
 TOP=..
 RELATIVE_DIRECTORY=
 RELATIVE_DIRECTORY=test
--- a/Makefile.ssl
+++ b/Makefile.ssl
@ -1,7 +1,7 @@
 #
 # Makefile for all the SSL related library routines and utilities
-VERSION = 0.9.1b
+VERSION = 0.9.1c
-PLATFORM=debug
+PLATFORM=dist
 #
 # make install will install:
 #   libraries into $INSTALLTOP/lib
@ -62,11 +62,11 @@ PLATFORM=debug
 # equal 4.
 # PKCS1_CHECK - pkcs1 tests.
-CC= gcc
+CC= cc
 #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror
+CFLAG= -O -DNOPROTO
 PEX_LIBS= -L. -L.. -L../.. -L../../..
-EX_LIBS= -lefence
+EX_LIBS= 
 AR=ar r
 # Set BN_ASM to bn_asm.o if you want to use the C version
@ -173,16 +173,11 @@ SHELL=/bin/sh
 TOP=    .
 ONEDIRS=out tmp
 EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep
 MISC=   COPYRIGHT Configure HISTORY.090	HISTORY.066 INSTALL Makefile.ssl \
 	Makefile \
 	README TODO HISTORY README.066 README.080 README.090 \
 	VERSION PROBLEMS MINFO makefile.one e_os.h \
 	MICROSOFT makevms.com config PATENTS
 WDIRS=  windows
 LIBS=   libcrypto.a libssl.a 
 GENERAL=        Makefile
-BASENAME=       SSLeay
+BASENAME=       opentls
 NAME=           $(BASENAME)-$(VERSION)
 TARFILE=        $(NAME).tar
 WTARFILE=       $(NAME)-win.tar
@ -292,16 +287,13 @@ errors:
 	done;
 tar:
-	@(cd ..;\
+	@gtar --no-recursion -cvf - \
-	mv $(BASENAME) $(NAME); \
+		`find * -depth -print | grep -v CVS | grep -v .cvsignore | sort` |\
-	export STUFF; \
+	tardy --user_number=0  --user_name=rse      \
-	for i in $(MISC) $(DIRS) $(EDIRS) $(ONEDIRS) ;\
+	      --group_number=0 --group_name=opentls \
-	do \
+	      --prefix=opentls-$(VERSION) - |\
-		STUFF="$$STUFF $(NAME)/$$i"; \
+	gzip --best >../$(TARFILE).gz; \
-	done; \
+	ls -l ../$(TARFILE).gz
 	tar cf $(NAME)/$(TARFILE) $$STUFF; \
 	mv $(NAME) $(BASENAME) ) 
 	gzip -f $(TARFILE)
 dist:   
 	perl Configure dist
--- a/252
+++ b/252
@ -1,173 +1,119 @@
 		SSLeay 0.9.1a 06-Jul-1998
 		Copyright (c) 1997, Eric Young
 		All rights reserved.
-This directory contains Eric Young's (eay@cryptsoft.com) implementation
+ OpenTLS 0.9.1c 22-Dec-1998
 of SSL and supporting libraries.
-The current version of this library is available from
+ Copyright (c) 1998 The OpenTLS Project
-    ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+ Copyright (c) 1995-1998 Eric Young
 All rights reserved.
-There are patches to a number of internet applications which can be found in
+ The OpenTLS Project is a collaborative effort to develop a robust,
-    ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
+ commercial-grade, fully featured, and Open Source toolkit implementing the
 Transport Layer Security (TLS v1) and Secure Sockets Layer (SSL v2/v3)
 protocols with full-strength cryptography world-wide. The project is managed
 by a worldwide community of volunteers that use the Internet to communicate,
 plan, and develop the OpenTLS tookit and its related documentation. 
-A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com> 
+ OpenTLS is based on the excellent SSLeay library developed from Eric A. Young
-can be found at 
+ and Tim J. Hudson.  The OpenTLS toolkit is licensed under a BSD-style licence,
-    http://www.psy.uq.oz.au/~ftp/Crypto
+ which basically means that you are free to get and use it for commercial and
 non-commercial purposes. 
-Additional documentation is being slowly written by Eric Young, and is being
+ The package includes:
 added to http://www.cryptsoft.com/ssleay/doc.  It will normally also be
 available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay
-This Library and programs are FREE for commercial and non-commercial
+ libssl.a:
-usage.  The only restriction is that I must be attributed with the
+     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
-development of this code.  See the COPYRIGHT file for more details.
+     both SSLv2, SSLv3 and TLSv1 in the one server.
 Donations would still be accepted :-).
-THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6
+ libcrypto.a:
     General encryption and X.509 stuff needed by TLS/SSL but not actually
     logically part of it. It includes routines for the following:
-The package includes
+     Ciphers
        libdes - EAY's libdes DES encryption package which has been floating
                 around the net for a few years.  It includes 15
                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
                 cbc, cfb and ofb; pcbc and a more general form of cfb and
                 ofb) including desx in cbc mode, a fast crypt(3), and
                 routines to read passwords from the keyboard.
        RC4 encryption,
        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
-libssl.a:
+     Digests
-	My implementation of SSLv2, SSLv3 and the required code to support
+        MD5 and MD2 message digest algorithms, fast implementations,
-	both SSLv2 and SSLv3 in the one server.
+        SHA (SHA-0) and SHA-1 message digest algorithms,
        MDC2 message digest. A DES based hash that is polular on smart cards.
-libcrypto.a:
+     Public Key
-	General encryption and X509 stuff needed by SSL but not
+        RSA encryption/decryption/generation.  
-	actually logically part of it.  It includes routines for the following:
+            There is no limit on the number of bits.
        DSA encryption/decryption/generation.   
            There is no limit on the number of bits.
        Diffie-Hellman key-exchange/key generation.  
            There is no limit on the number of bits.
-  Ciphers
+     X.509v3 certificates
-	libdes - My libdes DES encryption package which has been floating
+        X509 encoding/decoding into/from binary ASN1 and a PEM
-		around the net for a few years.  It includes 15
+             based ascii-binary encoding which supports encryption with a
-		'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+             private key.  Program to generate RSA and DSA certificate
-		cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
+             requests and to generate RSA and DSA certificates.
 		including desx in cbc mode,
 		a fast crypt(3), and routines to read passwords from the
 		keyboard.
 	RC4 encryption,
 	RC2 encryption 		- 4 different modes, ecb, cbc, cfb and ofb.
 	Blowfish encryption	- 4 different modes, ecb, cbc, cfb and ofb.
 	IDEA encryption		- 4 different modes, ecb, cbc, cfb and ofb.
-  Digests
+     Systems
-	MD5 and MD2 message digest algorithms, fast implementations,
+        The normal digital envelope routines and base64 encoding.  Higher
-	SHA (SHA-0) and SHA-1 message digest algorithms,
+        level access to ciphers and digests by name.  New ciphers can be
-	MDC2 message digest.  A DES based hash that is polular on smart cards.
+        loaded at run time.  The BIO io system which is a simple non-blocking
        IO abstraction.  Current methods supported are file descriptors,
        sockets, socket accept, socket connect, memory buffer, buffering, SSL
        client/server, file pointer, encryption, digest, non-blocking testing
        and null.
-  Public Key
+     Data structures
-	RSA encryption/decryption/generation.  There is no limit
+        A dynamically growing hashing system
-		on the number of bits.
+        A simple stack.
-	DSA encryption/decryption/generation.   There is no limit on the
+        A Configuration loader that uses a format similar to MS .ini files.
 		number of bits.
 	Diffie-Hellman key-exchange/key generation.  There is no limit
 		on the number of bits.
-  X509v3 certificates
+ Programs in this package include:
 	X509 encoding/decoding into/from binary ASN1 and a PEM
 		based ascii-binary encoding which supports encryption with
 		a private key.
 	Program to generate RSA and DSA certificate requests and to
 		generate RSA and DSA certificates.
-  Systems
+     enc     - a general encryption program that can encrypt/decrypt using
-  	The normal digital envelope routines and base64 encoding.
+               one of 17 different cipher/mode combinations.  The
-	Higher level access to ciphers and digests by name.  New ciphers can be
+               input/output can also be converted to/from base64
-		loaded at run time.
+               ascii encoding.
-	The BIO io system which is a simple non-blocking IO abstraction.
+     dgst    - a generate message digesting program that will generate
-		Current methods supported are file descriptors, sockets,
+               message digests for any of md2, md5, sha (sha-0 or sha-1)
-		socket accept, socket connect, memory buffer, buffering,
+               or mdc2.
-		SSL client/server, file pointer, encryption, digest,
+     asn1parse - parse and display the structure of an asn1 encoded
-		non-blocking testing and null.
+               binary file.
-  Data structures
+     rsa     - Manipulate RSA private keys.
-  	A dynamically growing hashing system
+     dsa     - Manipulate DSA private keys.
-	A simple stack.
+     dh      - Manipulate Diffie-Hellman parameter files.
-	A Configuration loader that uses a format similar to MS .ini files.
+     dsaparam- Manipulate and generate DSA parameter files.
-
+     crl     - Manipulate certificate revocation lists.
-Programs in this package include
+     crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
-	enc	- a general encryption program that can encrypt/decrypt using
+     x509    - Manipulate x509 certificates, self-sign certificates.
-		one of 17 different cipher/mode combinations.  The
+     req     - Manipulate PKCS#10 certificate requests and also
-		input/output can also be converted to/from base64
+               generate certificate requests.
-		ascii encoding.
+     genrsa  - Generates an arbitrary sized RSA private key.
-	dgst	- a generate message digesting program that will generate
+     gendh   - Generates a set of Diffie-Hellman parameters, the prime
-		message digests for any of md2, md5, sha (sha-0 or sha-1)
+               will be a strong prime.
-		or mdc2.
+     ca      - Create certificates from PKCS#10 certificate requests.
-	asn1parse - parse and display the structure of an asn1 encoded
+               This program also maintains a database of certificates
-		binary file.
+               issued.
-	rsa	- Manipulate RSA private keys.
+     verify  - Check x509 certificate signatures.
-	dsa	- Manipulate DSA private keys.
+     speed   - Benchmark SSLeay's ciphers.
-	dh	- Manipulate Diffie-Hellman parameter files.
+     s_server- A test SSL server.
-	dsaparam- Manipulate and generate DSA parameter files.
+     s_client- A test SSL client.
-	crl	- Manipulate certificate revocation lists.
+     s_time  - Benchmark SSL performance of SSL server programs.
-	crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+     errstr  - Convert from SSLeay hex error codes to a readable form.
 	x509	- Manipulate x509 certificates, self-sign certificates.
 	req	- Manipulate PKCS#10 certificate requests and also
 		  generate certificate requests.
 	genrsa  - Generates an arbitrary sized RSA private key.
 	gendh	- Generates a set of Diffie-Hellman parameters, the prime
 		  will be a strong prime.
 	ca	- Create certificates from PKCS#10 certificate requests.
 		  This program also maintains a database of certificates
 		  issued.
 	verify	- Check x509 certificate signatures.
 	speed	- Benchmark SSLeay's ciphers.
 	s_server- A test SSL server.
 	s_client- A test SSL client.
 	s_time	- Benchmark SSL performance of SSL server programs.
 	errstr	- Convert from SSLeay hex error codes to a readable form.
 Documents avaliable are
 	A Postscript and html reference manual
 	(written by Tim Hudson tjh@cryptsoft.com).
 	A list of text protocol references I used.
 	An initial version of the library manual.
 To install this package, read the INSTALL file.
-For the Microsoft word, read MICROSOFT
+For the Microsoft world, read INSTALL.W32 file.
 This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
 SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
 LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.
-Multithreading has been tested under Windows NT and Solaris 2.5.1
+For people in the USA, it is possible to compile SSLeay to use RSA Inc.'s
 public key library, RSAref.  From my understanding, it is claimed by RSA Inc.
 to be illegal to use my public key routines inside the USA.  Read
 doc/rsaref.doc on how to build with RSAref.
-Due to time constraints, the current release has only be rigorously tested
+Read the documentation in the doc directory.  It is quite rough, but it lists
-on Solaris 2.[45], Linux and Windows NT.
+the functions, you will probably have to look at the code to work out how to
-
+used them.  I will be working on documentation.  Look at the example programs.
 For people in the USA, it is possible to compile SSLeay to use RSA
 Inc.'s public key library, RSAref.  From my understanding, it is
 claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
 Read doc/rsaref.doc on how to build with RSAref.
 Read the documentation in the doc directory.  It is quite rough,
 but it lists the functions, you will probably have to look at
 the code to work out how to used them.  I will be working on
 documentation.  Look at the example programs.
 There should be a SSL reference manual which is being put together by
 Tim Hudson (tjh@cryptsoft.com) in the same location as this
 distribution.  This contains a lot more information that is very
 useful.  For a description of X509 Certificates, their use, and
 certification, read rfc1421, rfc1422, rfc1423 and rfc1424.  ssl/README
 also goes over the mechanism.
 We have setup some mailing lists for use by people that are interested
 in helping develop this code and/or ask questions.
    ssl-bugs@mincom.oz.au
    ssl-users@mincom.oz.au
    ssl-bugs-request@mincom.oz.au
    ssl-users-request@mincom.oz.au
 I have recently read about a new form of software, that which is in
 a permanent state of beta release.  Linux and Netscape are 2 good 
 examples of this, and I would also add SSLeay to this category.
 The Current stable release is 0.6.6.  It has a few minor problems.
 0.8.0 is not call compatable so make sure you have the correct version
 of SSLeay to link with.  
 eric (Jun 1997)
 Eric Young (eay@cryptsoft.com)
 86 Taunton St.
 Annerley 4103.
 Australia.
--- a/README.066
+++ b/README.066
@ -1,27 +0,0 @@
 SSLeay 0.6.6 13-Jan-1997
 The main additions are
 - assember for x86 DES improvments.
  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
  loop and the IP/FP modifications are from
  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
  contribution.
 - The 'DES macros' introduced in 0.6.5 now have 3 types.
  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
  is best and there is a summery of mine in crypto/des/options.txt
 - A few bug fixes.
 - Added blowfish.  It is not used by SSL but all the other stuff that
  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
  the 'Configure' script.
 - There is now a 'get client certificate' callback which can be
  'non-blocking'.  If more details are required, let me know.  It will
  documented more in SSLv3 when I finish it.
 - Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
  now tests the ca program.
 - Lots of little things modified and tweaked.
 eric
--- a/README.080
+++ b/README.080
@ -1,147 +0,0 @@
 This version of SSLeay has quite a lot of things different from the
 previous version.
 Basically check all callback parameters, I will be producing documentation
 about how to use things in th future.  Currently I'm just getting 080 out
 the door.  Please not that there are several ways to do everything, and
 most of the applications in the apps directory are hybrids, some using old
 methods and some using new methods.
 Have a look in demos/bio for some very simple programs and
 apps/s_client.c and apps/s_server.c for some more advanced versions.
 Notes are definitly needed but they are a week or so away.
 Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
 ---
 Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
 get those people that want to move to using the new code base off to
 a quick start.
 Note that Eric has tidied up a lot of the areas of the API that were
 less than desirable and renamed quite a few things (as he had to break
 the API in lots of places anyrate). There are a whole pile of additional
 functions for making dealing with (and creating) certificates a lot
 cleaner.
 01-Jul-97
 Tim Hudson
 tjh@cryptsoft.com
 ---8<---
 To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
 use something like the following (assuming you #include "crypto.h" which
 is something that you really should be doing).
 #if SSLEAY_VERSION_NUMBER >= 0x0800
 #define SSLEAY8
 #endif
 buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
            too if you are working with BIO internal stuff (as distinct
 	    from simply using the interface in an opaque manner)
 #include "bio.h"	- required along with "buffer.h" if you write
 			  your own BIO routines as the buffer and bio
 			  stuff that was intermixed has been separated
 			  out 
 envelope.h -> evp.h  (which should have been done ages ago)
 Initialisation ... don't forget these or you end up with code that
 is missing the bits required to do useful things (like ciphers):
 SSLeay_add_ssl_algorithms()
 (probably also want SSL_load_error_strings() too but you should have
 already had that call in place)
 SSL_CTX_new()	- requires an extra method parameter
 		      SSL_CTX_new(SSLv23_method()) 
 		      SSL_CTX_new(SSLv2_method()) 
 		      SSL_CTX_new(SSLv3_method()) 
 		  OR to only have the server or the client code
 		      SSL_CTX_new(SSLv23_server_method()) 
 		      SSL_CTX_new(SSLv2_server_method()) 
 		      SSL_CTX_new(SSLv3_server_method()) 
 		  or  
 		      SSL_CTX_new(SSLv23_client_method()) 
 		      SSL_CTX_new(SSLv2_client_method()) 
 		      SSL_CTX_new(SSLv3_client_method()) 
 SSL_set_default_verify_paths() ... renamed to the more appropriate
 SSL_CTX_set_default_verify_paths()
 If you want to use client certificates then you have to add in a bit
 of extra stuff in that a SSLv3 server sends a list of those CAs that
 it will accept certificates from ... so you have to provide a list to
 SSLeay otherwise certain browsers will not send client certs.
 SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
 X509_NAME_oneline(X)	-> X509_NAME_oneline(X,NULL,0)	
 			   or provide a buffer and size to copy the
 			   result into
 X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
 		  notes on X509_NAME structure changes too)
 VERIFICATION CODE
 =================
 The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
 more accurately reflect things.
 The verification callback args are now packaged differently so that
 extra fields for verification can be added easily in future without
 having to break things by adding extra parameters each release :-)
 X509_cert_verify_error_string -> X509_verify_cert_error_string
 BIO INTERNALS
 =============
 Eric has fixed things so that extra flags can be introduced in
 the BIO layer in future without having to play with all the BIO
 modules by adding in some macros.
 The ugly stuff using 
 	b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
 becomes
 	BIO_clear_retry_flags(b)
 	b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
 becomes
 	BIO_set_retry_read(b)
 Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
 OTHER THINGS
 ============
 X509_NAME has been altered so that it isn't just a STACK ... the STACK
 is now in the "entries" field ... and there are a pile of nice functions
 for getting at the details in a much cleaner manner.
 SSL_CTX has been altered ... "cert" is no longer a direct member of this
 structure ... things are now down under "cert_store" (see x509_vfy.h) and
 things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
 If your code "knows" about this level of detail then it will need some 
 surgery.
 If you depending on the incorrect spelling of a number of the error codes
 then you will have to change your code as these have been fixed.
 ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
 has been all along so this makes things clearer.
 ify_cert_error_string(ctx->error));
 SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
 			and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
--- a/README.090
+++ b/README.090
@ -1,8 +0,0 @@
 10-Apr-1998
 I said the next version would go out at easter, and so it shall.
 I expect a 0.9.1 will follow with portability fixes in the next few weeks.
 This is a quick, meet the deadline.  Look to ssl-users for comments on what
 is new etc.
 eric (about to go bushwalking for the 4 day easter break :-)
--- a/README.PATENTS
+++ b/README.PATENTS
--- a/README.PROBLEMS
+++ b/README.PROBLEMS
--- a/28
+++ b/28
@ -1,28 +0,0 @@
 - The loading of the netscape RC4 encrypted key is a crock of pig pellets.
  It will be reworked along with a nice general mechanism for encrypting
  ASN.1 stuff. [ Jun 96 ] I've cleaned up private keys internally but
  still have not done PKCS#8 support.
 - Winsock support in s_client/s_server for windows nt/3.1 is a crock.
  I will probably not get this fixed for a while, it is just there so
  I could test things.
 - Be able to generate DSS certificates.
 - Add CRL to the X509 verification stuff, this will probably be added with
  SSLv3.
 + X509 callback.  I need to callback the application to retrieve certificates
  and CRL.
 *<- designates the things I'm activly working on.
 +<- designates that which I have next in the queue.
 ====
 X509v3 extensions
 verify certificate chains
 X509 cert lookup methods
 RSA/DSA/DH methods mostly for smart cards
 dsa cert generation
--- a/24
+++ b/24
@ -1,24 +0,0 @@
 SSLeay 0.8.1
 	- Mostly bug fixes.  There is an Ephemeral DH cipher problem which
 	  is fixed.
 SSLeay 0.8.0
 	- New release, for those that are wondering what happend to
 	  0.7.x, call it our internal development version :-)
 	- There have been lots of changes, mostly the addition of SSLv3.
 	- There have been many additions from people and amongst
 	  others, C2Net has assisted greatly.
 SSLeay 0.6.6
 	SSLeay 0.8.0 is not upward compatable with SSLeay 0.6.6, so
 	if your application requires 0.6.6, use it.  There have been
 	lots of bug fixes to 0.8.x that have not been applied to 0.6.6
 	so use 0.8.0+ in preference.
 PORTING 0.6.6 to 0.8.0
 	I'll be documenting this over the next few weeks but as
 	pressures have been increasing for making SSLv3 support
 	available I'm shipping it without this documentation as I
 	basically have not had time to write it (too busy earning a
 	living :-)
--- a/apps/.cvsignore
+++ b/apps/.cvsignore
@ -0,0 +1 @@
 ssleay
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@ -57,7 +57,7 @@
 */
 /* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
- * add the -strparse option which parses nested binarary structures
+ * add the -strparse option which parses nested binary structures
 */
 #include <stdio.h>
--- a/apps/f
+++ b/apps/f
@ -1,5 +0,0 @@
 586
 2481
 1400
 2064
--- a/crypto/.cvsignore
+++ b/crypto/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/Makefile.ssl
+++ b/crypto/Makefile.ssl
@ -54,7 +54,7 @@ top:
 all: date.h lib subdirs
-date.h: ../Makefile.ssl ../VERSION
+date.h: ../Makefile.ssl
 	echo "#define DATE	\"`date`\"" >date.h
 subdirs:
--- a/crypto/asn1/.cvsignore
+++ b/crypto/asn1/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@ -69,7 +69,7 @@ static int asn1_get_length();
 static void asn1_put_length();
 #endif
-char *ASN1_version="ASN1 part of SSLeay 0.9.1a 06-Jul-1998";
+char *ASN1_version="ASN.1 part of SSLeay 0.9.1c 22-Dec-1998";
 int ASN1_check_infinite_end(p,len)
 unsigned char **p;
--- a/crypto/bf/.cvsignore
+++ b/crypto/bf/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/bf/bf_ecb.c
+++ b/crypto/bf/bf_ecb.c
@ -64,7 +64,7 @@
 * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
 */
-char *BF_version="BlowFish part of SSLeay 0.9.1a 06-Jul-1998";
+char *BF_version="BlowFish part of SSLeay 0.9.1c 22-Dec-1998";
 char *BF_options()
 	{
--- a/crypto/bio/.cvsignore
+++ b/crypto/bio/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/bio/bio.err
+++ b/crypto/bio/bio.err
@ -19,9 +19,8 @@
 #define BIO_F_CONN_STATE				 115
 #define BIO_F_FILE_CTRL					 116
 #define BIO_F_MEM_WRITE					 117
-#define BIO_F_SOCKS4A_STATE				 118
+#define BIO_F_SSL_NEW					 118
-#define BIO_F_SSL_NEW					 119
+#define BIO_F_WSASTARTUP				 119
 #define BIO_F_WSASTARTUP				 120
 /* Reason codes. */
 #define BIO_R_ACCEPT_ERROR				 100
@ -40,14 +39,10 @@
 #define BIO_R_NO_PORT_DEFINED				 113
 #define BIO_R_NO_PORT_SPECIFIED				 114
 #define BIO_R_NULL_PARAMETER				 115
-#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH		 116
+#define BIO_R_TAG_MISMATCH				 116
-#define BIO_R_SOCKS_REJECTED_CONNECTION			 117
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 117
-#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER	 118
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 118
-#define BIO_R_SOCKS_UNKNOWN_ERROR			 119
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 119
-#define BIO_R_TAG_MISMATCH				 120
+#define BIO_R_UNINITALISED				 120
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 121
+#define BIO_R_UNSUPPORTED_METHOD			 121
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 122
+#define BIO_R_WSASTARTUP				 122
 #define BIO_R_UNABLE_TO_LISTEN_SOCKET			 123
 #define BIO_R_UNINITALISED				 124
 #define BIO_R_UNSUPPORTED_METHOD			 125
 #define BIO_R_WSASTARTUP				 126
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@ -683,8 +683,8 @@ int BIO_printf();
 #define BIO_F_CONN_STATE				 115
 #define BIO_F_FILE_CTRL					 116
 #define BIO_F_MEM_WRITE					 117
-#define BIO_F_SSL_NEW					 119
+#define BIO_F_SSL_NEW					 118
-#define BIO_F_WSASTARTUP				 120
+#define BIO_F_WSASTARTUP				 119
 /* Reason codes. */
 #define BIO_R_ACCEPT_ERROR				 100
@ -703,17 +703,13 @@ int BIO_printf();
 #define BIO_R_NO_PORT_DEFINED				 113
 #define BIO_R_NO_PORT_SPECIFIED				 114
 #define BIO_R_NULL_PARAMETER				 115
-#define BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH		 116
+#define BIO_R_TAG_MISMATCH				 116
-#define BIO_R_SOCKS_REJECTED_CONNECTION			 117
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 117
-#define BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER	 118
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 118
-#define BIO_R_SOCKS_UNKNOWN_ERROR			 119
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 119
-#define BIO_R_TAG_MISMATCH				 120
+#define BIO_R_UNINITALISED				 120
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 121
+#define BIO_R_UNSUPPORTED_METHOD			 121
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 122
+#define BIO_R_WSASTARTUP				 122
 #define BIO_R_UNABLE_TO_LISTEN_SOCKET			 123
 #define BIO_R_UNINITALISED				 124
 #define BIO_R_UNSUPPORTED_METHOD			 125
 #define BIO_R_WSASTARTUP				 126
 #ifdef  __cplusplus
 }
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@ -81,7 +81,6 @@ static ERR_STRING_DATA BIO_str_functs[]=
 {ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
 {ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
 {ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
 {ERR_PACK(0,BIO_F_SOCKS4A_STATE,0),	"SOCKS4A_STATE"},
 {ERR_PACK(0,BIO_F_SSL_NEW,0),	"SSL_NEW"},
 {ERR_PACK(0,BIO_F_WSASTARTUP,0),	"WSASTARTUP"},
 {0,NULL},
@ -105,10 +104,6 @@ static ERR_STRING_DATA BIO_str_reasons[]=
 {BIO_R_NO_PORT_DEFINED                   ,"no port defined"},
 {BIO_R_NO_PORT_SPECIFIED                 ,"no port specified"},
 {BIO_R_NULL_PARAMETER                    ,"null parameter"},
 {BIO_R_SOCKS_ID_AND_IDENT_DID_NOT_MATCH  ,"socks id and ident did not match"},
 {BIO_R_SOCKS_REJECTED_CONNECTION         ,"socks rejected connection"},
 {BIO_R_SOCKS_UNABLE_TO_TALK_TO_IDENT_SERVER,"socks unable to talk to ident server"},
 {BIO_R_SOCKS_UNKNOWN_ERROR               ,"socks unknown error"},
 {BIO_R_TAG_MISMATCH                      ,"tag mismatch"},
 {BIO_R_UNABLE_TO_BIND_SOCKET             ,"unable to bind socket"},
 {BIO_R_UNABLE_TO_CREATE_SOCKET           ,"unable to create socket"},
--- a/crypto/bn/.cvsignore
+++ b/crypto/bn/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/bn/asm/......add.c
+++ b/crypto/bn/asm/......add.c
@ -1,12 +0,0 @@
 #include <stdio.h>
 	{
 	unsigned long a[10],b[10],c[10];
 	a[0]=0xFFFFFFFF;
 	a[1]=0xFFFFFFFF;
 	b[0]=0xFFFFFFFF;
 	b[1]=0xFFFFFFFF;
 	c[2]=bn_add_words(c,a,b,2);
 	printf("%08X %08X %08X\n",c[2],c[1],c[0]);
 	}
--- a/crypto/bn/asm/a.out
+++ b/crypto/bn/asm/a.out
--- a/crypto/bn/bn.err
+++ b/crypto/bn/bn.err
@ -5,18 +5,20 @@
 #define BN_F_BN_BLINDING_INVERT				 101
 #define BN_F_BN_BLINDING_NEW				 102
 #define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BL_CTX_INIT				 104
-#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_BL_CTX_NEW				 105
-#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_BN2DEC					 106
-#define BN_F_BN_DIV					 107
+#define BN_F_BN_BN2HEX					 107
-#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_CTX_NEW					 108
-#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_DIV					 109
-#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_EXPAND2					 110
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MOD_EXP_MONT				 111
-#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_MOD_INVERSE				 112
-#define BN_F_BN_NEW					 113
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 113
-#define BN_F_BN_RAND					 114
+#define BN_F_BN_MPI2BN					 114
-#define BN_F_BN_USUB					 115
+#define BN_F_BN_NEW					 115
 #define BN_F_BN_RAND					 116
 #define BN_F_BN_USUB					 117
 /* Reason codes. */
 #define BN_R_ARG2_LT_ARG3				 100
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@ -79,7 +79,7 @@ extern "C" {
 #define BN_MUL_COMBA
 #define BN_SQR_COMBA
-#undef BN_RECURSION
+#define BN_RECURSION
 #define RECP_MUL_MOD
 #define MONT_MUL_MOD
@ -566,18 +566,20 @@ int	BN_div_recp();
 #define BN_F_BN_BLINDING_INVERT				 101
 #define BN_F_BN_BLINDING_NEW				 102
 #define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BL_CTX_INIT				 104
-#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_BL_CTX_NEW				 105
-#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_BN2DEC					 106
-#define BN_F_BN_DIV					 107
+#define BN_F_BN_BN2HEX					 107
-#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_CTX_NEW					 108
-#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_DIV					 109
-#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_EXPAND2					 110
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MOD_EXP_MONT				 111
-#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_MOD_INVERSE				 112
-#define BN_F_BN_NEW					 113
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 113
-#define BN_F_BN_RAND					 114
+#define BN_F_BN_MPI2BN					 114
-#define BN_F_BN_USUB					 115
+#define BN_F_BN_NEW					 115
 #define BN_F_BN_RAND					 116
 #define BN_F_BN_USUB					 117
 /* Reason codes. */
 #define BN_R_ARG2_LT_ARG3				 100
--- a/crypto/bn/bn.org
+++ b/crypto/bn/bn.org
@ -566,18 +566,20 @@ int	BN_div_recp();
 #define BN_F_BN_BLINDING_INVERT				 101
 #define BN_F_BN_BLINDING_NEW				 102
 #define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
+#define BN_F_BN_BL_CTX_INIT				 104
-#define BN_F_BN_BN2HEX					 105
+#define BN_F_BN_BL_CTX_NEW				 105
-#define BN_F_BN_CTX_NEW					 106
+#define BN_F_BN_BN2DEC					 106
-#define BN_F_BN_DIV					 107
+#define BN_F_BN_BN2HEX					 107
-#define BN_F_BN_EXPAND2					 108
+#define BN_F_BN_CTX_NEW					 108
-#define BN_F_BN_MOD_EXP_MONT				 109
+#define BN_F_BN_DIV					 109
-#define BN_F_BN_MOD_INVERSE				 110
+#define BN_F_BN_EXPAND2					 110
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
+#define BN_F_BN_MOD_EXP_MONT				 111
-#define BN_F_BN_MPI2BN					 112
+#define BN_F_BN_MOD_INVERSE				 112
-#define BN_F_BN_NEW					 113
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 113
-#define BN_F_BN_RAND					 114
+#define BN_F_BN_MPI2BN					 114
-#define BN_F_BN_USUB					 115
+#define BN_F_BN_NEW					 115
 #define BN_F_BN_RAND					 116
 #define BN_F_BN_USUB					 117
 /* Reason codes. */
 #define BN_R_ARG2_LT_ARG3				 100
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@ -67,6 +67,8 @@ static ERR_STRING_DATA BN_str_functs[]=
 {ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0),	"BN_BLINDING_invert"},
 {ERR_PACK(0,BN_F_BN_BLINDING_NEW,0),	"BN_BLINDING_new"},
 {ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0),	"BN_BLINDING_update"},
 {ERR_PACK(0,BN_F_BN_BL_CTX_INIT,0),	"BN_BL_CTX_INIT"},
 {ERR_PACK(0,BN_F_BN_BL_CTX_NEW,0),	"BN_BL_CTX_NEW"},
 {ERR_PACK(0,BN_F_BN_BN2DEC,0),	"BN_bn2dec"},
 {ERR_PACK(0,BN_F_BN_BN2HEX,0),	"BN_bn2hex"},
 {ERR_PACK(0,BN_F_BN_CTX_NEW,0),	"BN_CTX_new"},
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
-char *BN_version="Big Number part of SSLeay 0.9.1a 06-Jul-1998";
+char *BN_version="Big Number part of SSLeay 0.9.1c 22-Dec-1998";
 /* For a 32 bit machine
 * 2 -   4 ==  128
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@ -235,7 +235,7 @@ printf("number BN_from_montgomery\n");
 		/* hmm... if a is between i and 2*i, things are bad */
 		if (a->top > i)
 			{
-			j=bn_add_words(ret->d,ret->d,&(a->d[i]),i);
+			j=(int)(bn_add_words(ret->d,ret->d,&(a->d[i]),i));
 			if (j) /* overflow */
 				bn_sub_words(ret->d,ret->d,mont->N.d,i);
 			}
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@ -176,16 +176,16 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
 	 * r[32] holds (b[1]*b[1])
 	 */
-	c1=bn_add_words(t,r,&(r[n2]),n2);
+	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
 	if (neg) /* if t[32] is negative */
 		{
-		c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
+		c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
 		}
 	else
 		{
 		/* Might have a carry */
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),t,n2);
+		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2));
 		}
 	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
@ -193,7 +193,7 @@ printf(" bn_mul_recursive %d * %d\n",n2,n2);
 	 * r[32] holds (b[1]*b[1])
 	 * c1 holds the carry bits
 	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
+	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
 	if (c1)
 		{
 		p= &(r[n+n2]);
@ -311,15 +311,15 @@ printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n);
 	 * r[32] holds (b[1]*b[1])
 	 */
-	c1=bn_add_words(t,r,&(r[n2]),n2);
+	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
+	c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
 	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
 	 * r[10] holds (a[0]*b[0])
 	 * r[32] holds (b[1]*b[1])
 	 * c1 holds the carry bits
 	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
+	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
 	if (c1)
 		{
 		p= &(r[n+n2]);
@ -454,7 +454,7 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
 	if (l != NULL)
 		{
 		lp= &(t[n2+n]);
-		c1=bn_add_words(lp,&(r[0]),&(l[0]),n);
+		c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n));
 		}
 	else
 		{
@ -463,7 +463,7 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
 		}
 	if (neg)
-		neg=bn_sub_words(&(t[n2]),lp,&(t[0]),n);
+		neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n));
 	else
 		{
 		bn_add_words(&(t[n2]),lp,&(t[0]),n);
@ -498,25 +498,25 @@ printf(" bn_mul_high %d * %d\n",n2,n2);
 	if (l != NULL)
 		{
 		lp= &(t[n2]);
-		c1= bn_add_words(lp,&(t[n2+n]),&(l[0]),n);
+		c1= (int)(bn_add_words(lp,&(t[n2+n]),&(l[0]),n));
 		}
 	else
 		{
 		lp= &(t[n2+n]);
 		c1=0;
 		}
-	c1+=bn_add_words(&(t[n2]),lp,  &(r[0]),n);
+	c1+=(int)(bn_add_words(&(t[n2]),lp,  &(r[0]),n));
 	if (oneg)
-		c1-=bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n);
+		c1-=(int)(bn_sub_words(&(t[n2]),&(t[n2]),&(t[0]),n));
 	else
-		c1+=bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n);
+		c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),&(t[0]),n));
-	c2 =bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n);
+	c2 =(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n2+n]),n));
-	c2+=bn_add_words(&(r[0]),&(r[0]),&(r[n]),n);
+	c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(r[n]),n));
 	if (oneg)
-		c2-=bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n);
+		c2-=(int)(bn_sub_words(&(r[0]),&(r[0]),&(t[n]),n));
 	else
-		c2+=bn_add_words(&(r[0]),&(r[0]),&(t[n]),n);
+		c2+=(int)(bn_add_words(&(r[0]),&(r[0]),&(t[n]),n));
 	if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
 		{
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@ -241,17 +241,17 @@ printf(" bn_sqr_recursive %d * %d\n",n2,n2);
 	 * r[32] holds (b[1]*b[1])
 	 */
-	c1=bn_add_words(t,r,&(r[n2]),n2);
+	c1=(int)(bn_add_words(t,r,&(r[n2]),n2));
 	/* t[32] is negative */
-	c1-=bn_sub_words(&(t[n2]),t,&(t[n2]),n2);
+	c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2));
 	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
 	 * r[10] holds (a[0]*a[0])
 	 * r[32] holds (a[1]*a[1])
 	 * c1 holds the carry bits
 	 */
-	c1+=bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2);
+	c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2));
 	if (c1)
 		{
 		p= &(r[n+n2]);
--- a/crypto/buffer/.cvsignore
+++ b/crypto/buffer/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@ -66,7 +66,6 @@ static ERR_STRING_DATA BUF_str_functs[]=
 {ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),	"BUF_MEM_grow"},
 {ERR_PACK(0,BUF_F_BUF_MEM_NEW,0),	"BUF_MEM_new"},
 {ERR_PACK(0,BUF_F_BUF_STRDUP,0),	"BUF_strdup"},
 {ERR_PACK(0,BUF_F_PXYCLNT_READ,0),	"PXYCLNT_READ"},
 {0,NULL},
 	};
--- a/crypto/buffer/buffer.err
+++ b/crypto/buffer/buffer.err
@ -4,6 +4,5 @@
 #define BUF_F_BUF_MEM_GROW				 100
 #define BUF_F_BUF_MEM_NEW				 101
 #define BUF_F_BUF_STRDUP				 102
 #define BUF_F_PXYCLNT_READ				 103
 /* Reason codes. */
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@ -96,7 +96,6 @@ void ERR_load_BUF_strings();
 #define BUF_F_BUF_MEM_GROW				 100
 #define BUF_F_BUF_MEM_NEW				 101
 #define BUF_F_BUF_STRDUP				 102
 #define BUF_F_PXYCLNT_READ				 103
 /* Reason codes. */
--- a/crypto/cast/.cvsignore
+++ b/crypto/cast/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/cast/c_ecb.c
+++ b/crypto/cast/c_ecb.c
@ -59,7 +59,7 @@
 #include "cast.h"
 #include "cast_lcl.h"
-char *CAST_version="CAST part of SSLeay 0.9.1a 06-Jul-1998";
+char *CAST_version="CAST part of SSLeay 0.9.1c 22-Dec-1998";
 void CAST_ecb_encrypt(in, out, ks, encrypt)
 unsigned char *in;
--- a/crypto/comp/.cvsignore
+++ b/crypto/comp/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/conf/.cvsignore
+++ b/crypto/conf/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@ -95,7 +95,7 @@ static CONF_VALUE *get_section();
 #define scan_esc(p)	((((p)[1] == '\0')?(p++):(p+=2)),p)
-char *CONF_version="CONF part of SSLeay 0.9.1a 06-Jul-1998";
+char *CONF_version="CONF part of SSLeay 0.9.1c 22-Dec-1998";
 LHASH *CONF_load(h,file,line)
 LHASH *h;
--- a/crypto/cryptlib.h
+++ b/crypto/cryptlib.h
@ -88,7 +88,7 @@ extern "C" {
 #define X509_CERT_AREA		"/usr/local/ssl"
 #define X509_CERT_DIR		"/usr/local/ssl/certs"
 #define X509_CERT_FILE		"/usr/local/ssl/cert.pem"
-#define X509_PRIVATE_DIR        "/usr/local/ssl/private"
+#define X509_PRIVATE_DIR	"/usr/local/ssl/private"
 #define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
 #define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@ -67,7 +67,7 @@ extern "C" {
 /* This is more to be used to check the correct DLL is being used
 * in the MS world. */
-#define SSLEAY_VERSION_NUMBER	0x0911	/* Version 0.5.1c would be 0513 */
+#define SSLEAY_VERSION_NUMBER	0x0913	/* Version 0.5.1c would be 0513 */
 #define SSLEAY_VERSION		0
 /* #define SSLEAY_OPTIONS	1 no longer supported */
--- a/crypto/cversion.c
+++ b/crypto/cversion.c
@ -66,7 +66,7 @@ char *SSLeay_version(t)
 int t;
 	{
 	if (t == SSLEAY_VERSION)
-		return("SSLeay 0.9.1a 06-Jul-1998");
+		return("SSLeay 0.9.1c 22-Dec-1998");
 	if (t == SSLEAY_BUILT_ON)
 		{
 #ifdef DATE
--- a/crypto/date.h
+++ b/crypto/date.h
@ -1 +1 @@
-#define DATE	"Wed Jul 22 12:21:22 EST 1998"
+#define DATE	"Tue Dec 22 15:40:03 CET 1998"
--- a/crypto/des/.cvsignore
+++ b/crypto/des/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@ -60,7 +60,7 @@
 #include "spr.h"
 char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-char *DES_version="DES part of SSLeay 0.9.1a 06-Jul-1998";
+char *DES_version="DES part of SSLeay 0.9.1c 22-Dec-1998";
 char *des_options()
 	{
--- a/crypto/dh/.cvsignore
+++ b/crypto/dh/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@ -61,7 +61,7 @@
 #include "bn.h"
 #include "dh.h"
-char *DH_version="Diffie-Hellman part of SSLeay 0.9.1a 06-Jul-1998";
+char *DH_version="Diffie-Hellman part of SSLeay 0.9.1c 22-Dec-1998";
 DH *DH_new()
 	{
--- a/crypto/dsa/.cvsignore
+++ b/crypto/dsa/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@ -56,7 +56,7 @@
 * [including the GNU Public Licence.]
 */
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 #include <stdio.h>
 #include "cryptlib.h"
@ -64,7 +64,7 @@
 #include "dsa.h"
 #include "asn1.h"
-char *DSA_version="\0DSA part of SSLeay 0.9.1a 06-Jul-1998";
+char *DSA_version="DSA part of SSLeay 0.9.1c 22-Dec-1998";
 DSA *DSA_new()
 	{
--- a/crypto/dsa/f
+++ b/crypto/dsa/f
@ -1,6 +0,0 @@
 	if ((dsa->method_mod_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
 		{
 		if ((dsa->method_mod_p=(char *)BN_MONT_CTX_new()) != NULL)
 			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mod_p,
 				dsa->p,ctx)) goto err;
 		}
--- a/crypto/err/.cvsignore
+++ b/crypto/err/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/evp/.cvsignore
+++ b/crypto/evp/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include "evp.h"
-char *EVP_version="EVP part of SSLeay 0.9.1a 06-Jul-1998";
+char *EVP_version="EVP part of SSLeay 0.9.1c 22-Dec-1998";
 void EVP_CIPHER_CTX_init(ctx)
 EVP_CIPHER_CTX *ctx;
--- a/crypto/hmac/.cvsignore
+++ b/crypto/hmac/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/idea/.cvsignore
+++ b/crypto/idea/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/idea/i_ecb.c
+++ b/crypto/idea/i_ecb.c
@ -59,7 +59,7 @@
 #include "idea.h"
 #include "idea_lcl.h"
-char *IDEA_version="IDEA part of SSLeay 0.9.1a 06-Jul-1998";
+char *IDEA_version="IDEA part of SSLeay 0.9.1c 22-Dec-1998";
 char *idea_options()
 	{
--- a/crypto/lhash/.cvsignore
+++ b/crypto/lhash/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@ -56,7 +56,7 @@
 * [including the GNU Public Licence.]
 */
-char *lh_version="lhash part of SSLeay 0.9.1a 06-Jul-1998";
+char *lh_version="lhash part of SSLeay 0.9.1c 22-Dec-1998";
 /* Code for dynamic hash table routines
 * Author - Eric Young v 2.0
--- a/crypto/md/.cvsignore
+++ b/crypto/md/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/md2/.cvsignore
+++ b/crypto/md2/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@ -61,7 +61,7 @@
 #include <string.h>
 #include "md2.h"
-char *MD2_version="MD2 part of SSLeay 0.9.1a 06-Jul-1998";
+char *MD2_version="MD2 part of SSLeay 0.9.1c 22-Dec-1998";
 /* Implemented from RFC1319 The MD2 Message-Digest Algorithm
 */
--- a/crypto/md5/.cvsignore
+++ b/crypto/md5/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/md5/f
+++ b/crypto/md5/f
@ -1,731 +0,0 @@
 # 1 "asm/mx86unix.cpp"
 	.file	"md5-586.s"
 	.version	"01.01"
 gcc2_compiled.:
 .text
 	.align 4 
 .globl _md5_block_x86 
 _md5_block_x86 :
 	pushl	%esi
 	pushl	%edi
 	movl	12(%esp),	%edi
 	movl	16(%esp),	%esi
 	movl	20(%esp),	%ecx
 	pushl	%ebp
 	pushl	%ebx
 	addl	%esi,		%ecx
 	subl	$64,		%ecx
 	movl	(%edi),		%eax
 	pushl	%ecx
 	movl	4(%edi),	%ebx
 	movl	8(%edi),	%ecx
 	movl	12(%edi),	%edx
 .L000start:
 	movl	%ecx,		%edi
 	movl	(%esi),		%ebp
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	leal	3614090360(%eax,%ebp,1),%eax
 	movl	4(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$7,		%eax
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	leal	3905402710(%edx,%ebp,1),%edx
 	movl	8(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$12,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	leal	606105819(%ecx,%ebp,1),%ecx
 	movl	12(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$17,		%ecx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	leal	3250441966(%ebx,%ebp,1),%ebx
 	movl	16(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$22,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	leal	4118548399(%eax,%ebp,1),%eax
 	movl	20(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$7,		%eax
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	leal	1200080426(%edx,%ebp,1),%edx
 	movl	24(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$12,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	leal	2821735955(%ecx,%ebp,1),%ecx
 	movl	28(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$17,		%ecx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	leal	4249261313(%ebx,%ebp,1),%ebx
 	movl	32(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$22,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	leal	1770035416(%eax,%ebp,1),%eax
 	movl	36(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$7,		%eax
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	leal	2336552879(%edx,%ebp,1),%edx
 	movl	40(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$12,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	leal	4294925233(%ecx,%ebp,1),%ecx
 	movl	44(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$17,		%ecx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	leal	2304563134(%ebx,%ebp,1),%ebx
 	movl	48(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$22,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	leal	1804603682(%eax,%ebp,1),%eax
 	movl	52(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$7,		%eax
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	leal	4254626195(%edx,%ebp,1),%edx
 	movl	56(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$12,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	leal	2792965006(%ecx,%ebp,1),%ecx
 	movl	60(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$17,		%ecx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	leal	1236535329(%ebx,%ebp,1),%ebx
 	movl	4(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$22,		%ebx
 	addl	%ecx,		%ebx
 	leal	4129170786(%eax,%ebp,1),%eax
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	movl	24(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$5,		%eax
 	addl	%ebx,		%eax
 	leal	3225465664(%edx,%ebp,1),%edx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	movl	44(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$9,		%edx
 	addl	%eax,		%edx
 	leal	643717713(%ecx,%ebp,1),%ecx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	movl	(%esi),		%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$14,		%ecx
 	addl	%edx,		%ecx
 	leal	3921069994(%ebx,%ebp,1),%ebx
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	movl	20(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$20,		%ebx
 	addl	%ecx,		%ebx
 	leal	3593408605(%eax,%ebp,1),%eax
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	movl	40(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$5,		%eax
 	addl	%ebx,		%eax
 	leal	38016083(%edx,%ebp,1),%edx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	movl	60(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$9,		%edx
 	addl	%eax,		%edx
 	leal	3634488961(%ecx,%ebp,1),%ecx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	movl	16(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$14,		%ecx
 	addl	%edx,		%ecx
 	leal	3889429448(%ebx,%ebp,1),%ebx
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	movl	36(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$20,		%ebx
 	addl	%ecx,		%ebx
 	leal	568446438(%eax,%ebp,1),%eax
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	movl	56(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$5,		%eax
 	addl	%ebx,		%eax
 	leal	3275163606(%edx,%ebp,1),%edx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	movl	12(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$9,		%edx
 	addl	%eax,		%edx
 	leal	4107603335(%ecx,%ebp,1),%ecx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	movl	32(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$14,		%ecx
 	addl	%edx,		%ecx
 	leal	1163531501(%ebx,%ebp,1),%ebx
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	movl	52(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$20,		%ebx
 	addl	%ecx,		%ebx
 	leal	2850285829(%eax,%ebp,1),%eax
 	xorl	%ebx,		%edi
 	andl	%edx,		%edi
 	movl	8(%esi),	%ebp
 	xorl	%ecx,		%edi
 	addl	%edi,		%eax
 	movl	%ebx,		%edi
 	roll	$5,		%eax
 	addl	%ebx,		%eax
 	leal	4243563512(%edx,%ebp,1),%edx
 	xorl	%eax,		%edi
 	andl	%ecx,		%edi
 	movl	28(%esi),	%ebp
 	xorl	%ebx,		%edi
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$9,		%edx
 	addl	%eax,		%edx
 	leal	1735328473(%ecx,%ebp,1),%ecx
 	xorl	%edx,		%edi
 	andl	%ebx,		%edi
 	movl	48(%esi),	%ebp
 	xorl	%eax,		%edi
 	addl	%edi,		%ecx
 	movl	%edx,		%edi
 	roll	$14,		%ecx
 	addl	%edx,		%ecx
 	leal	2368359562(%ebx,%ebp,1),%ebx
 	xorl	%ecx,		%edi
 	andl	%eax,		%edi
 	movl	20(%esi),	%ebp
 	xorl	%edx,		%edi
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$20,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	xorl	%ebx,		%edi
 	leal	4294588738(%eax,%ebp,1),%eax
 	addl	%edi,		%eax
 	movl	32(%esi),	%ebp
 	roll	$4,		%eax
 	movl	%ebx,		%edi
 	leal	2272392833(%edx,%ebp,1),%edx
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	xorl	%eax,		%edi
 	movl	44(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$11,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	xorl	%edx,		%edi
 	leal	1839030562(%ecx,%ebp,1),%ecx
 	addl	%edi,		%ecx
 	movl	56(%esi),	%ebp
 	roll	$16,		%ecx
 	movl	%edx,		%edi
 	leal	4259657740(%ebx,%ebp,1),%ebx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	xorl	%ecx,		%edi
 	movl	4(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$23,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	xorl	%ebx,		%edi
 	leal	2763975236(%eax,%ebp,1),%eax
 	addl	%edi,		%eax
 	movl	16(%esi),	%ebp
 	roll	$4,		%eax
 	movl	%ebx,		%edi
 	leal	1272893353(%edx,%ebp,1),%edx
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	xorl	%eax,		%edi
 	movl	28(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$11,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	xorl	%edx,		%edi
 	leal	4139469664(%ecx,%ebp,1),%ecx
 	addl	%edi,		%ecx
 	movl	40(%esi),	%ebp
 	roll	$16,		%ecx
 	movl	%edx,		%edi
 	leal	3200236656(%ebx,%ebp,1),%ebx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	xorl	%ecx,		%edi
 	movl	52(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$23,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	xorl	%ebx,		%edi
 	leal	681279174(%eax,%ebp,1),%eax
 	addl	%edi,		%eax
 	movl	(%esi),		%ebp
 	roll	$4,		%eax
 	movl	%ebx,		%edi
 	leal	3936430074(%edx,%ebp,1),%edx
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	xorl	%eax,		%edi
 	movl	12(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$11,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	xorl	%edx,		%edi
 	leal	3572445317(%ecx,%ebp,1),%ecx
 	addl	%edi,		%ecx
 	movl	24(%esi),	%ebp
 	roll	$16,		%ecx
 	movl	%edx,		%edi
 	leal	76029189(%ebx,%ebp,1),%ebx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	xorl	%ecx,		%edi
 	movl	36(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	%ecx,		%edi
 	roll	$23,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	xorl	%ebx,		%edi
 	leal	3654602809(%eax,%ebp,1),%eax
 	addl	%edi,		%eax
 	movl	48(%esi),	%ebp
 	roll	$4,		%eax
 	movl	%ebx,		%edi
 	leal	3873151461(%edx,%ebp,1),%edx
 	addl	%ebx,		%eax
 	xorl	%ecx,		%edi
 	xorl	%eax,		%edi
 	movl	60(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	%eax,		%edi
 	roll	$11,		%edx
 	addl	%eax,		%edx
 	xorl	%ebx,		%edi
 	xorl	%edx,		%edi
 	leal	530742520(%ecx,%ebp,1),%ecx
 	addl	%edi,		%ecx
 	movl	8(%esi),	%ebp
 	roll	$16,		%ecx
 	movl	%edx,		%edi
 	leal	3299628645(%ebx,%ebp,1),%ebx
 	addl	%edx,		%ecx
 	xorl	%eax,		%edi
 	xorl	%ecx,		%edi
 	movl	(%esi),		%ebp
 	addl	%edi,		%ebx
 	movl	$-1,		%edi
 	roll	$23,		%ebx
 	addl	%ecx,		%ebx
 	xorl	%edx,		%edi
 	orl	%ebx,		%edi
 	leal	4096336452(%eax,%ebp,1),%eax
 	xorl	%ecx,		%edi
 	movl	28(%esi),	%ebp
 	addl	%edi,		%eax
 	movl	$-1,		%edi
 	roll	$6,		%eax
 	xorl	%ecx,		%edi
 	addl	%ebx,		%eax
 	orl	%eax,		%edi
 	leal	1126891415(%edx,%ebp,1),%edx
 	xorl	%ebx,		%edi
 	movl	56(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	$-1,		%edi
 	roll	$10,		%edx
 	xorl	%ebx,		%edi
 	addl	%eax,		%edx
 	orl	%edx,		%edi
 	leal	2878612391(%ecx,%ebp,1),%ecx
 	xorl	%eax,		%edi
 	movl	20(%esi),	%ebp
 	addl	%edi,		%ecx
 	movl	$-1,		%edi
 	roll	$15,		%ecx
 	xorl	%eax,		%edi
 	addl	%edx,		%ecx
 	orl	%ecx,		%edi
 	leal	4237533241(%ebx,%ebp,1),%ebx
 	xorl	%edx,		%edi
 	movl	48(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	$-1,		%edi
 	roll	$21,		%ebx
 	xorl	%edx,		%edi
 	addl	%ecx,		%ebx
 	orl	%ebx,		%edi
 	leal	1700485571(%eax,%ebp,1),%eax
 	xorl	%ecx,		%edi
 	movl	12(%esi),	%ebp
 	addl	%edi,		%eax
 	movl	$-1,		%edi
 	roll	$6,		%eax
 	xorl	%ecx,		%edi
 	addl	%ebx,		%eax
 	orl	%eax,		%edi
 	leal	2399980690(%edx,%ebp,1),%edx
 	xorl	%ebx,		%edi
 	movl	40(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	$-1,		%edi
 	roll	$10,		%edx
 	xorl	%ebx,		%edi
 	addl	%eax,		%edx
 	orl	%edx,		%edi
 	leal	4293915773(%ecx,%ebp,1),%ecx
 	xorl	%eax,		%edi
 	movl	4(%esi),	%ebp
 	addl	%edi,		%ecx
 	movl	$-1,		%edi
 	roll	$15,		%ecx
 	xorl	%eax,		%edi
 	addl	%edx,		%ecx
 	orl	%ecx,		%edi
 	leal	2240044497(%ebx,%ebp,1),%ebx
 	xorl	%edx,		%edi
 	movl	32(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	$-1,		%edi
 	roll	$21,		%ebx
 	xorl	%edx,		%edi
 	addl	%ecx,		%ebx
 	orl	%ebx,		%edi
 	leal	1873313359(%eax,%ebp,1),%eax
 	xorl	%ecx,		%edi
 	movl	60(%esi),	%ebp
 	addl	%edi,		%eax
 	movl	$-1,		%edi
 	roll	$6,		%eax
 	xorl	%ecx,		%edi
 	addl	%ebx,		%eax
 	orl	%eax,		%edi
 	leal	4264355552(%edx,%ebp,1),%edx
 	xorl	%ebx,		%edi
 	movl	24(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	$-1,		%edi
 	roll	$10,		%edx
 	xorl	%ebx,		%edi
 	addl	%eax,		%edx
 	orl	%edx,		%edi
 	leal	2734768916(%ecx,%ebp,1),%ecx
 	xorl	%eax,		%edi
 	movl	52(%esi),	%ebp
 	addl	%edi,		%ecx
 	movl	$-1,		%edi
 	roll	$15,		%ecx
 	xorl	%eax,		%edi
 	addl	%edx,		%ecx
 	orl	%ecx,		%edi
 	leal	1309151649(%ebx,%ebp,1),%ebx
 	xorl	%edx,		%edi
 	movl	16(%esi),	%ebp
 	addl	%edi,		%ebx
 	movl	$-1,		%edi
 	roll	$21,		%ebx
 	xorl	%edx,		%edi
 	addl	%ecx,		%ebx
 	orl	%ebx,		%edi
 	leal	4149444226(%eax,%ebp,1),%eax
 	xorl	%ecx,		%edi
 	movl	44(%esi),	%ebp
 	addl	%edi,		%eax
 	movl	$-1,		%edi
 	roll	$6,		%eax
 	xorl	%ecx,		%edi
 	addl	%ebx,		%eax
 	orl	%eax,		%edi
 	leal	3174756917(%edx,%ebp,1),%edx
 	xorl	%ebx,		%edi
 	movl	8(%esi),	%ebp
 	addl	%edi,		%edx
 	movl	$-1,		%edi
 	roll	$10,		%edx
 	xorl	%ebx,		%edi
 	addl	%eax,		%edx
 	orl	%edx,		%edi
 	leal	718787259(%ecx,%ebp,1),%ecx
 	xorl	%eax,		%edi
 	movl	36(%esi),	%ebp
 	addl	%edi,		%ecx
 	movl	$-1,		%edi
 	roll	$15,		%ecx
 	xorl	%eax,		%edi
 	addl	%edx,		%ecx
 	orl	%ecx,		%edi
 	leal	3951481745(%ebx,%ebp,1),%ebx
 	xorl	%edx,		%edi
 	movl	24(%esp),	%ebp
 	addl	%edi,		%ebx
 	addl	$64,		%esi
 	roll	$21,		%ebx
 	movl	(%ebp),		%edi
 	addl	%ecx,		%ebx
 	addl	%edi,		%eax
 	movl	4(%ebp),	%edi
 	addl	%edi,		%ebx
 	movl	8(%ebp),	%edi
 	addl	%edi,		%ecx
 	movl	12(%ebp),	%edi
 	addl	%edi,		%edx
 	movl	%eax,		(%ebp)
 	movl	%ebx,		4(%ebp)
 	movl	(%esp),		%edi
 	movl	%ecx,		8(%ebp)
 	movl	%edx,		12(%ebp)
 	cmpl	%esi,		%edi
 	jge	.L000start
 	popl	%eax
 	popl	%ebx
 	popl	%ebp
 	popl	%edi
 	popl	%esi
 	ret
 .md5_block_x86_end:
 .ident	"desasm.pl"
--- a/crypto/md5/md5_dgst.c
+++ b/crypto/md5/md5_dgst.c
@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "md5_locl.h"
-char *MD5_version="MD5 part of SSLeay 0.9.1a 06-Jul-1998";
+char *MD5_version="MD5 part of SSLeay 0.9.1c 22-Dec-1998";
 /* Implemented from RFC1321 The MD5 Message-Digest Algorithm
 */
--- a/crypto/mdc2/.cvsignore
+++ b/crypto/mdc2/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/objects/.cvsignore
+++ b/crypto/objects/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/pem/.cvsignore
+++ b/crypto/pem/.cvsignore
@ -0,0 +1,2 @@
 lib
 ctx_size
--- a/crypto/pem/gmon.out
+++ b/crypto/pem/gmon.out
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@ -68,7 +68,7 @@
 #include "des.h"
 #endif
-char *PEM_version="PEM part of SSLeay 0.9.1a 06-Jul-1998";
+char *PEM_version="PEM part of SSLeay 0.9.1c 22-Dec-1998";
 #define MIN_LENGTH	4
--- a/crypto/perlasm/f
+++ b/crypto/perlasm/f
@ -1,19 +0,0 @@
 sub out3
 	{
 	local($name,$p1,$p2,$p3)=@_;
 	push(@out,"\t$name\t");
 	$l=length($p1)+1;
 	push(@out,$p1.",");
 	$ll=4-($l+9)/8;
 	$tmp1=sprintf("\t" x $ll);
 	push(@out,$tmp1);
 	$l=length($p2)+1;
 	push(@out,$p2.",");
 	$ll=4-($l+9)/8;
 	$tmp1=sprintf("\t" x $ll);
 	push(@out,$tmp1);
 	push(@out,&conv($p3)."\n");
 	}
--- a/crypto/pkcs7/build
+++ b/crypto/pkcs7/build
@ -1,5 +0,0 @@
 #!/bin/sh -x
 make
 gcc -I../../include -g -o enc enc.c ../../libcrypto.a
 gcc -I../../include -g -o dec dec.c ../../libcrypto.a
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@ -909,7 +909,6 @@ int atrtype;
 char *value;
 	{
 	X509_ATTRIBUTE *attr=NULL;
 	ASN1_TYPE *val=NULL;
 	if (*sk == NULL)
 		{
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@ -69,7 +69,7 @@ static ERR_STRING_DATA PKCS7_str_functs[]=
 {ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),	"PKCS7_add_signer"},
 {ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),	"PKCS7_ctrl"},
 {ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),	"PKCS7_dataInit"},
-{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),	"PKCS7_dataSign"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0),	"PKCS7_DATASIGN"},
 {ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0),	"PKCS7_set_cipher"},
 {ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
--- a/crypto/rand/.cvsignore
+++ b/crypto/rand/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@ -126,13 +126,13 @@ static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
-char *RAND_version="RAND part of SSLeay 0.9.1a 06-Jul-1998";
+char *RAND_version="RAND part of SSLeay 0.9.1c 22-Dec-1998";
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(unsigned char *buf, int num);
 static void ssleay_rand_bytes(unsigned char *buf, int num);
-RAND_METHOD rand_ssleay={
+RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
 	ssleay_rand_bytes,
 	ssleay_rand_cleanup,
@ -140,7 +140,7 @@ RAND_METHOD rand_ssleay={
 RAND_METHOD *RAND_SSLeay()
 	{
-	return(&rand_ssleay);
+	return(&rand_ssleay_meth);
 	}
 static void ssleay_rand_cleanup()
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@ -65,8 +65,8 @@
 #ifdef NO_RAND
 static RAND_METHOD *rand_meth=NULL;
 #else
-extern RAND_METHOD rand_ssleay;
+extern RAND_METHOD rand_ssleay_meth;
-static RAND_METHOD *rand_meth= &rand_ssleay;
+static RAND_METHOD *rand_meth= &rand_ssleay_meth;
 #endif
 void RAND_set_rand_method(meth)
--- a/crypto/rc2/.cvsignore
+++ b/crypto/rc2/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/rc2/rc2_ecb.c
+++ b/crypto/rc2/rc2_ecb.c
@ -59,7 +59,7 @@
 #include "rc2.h"
 #include "rc2_locl.h"
-char *RC2_version="RC2 part of SSLeay 0.9.1a 06-Jul-1998";
+char *RC2_version="RC2 part of SSLeay 0.9.1c 22-Dec-1998";
 /* RC2 as implemented frm a posting from
 * Newsgroups: sci.crypt
--- a/crypto/rc4/.cvsignore
+++ b/crypto/rc4/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/rc4/rc4_skey.c
+++ b/crypto/rc4/rc4_skey.c
@ -59,7 +59,7 @@
 #include "rc4.h"
 #include "rc4_locl.h"
-char *RC4_version="RC4 part of SSLeay 0.9.1a 06-Jul-1998";
+char *RC4_version="RC4 part of SSLeay 0.9.1c 22-Dec-1998";
 char *RC4_options()
 	{
--- a/crypto/rc5/.cvsignore
+++ b/crypto/rc5/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/rc5/rc5_ecb.c
+++ b/crypto/rc5/rc5_ecb.c
@ -59,7 +59,7 @@
 #include "rc5.h"
 #include "rc5_locl.h"
-char *RC5_version="RC5 part of SSLeay 0.9.1a 06-Jul-1998";
+char *RC5_version="RC5 part of SSLeay 0.9.1c 22-Dec-1998";
 void RC5_32_ecb_encrypt(in, out, ks, encrypt)
 unsigned char *in;
--- a/crypto/ripemd/.cvsignore
+++ b/crypto/ripemd/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/ripemd/rmd_dgst.c
+++ b/crypto/ripemd/rmd_dgst.c
@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "rmd_locl.h"
-char *RMD160_version="RIPEMD160 part of SSLeay 0.9.1a 06-Jul-1998";
+char *RMD160_version="RIPE-MD160 part of SSLeay 0.9.1c 22-Dec-1998";
 #ifndef NOPROTO
 #  ifdef RMD160_ASM
--- a/crypto/rsa/.cvsignore
+++ b/crypto/rsa/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/rsa/f
+++ b/crypto/rsa/f
@ -1,6 +0,0 @@
 	if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
 		{
 		if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
 			if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
 				rsa->n,ctx)) goto err;
 		}
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@ -63,7 +63,7 @@
 #include "bn.h"
 #include "rsa.h"
-char *RSA_version="RSA part of SSLeay 0.9.1a 06-Jul-1998";
+char *RSA_version="RSA part of SSLeay 0.9.1c 22-Dec-1998";
 static RSA_METHOD *default_RSA_meth=NULL;
 static int rsa_meth_num=0;
--- a/crypto/sha/.cvsignore
+++ b/crypto/sha/.cvsignore
@ -0,0 +1 @@
 lib
--- a/crypto/sha/asm/f
+++ b/crypto/sha/asm/f
--- a/crypto/sha/sha1dgst.c
+++ b/crypto/sha/sha1dgst.c
@ -63,7 +63,7 @@
 #include "sha.h"
 #include "sha_locl.h"
-char *SHA1_version="SHA1 part of SSLeay 0.9.1a 06-Jul-1998";
+char *SHA1_version="SHA1 part of SSLeay 0.9.1c 22-Dec-1998";
 /* Implemented from SHA-1 document - The Secure Hash Algorithm
 */
--- a/Show More
+++ b/Show More
`@ -1 +1 @@`
	`#define DATE "Wed Jul 22 12:21:22 EST 1998"`	`#define DATE "Tue Dec 22 15:40:03 CET 1998"`