Merge in changes from the 0.9.6-stable branch.

CHANGES

@@ -2,6 +2,25 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.6a and 0.9.6b  [XX xxx XXXX]
+
+  *) Move 'if (!initialized) RAND_poll()' into regions protected by
+     CRYPTO_LOCK_RAND.  This is not strictly necessary, but avoids
+     having multiple threads call RAND_poll() concurrently.
+     [Bodo Moeller]
+
+  *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
+     combination of a flag and a thread ID variable.
+     Otherwise while one thread is in ssleay_rand_bytes (which sets the
+     flag), *other* threads can enter ssleay_add_bytes without obeying
+     the CRYPTO_LOCK_RAND lock (and may even illegaly release the lock
+     that they do not hold after the first thread unsets add_do_not_lock).
+     [Bodo Moeller]
+
+  *) Change bctest again: '-x' expressions are not available in all
+     versions of 'test'.
+     [Bodo Moeller]
+
  Changes between 0.9.6 and 0.9.6a  [5 Apr 2001]
 
   *) Fix a couple of memory leaks in PKCS7_dataDecode()

FAQ

@@ -47,6 +47,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why do I get errors about unknown algorithms?
 * Why can't the OpenSSH configure script detect OpenSSL?
 * Can I use OpenSSL's SSL library with non-blocking I/O?
+* Why doesn't my server application receive a client certificate?
 
 ===============================================================================
 
@@ -543,5 +544,12 @@ requiring a bi-directional message exchange; both SSL_read() and
 SSL_write() will try to continue any pending handshake.
 
 
+* Why doesn't my server application receive a client certificate?
+
+Due to the TLS protocol definition, a client will only send a certificate,
+if explicitely asked by the server. Use the SSL_VERIFY_PEER flag of the
+SSL_CTX_set_verify() function to enable the use of client certificates.
+
+
 ===============================================================================
 

Makefile.org

@@ -474,19 +474,19 @@ install_docs:
 		$(INSTALL_PREFIX)$(MANDIR)/man3 \
 		$(INSTALL_PREFIX)$(MANDIR)/man5 \
 		$(INSTALL_PREFIX)$(MANDIR)/man7
-	@echo installing man 1 and man 5
 	@for i in doc/apps/*.pod; do \
 		fn=`basename $$i .pod`; \
-		sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
+		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
+		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			 --release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
-	@echo installing man 3 and man 7
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
 		fn=`basename $$i .pod`; \
-		sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
+		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
+		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`) \

README

@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.6a [engine] 5 Apr 2001
+ OpenSSL 0.9.6b-dev [engine] XX xxx XXXX
 
  Copyright (c) 1998-2000 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

apps/dgst.c

@@ -74,7 +74,7 @@
 #undef PROG
 #define PROG	dgst_main
 
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		EVP_PKEY *key, unsigned char *sigin, int siglen);
 
 int MAIN(int, char **);
@@ -95,7 +95,7 @@ int MAIN(int argc, char **argv)
 	int debug=0;
 	const char *outfile = NULL, *keyfile = NULL;
 	const char *sigfile = NULL, *randfile = NULL;
-	char out_bin = -1, want_pub = 0, do_verify = 0;
+	int out_bin = -1, want_pub = 0, do_verify = 0;
 	EVP_PKEY *sigkey = NULL;
 	unsigned char *sigbuf = NULL;
 	int siglen = 0;
@@ -365,7 +365,7 @@ end:
 	EXIT(err);
 	}
 
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			EVP_PKEY *key, unsigned char *sigin, int siglen)
 	{
 	int len;

apps/smime.c

@@ -299,6 +299,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
 		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
+		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
 		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");

apps/speed.c

@@ -83,12 +83,12 @@
 #include <openssl/err.h>
 #include <openssl/engine.h>
 
-#if defined(__FreeBSD__)
+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
 # define USE_TOD
 #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
 # define TIMES
 #endif
-#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE)
+#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) && !defined(__NetBSD__)
 # define TIMEB
 #endif
 

crypto/bio/b_print.c

@@ -109,7 +109,11 @@
 #endif
 
 #if HAVE_LONG_LONG
-#define LLONG long long
+# if defined(WIN32) && !defined(__GNUC__)
+# define LLONG _int64
+# else
+# define LLONG long long
+# endif
 #else
 #define LLONG long
 #endif
@@ -152,7 +156,7 @@ static void _dopr(char **sbuffer, char **buffer,
 
 /* some handy macros */
 #define char_to_int(p) (p - '0')
-#define MAX(p,q) ((p >= q) ? p : q)
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
 
 static void
 _dopr(
@@ -503,13 +507,13 @@ fmtint(
     convert[place] = 0;
 
     zpadlen = max - place;
-    spadlen = min - MAX(max, place) - (signvalue ? 1 : 0);
+    spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
     if (zpadlen < 0)
         zpadlen = 0;
     if (spadlen < 0)
         spadlen = 0;
     if (flags & DP_F_ZERO) {
-        zpadlen = MAX(zpadlen, spadlen);
+        zpadlen = OSSL_MAX(zpadlen, spadlen);
         spadlen = 0;
     }
     if (flags & DP_F_MINUS)
@@ -641,7 +645,7 @@ fmtfp(
             (caps ? "0123456789ABCDEF"
               : "0123456789abcdef")[fracpart % 10];
         fracpart = (fracpart / 10);
-    } while (fracpart && (fplace < 20));
+    } while (fplace < max);
     if (fplace == 20)
         fplace--;
     fconvert[fplace] = 0;

crypto/evp/evp.h

@@ -554,9 +554,9 @@ int	EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
 void	EVP_set_pw_prompt(char *prompt);
 char *	EVP_get_pw_prompt(void);
 
-int	EVP_BytesToKey(const EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
-		unsigned char *data, int datal, int count,
-		unsigned char *key,unsigned char *iv);
+int     EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
+		const unsigned char *salt, const unsigned char *data, int datal,
+       		int count, unsigned char *key, unsigned char *iv);
 
 int	EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
 		unsigned char *key, unsigned char *iv);

crypto/evp/evp_key.c

@@ -95,9 +95,9 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 #endif
 	}
 
-int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt,
-	     unsigned char *data, int datal, int count, unsigned char *key,
-	     unsigned char *iv)
+int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, 
+             const unsigned char *salt, const unsigned char *data, int datal, 
+             int count, unsigned char *key, unsigned char *iv)
 	{
 	EVP_MD_CTX c;
 	unsigned char md_buf[EVP_MAX_MD_SIZE];

crypto/opensslv.h

@@ -25,8 +25,8 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x0090601fL
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.6a [engine] 5 Apr 2001"
+#define OPENSSL_VERSION_NUMBER	0x00906020L
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.6b-dev [engine] XX xxx XXXX"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
 

crypto/rand/md_rand.c

@@ -141,10 +141,11 @@ static long md_count[2]={0,0};
 static double entropy=0;
 static int initialized=0;
 
-/* This should be set to 1 only when ssleay_rand_add() is called inside
-   an already locked state, so it doesn't try to lock and thereby cause
-   a hang.  And it should always be reset back to 0 before unlocking. */
-static int add_do_not_lock=0;
+static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
+                                           * holds CRYPTO_LOCK_RAND
+                                           * (to prevent double locking) */
+static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
+
 
 #ifdef PREDICT
 int rand_predictable=0;
@@ -191,6 +192,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
 	MD_CTX m;
+	int do_not_lock;
 
 	/*
 	 * (Based on the rand(3) manpage)
@@ -207,7 +209,10 @@ static void ssleay_rand_add(const void *buf, int num, double add)
          * hash function.
 	 */
 
-	if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+	/* check if we already have the lock */
+	do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+
+	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	st_idx=state_index;
 
 	/* use our own copies of the counters so that even
@@ -239,7 +244,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
 
-	if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
 		{
@@ -281,7 +286,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 		}
 	memset((char *)&m,0,sizeof(m));
 
-	if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	/* Don't just copy back local_md into md -- this could mean that
 	 * other thread's seeding remains without effect (except for
 	 * the incremented counter).  By XORing it we keep at least as
@@ -292,7 +297,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 		}
 	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
 	    entropy += add;
-	if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 	
 #if !defined(THREADS) && !defined(WIN32)
 	assert(md_c[1] == md_count[1]);
@@ -347,14 +352,18 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	 * global 'md'.
 	 */
 
-	if (!initialized)
-		RAND_poll();
-
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-	add_do_not_lock = 1;	/* Since we call ssleay_rand_add while in
-				   this locked state. */
 
+	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
+	crypto_lock_rand = 1;
+	locking_thread = CRYPTO_thread_id();
+
+	if (!initialized)
+		{
+		RAND_poll();
 		initialized = 1;
+		}
+	
 	if (!stirred_pool)
 		do_stir_pool = 1;
 	
@@ -418,8 +427,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
 	md_count[0] += 1;
 
-	add_do_not_lock = 0;	/* If this would ever be forgotten, we can
-				   expect any evil god to eat our souls. */
+	/* before unlocking, we must clear 'crypto_lock_rand' */
+	crypto_lock_rand = 0;
+	locking_thread = 0;
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	while (num > 0)
@@ -498,14 +508,37 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 static int ssleay_rand_status(void)
 	{
 	int ret;
+	int do_not_lock;
+
+	/* check if we already have the lock
+	 * (could happen if a RAND_poll() implementation calls RAND_status()) */
+	do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+	
+	if (!do_not_lock)
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+		
+		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
+		crypto_lock_rand = 1;
+		locking_thread = CRYPTO_thread_id();
+		}
 	
 	if (!initialized)
+		{
 		RAND_poll();
-
-	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 		initialized = 1;
+		}
+
 	ret = entropy >= ENTROPY_NEEDED;
+
+	if (!do_not_lock)
+		{
+		/* before unlocking, we must clear 'crypto_lock_rand' */
+		crypto_lock_rand = 0;
+		locking_thread = 0;
+		
 		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+		}
 	
 	return ret;
 	}

doc/apps/rsautl.pod

@@ -101,11 +101,11 @@ Sign some data using a private key:
 
 Recover the signed data
 
- openssl rsautl -sign -in sig -inkey key.pem
+ openssl rsautl -verify -in sig -inkey key.pem
 
 Examine the raw signed data:
 
- openssl rsautl -sign -in file -inkey key.pem -raw -hexdump
+ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
 
  0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
  0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................

doc/apps/s_server.pod

@@ -7,7 +7,7 @@ s_server - SSL/TLS server program
 
 =head1 SYNOPSIS
 
-B<openssl> B<s_client>
+B<openssl> B<s_server>
 [B<-accept port>]
 [B<-context id>]
 [B<-verify depth>]

doc/crypto/bio.pod

@@ -40,7 +40,7 @@ BIO).
 =head1 SEE ALSO
 
 L<BIO_ctrl(3)|BIO_ctrl(3)>,
-L<BIO_f_base64(3)|BIO_f_base64(3)>,
+L<BIO_f_base64(3)|BIO_f_base64(3)>, L<BIO_f_buffer(3)|BIO_f_buffer(3)>,
 L<BIO_f_cipher(3)|BIO_f_cipher(3)>, L<BIO_f_md(3)|BIO_f_md(3)>,
 L<BIO_f_null(3)|BIO_f_null(3)>, L<BIO_f_ssl(3)|BIO_f_ssl(3)>,
 L<BIO_find_type(3)|BIO_find_type(3)>, L<BIO_new(3)|BIO_new(3)>,

doc/ssl/SSL_CTX_load_verify_locations.pod

@@ -33,10 +33,6 @@ which can be used e.g. for descriptions of the certificates.
 The B<CAfile> is processed on execution of the SSL_CTX_load_verify_locations()
 function.
 
-If on an TLS/SSL server no special setting is performed using *client_CA_list()
-functions, the certificates contained in B<CAfile> are listed to the client
-as available CAs during the TLS/SSL handshake.
-
 If B<CApath> is not NULL, it points to a directory containing CA certificates
 in PEM format. The files each contain one CA certificate. The files are
 looked up by the CA subject name hash value, which must hence be available.
@@ -50,9 +46,6 @@ The certificates in B<CApath> are only looked up when required, e.g. when
 building the certificate chain or when actually performing the verification
 of a peer certificate.
 
-On a server, the certificates in B<CApath> are not listed as available
-CA certificates to a client during a TLS/SSL handshake.
-
 When looking up CA certificates, the OpenSSL library will first search the
 certificates in B<CAfile>, then those in B<CApath>. Certificate matching
 is done based on the subject name, the key identifier (if present), and the
@@ -62,6 +55,13 @@ matching the parameters is found, the verification process will be performed;
 no other certificates for the same parameters will be searched in case of
 failure.
 
+In server mode, when requesting a client certificate, the server must send
+the list of CAs of which it will accept client certificates. This list
+is not influenced by the contents of B<CAfile> or B<CApath> and must
+explicitely be set using the
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
+family of functions.
+
 When building its own certificate chain, an OpenSSL client/server will
 try to fill in missing certificates from B<CAfile>/B<CApath>, if the
 certificate chain was not explicitly specified (see

doc/ssl/SSL_CTX_set_client_CA_list.pod

@@ -36,25 +36,23 @@ the chosen B<ssl>, overriding the setting valid for B<ssl>'s SSL_CTX object.
 
 When a TLS/SSL server requests a client certificate (see
 B<SSL_CTX_set_verify_options()>), it sends a list of CAs, for which
-it will accept certificates, to the client. If no special list is provided,
-the CAs available using the B<CAfile> option in
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-are sent.
+it will accept certificates, to the client.
 
-This list can be explicitly set using the SSL_CTX_set_client_CA_list() for
+This list must explicitly be set using SSL_CTX_set_client_CA_list() for
 B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
 specified overrides the previous setting. The CAs listed do not become
 trusted (B<list> only contains the names, not the complete certificates); use
 L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 
 to additionally load them for verification.
 
+If the list of acceptable CAs is compiled in a file, the
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>
+function can be used to help importing the necessary data.
+
 SSL_CTX_add_client_CA() and SSL_add_client_CA() can be used to add additional
 items the list of client CAs. If no list was specified before using
 SSL_CTX_set_client_CA_list() or SSL_set_client_CA_list(), a new client
-CA list for B<ctx> or B<ssl> (as appropriate) is opened. The CAs implicitly
-specified using
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-are no longer used automatically.
+CA list for B<ctx> or B<ssl> (as appropriate) is opened.
 
 These functions are only useful for TLS/SSL servers.
 
@@ -80,11 +78,17 @@ to find out the reason.
 
 =back
 
+=head1 EXAMPLES
+
+Scan all certificates in B<CAfile> and list them as acceptable CAs:
+
+  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+
 =head1 SEE ALSO
 
 L<ssl(3)|ssl(3)>,
 L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
 L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
 
 =cut

doc/ssl/SSL_get_peer_certificate.pod

@@ -17,6 +17,12 @@ peer presented. If the peer did not present a certificate, NULL is returned.
 
 =head1 NOTES
 
+Due to the protocol definition, a TLS/SSL server will always send a
+certificate, if present. A client will only send a certificate when
+explicitely requested to do so by the server (see
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
+is used, no certificates are sent.
+
 That a certificate is returned does not indicate information about the
 verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
 to check the verification state.
@@ -43,6 +49,7 @@ The return value points to the certificate presented by the peer.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
+L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
 
 =cut

doc/ssl/SSL_shutdown.pod

@@ -66,7 +66,7 @@ Call SSL_get_error() with the return value B<ret> to find out the reason.
 
 L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
 L<SSL_accept(3)|SSL_accept(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_clear(3)|SSL_clear(3), L<SSL_free(3)|SSL_free(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>,
 L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
 
 =cut

test/Makefile.ssl

@@ -192,7 +192,7 @@ test_bn:
 	@./$(BNTEST) >tmp.bntest
 	@echo quit >>tmp.bntest
 	@echo "running bc"
-	@<tmp.bntest sh -c "`sh ./bctest || true`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+	@<tmp.bntest sh -c "`sh ./bctest; true`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
 	@echo 'test a^b%c implementations'
 	./$(EXPTEST)
 

test/bctest

@@ -12,10 +12,22 @@
 
 
 IFS=:
-for dir in $PATH; do
+try_without_dir=true
+# First we try "bc", then "$dir/bc" for each item in $PATH.
+for dir in dummy:$PATH; do
+    if [ "$try_without_dir" = true ]; then
+      # first iteration
+      bc=bc
+      try_without_dir=false
+    else
+      # second and later iterations
       bc="$dir/bc"
+      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
+        bc=''
+      fi
+    fi
 
-    if [ -x "$bc" -a ! -d "$bc" ]; then
+    if [ ! "$bc" = '' ]; then
         failure=none