The rest of the merge in of the main trunk, a few conflicts resolved.

Merge in the main trunk, a few conflicts resolved.
This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.
2000-09-17 20:37:33 +00:00 · 2000-09-17 20:34:31 +00:00 · 2000-09-17 20:04:43 +00:00 · 2000-09-17 18:16:02 +00:00 · 2000-09-17 15:56:27 +00:00 · 2000-09-17 00:10:29 +00:00
283 changed files with 9114 additions and 11551 deletions
--- a/147
+++ b/147
@@ -2,153 +2,10 @@
 OpenSSL CHANGES
 _______________

- Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
-
-  *) Rework the filename-translation in the DSO code. It is now possible to
-     have far greater control over how a "name" is turned into a filename
-     depending on the operating environment and any oddities about the
-     different shared library filenames on each system.
-     [Geoff Thorpe]
-
-  *) Support threads on FreeBSD-elf in Configure.
-     [Richard Levitte]
-
-  *) Add the possibility to create shared libraries on HP-UX
-     [Richard Levitte]
-
-  *) Fix for SHA1 assembly problem with MASM: it produces
-     warnings about corrupt line number information when assembling
-     with debugging information. This is caused by the overlapping
-     of two sections.
-     [Bernd Matthes <mainbug@celocom.de>, Steve Henson]
-
-  *) NCONF changes.
-     NCONF_get_number() has no error checking at all.  As a replacement,
-     NCONF_get_number_e() is defined (_e for "error checking") and is
-     promoted strongly.  The old NCONF_get_number is kept around for
-     binary backward compatibility.
-     Make it possible for methods to load from something other than a BIO,
-     by providing a function pointer that is given a name instead of a BIO.
-     For example, this could be used to load configuration data from an
-     LDAP server.
-     [Richard Levitte]
-
-  *) Fix typo in get_cert_by_subject() in by_dir.c
-     [Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
-
-  *) Rework the system to generate shared libraries:
-
-     - Make note of the expected extension for the shared libraries and
-       if there is a need for symbolic links from for example libcrypto.so.0
-       to libcrypto.so.0.9.7.  There is extended info in Configure for
-       that.
-
-     - Make as few rebuilds of the shared libraries as possible.
-
-     - Still avoid linking the OpenSSL programs with the shared libraries.
-
-     - When installing, install the shared libraries separately from the
-       static ones.
-     [Richard Levitte]
-
-  *) Fix for non blocking accept BIOs. Added new I/O special reason
-     BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
-     with non blocking I/O was not possible because no retry code was
-     implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
-     this case.
-     [Steve Henson]
-
-  *) Added the beginnings of Rijndael support.
-     [Ben Laurie]
-
-  *) Fix for bug in DirectoryString mask setting. Add support for
-     X509_NAME_print_ex() in 'req' and X509_print_ex() function
-     to allow certificate printing to more controllable, additional
-     'certopt' option to 'x509' to allow new printing options to be
-     set.
-     [Steve Henson]
-
-  *) Clean old EAY MD5 hack from e_os.h.
-     [Richard Levitte]
-
-  *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
-
-     Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
-     and not in SSL_clear because the latter is also used by the
-     accept/connect functions; previously, the settings made by
-     SSL_set_read_ahead would be lost during the handshake.
-     [Bodo Moeller; problems reported by Anders Gertz <gertz@epact.se>]     
-
-  *) Correct util/mkdef.pl to be selective about disabled algorithms.
-     Previously, it would create entries for disableed algorithms no
-     matter what.
-     [Richard Levitte]
-
- Changes between 0.9.5a and 0.9.6  [24 Sep 2000]
-
-  *) In ssl23_get_client_hello, generate an error message when faced
-     with an initial SSL 3.0/TLS record that is too small to contain the
-     first two bytes of the ClientHello message, i.e. client_version.
-     (Note that this is a pathologic case that probably has never happened
-     in real life.)  The previous approach was to use the version number
-     from the record header as a substitute; but our protocol choice
-     should not depend on that one because it is not authenticated
-     by the Finished messages.
-     [Bodo Moeller]
-
-  *) More robust randomness gathering functions for Windows.
-     [Jeffrey Altman <jaltman@columbia.edu>]
-
-  *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
-     not set then we don't setup the error code for issuer check errors
-     to avoid possibly overwriting other errors which the callback does
-     handle. If an application does set the flag then we assume it knows
-     what it is doing and can handle the new informational codes
-     appropriately.
-     [Steve Henson]
-
-  *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
-     a general "ANY" type, as such it should be able to decode anything
-     including tagged types. However it didn't check the class so it would
-     wrongly interpret tagged types in the same way as their universal
-     counterpart and unknown types were just rejected. Changed so that the
-     tagged and unknown types are handled in the same way as a SEQUENCE:
-     that is the encoding is stored intact. There is also a new type
-     "V_ASN1_OTHER" which is used when the class is not universal, in this
-     case we have no idea what the actual type is so we just lump them all
-     together.
-     [Steve Henson]
-
-  *) On VMS, stdout may very well lead to a file that is written to
-     in a record-oriented fashion.  That means that every write() will
-     write a separate record, which will be read separately by the
-     programs trying to read from it.  This can be very confusing.
-
-     The solution is to put a BIO filter in the way that will buffer
-     text until a linefeed is reached, and then write everything a
-     line at a time, so every record written will be an actual line,
-     not chunks of lines and not (usually doesn't happen, but I've
-     seen it once) several lines in one record.  BIO_f_linebuffer() is
-     the answer.
-
-     Currently, it's a VMS-only method, because that's where it has
-     been tested well enough.
-     [Richard Levitte]
-
-  *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
-     it can return incorrect results.
-     (Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
-     but it was in 0.9.6-beta[12].)
-     [Bodo Moeller]
-
-  *) Disable the check for content being present when verifying detached
-     signatures in pk7_smime.c. Some versions of Netscape (wrongly)
-     include zero length content when signing messages.
-     [Steve Henson]
+ Changes between 0.9.5a and 0.9.6  [xx XXX 2000]

  *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
     BIO_ctrl (for BIO pairs).
-     [Bodo M<>ller]

  *) Add DSO method for VMS.
     [Richard Levitte]
@@ -382,7 +239,7 @@
     [Steve Henson]

  *) Changes needed for Tandem NSK.
-     [Scott Uroff <scott@xypro.com>]
+     [Scott Uroff scott@xypro.com]

  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
     RSA_padding_check_SSLv23(), special padding was never detected
--- a/161
+++ b/161
@@ -10,7 +10,7 @@ use strict;

 # see INSTALL for instructions.

-my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n";
+my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [rsaref] [no-threads] [no-asm] [no-dso] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n";

 # Options:
 #
@@ -23,11 +23,20 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
 #               default).  This needn't be set in advance, you can
 #               just as well use "make INSTALL_PREFIX=/whatever install".
 #
+# no-hw-xxx     do not compile support for specific crypto hardware.
+#               Generic OpenSSL-style methods relating to this support
+#               are always compiled but return NULL if the hardware
+#               support isn't compiled.
+# no-hw         do not compile support for any crypto hardware.
 # rsaref        use RSAref
 # [no-]threads  [don't] try to create a library that is suitable for
 #               multithreaded applications (default is "threads" if we
 #               know how to do it)
 # [no-]shared	[don't] try to create shared libraries when supported.
+#               IT IS NOT RECOMMENDED TO USE "shared"!  Since this is a
+#               development branch, the positions of the ENGINE symbols
+#               in the transfer vector are constantly moving, so binary
+#               backward compatibility can't be guaranteed in any way.
 # no-asm        do not use assembler
 # no-dso        do not compile in any native shared-library methods. This
 #               will ensure that all methods just return NULL.
@@ -127,32 +136,32 @@ my %table=(
 # surrounds it with #APP #NO_APP comment pair which (at least Solaris
 # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
 # error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC",

 #### SPARC Solaris with GNU C setups
-"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
+"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC",
 # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
 # but keep the assembler modules.
-"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC",

 #### SPARC Solaris with Sun C setups
 # DO NOT use /xO[34] on sparc with SC3.0.  It is broken, and will not pass the tests
-"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
 # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
 # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
 # SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC",
 ####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",

 #### SPARC Linux setups
 "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
@@ -214,41 +223,41 @@ my %table=(
 #
 #!#"hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
+"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W:::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
+"hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl",

 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
 # Chris Ruemmler <ruemmler@cup.hp.com>
 # Kevin Steves <ks@hp.se>
-"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT:-ldl:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2.o:::::::::dl",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dl",
+"hpux-parisc1_1-cc","cc:+DA1.1 +DS1.1 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT:-ldl:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dl",

 # HPUX 9.X config.
 # Don't use the bundled cc.  It is broken.  Use HP ANSI C if possible, or
 # egcs.  gcc 2.8.1 is also broken.

-"hpux-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # If hpux-cc fails (e.g. during "make test"), try the next one; otherwise,
 # please report your OS and compiler version to the openssl-bugs@openssl.org
 # mailing list.
-"hpux-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",

-"hpux-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # If hpux-gcc fails, try this one:
-"hpux-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown):-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",

 # HPUX 10.X config.  Supports threads.
-"hpux10-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O3 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # If hpux10-cc fails, try this one (if still fails, try deleting BN_LLONG):
-"hpux10-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-brokencc",	"cc:-DB_ENDIAN -DBN_DIV2W -Ae +ESlit +O2 -z::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",

-"hpux10-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl",
 # If hpux10-gcc fails, try this one:
-"hpux10-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux10-brokengcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::-D_REENTRANT:-ldld:DES_PTR DES_UNROLL DES_RISC1::::::::::dl",

 # HPUX 11.X from www.globus.org.
 # Only works on PA-RISC 2.0 cpus, and not optimized.  Why?
@@ -256,16 +265,13 @@ my %table=(
 #"hpux11-64bit-cc","cc:+DA2.0W -g -D_HPUX_SOURCE -Aa -Ae +ESlit::-D_REENTRANT::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT :::",
 # Use unified settings above instead.

-#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
-"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -DMPE -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-
 # Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
 # the new compiler
 # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
-"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared::.so",
-"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so",
-"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared::.so",
-"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared",
+"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
+"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
+"FreeBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2:::",

 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
@@ -280,8 +286,8 @@ my %table=(
 #
 #					<appro@fy.chalmers.se>
 #
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o:::::::::dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o:::::::::dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
 "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",
 "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",

@@ -290,7 +296,7 @@ my %table=(

 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
 "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
@@ -298,13 +304,13 @@ my %table=(
 "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
 "linux-m68k",   "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
 "linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::",
-"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
+"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 "nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 # NCR MP-RAS UNIX ver 02.03.01
@@ -314,7 +320,7 @@ my %table=(
 "qnx4",	"cc:-DL_ENDIAN -DTERMIO::(unknown)::${x86_gcc_des} ${x86_gcc_opts}:",

 # Linux on ARM
-"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC",

 # UnixWare 2.0
 "unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
@@ -397,10 +403,10 @@ my %table=(
 ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown)::::::",

 # Some OpenBSD from Bob Beck <beck@obtuse.com>
-"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
+"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn",
+"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
+"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",

 ##### MacOS X (a.k.a. Rhapsody) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -490,6 +496,18 @@ PROCESS_ARGS:
 			$flags .= "-DNO_ASM ";
 			$openssl_other_defines .= "#define NO_ASM\n";
 			}
+		elsif (/^no-hw-(.+)$/)
+			{
+			my $hw=$1;
+			$hw =~ tr/[a-z]/[A-Z]/;
+			$flags .= "-DNO_HW_$hw ";
+			$openssl_other_defines .= "#define NO_HW_$hw\n";
+			}
+		elsif (/^no-hw$/)
+			{
+			$flags .= "-DNO_HW ";
+			$openssl_other_defines .= "#define NO_HW\n";
+			}
 		elsif (/^no-dso$/)
 			{ $no_dso=1; }
 		elsif (/^no-threads$/)
@@ -632,8 +650,8 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//;
 print "IsWindows=$IsWindows\n";

 (my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
- $md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,my $shared_extension)=
-	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+ $md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
+	split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
 $cflags="$flags$cflags" if ($flags ne "");

 # The DSO code currently always implements all functions so that no
@@ -708,22 +726,17 @@ if ($threads)
 	}

 # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
-my $shared_mark = "";
-if ($shared_target ne "")
+my $shared_mark1 = "";
+my $shared_mark2 = "";
+if ($shared_cflag ne "")
 	{
-	if ($shared_cflag ne "")
-		{
-		$cflags = "$shared_cflag $cflags";
-		}
+	$cflags = "$shared_cflag $cflags";
 	if (!$no_shared)
 		{
-		#$shared_mark = "\$(SHARED_LIBS)";
+		$shared_mark1 = ".shlib-clean.";
+		$shared_mark2 = ".shlib.";
 		}
 	}
-else
-	{
-	$no_shared = 1;
-	}

 #my ($bn1)=split(/\s+/,$bn_obj);
 #$bn1 = "" unless defined $bn1;
@@ -805,7 +818,6 @@ while (<IN>)
 	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
 	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
 	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
-	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
 	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
 	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
 	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
@@ -829,18 +841,9 @@ while (<IN>)
 	s/^RANLIB=.*/RANLIB= $ranlib/;
 	s/^PERL=.*/PERL= $perl/;
 	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
-	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
-	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
-	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
-		{
-		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/
-		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
-		{
-		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
-		}
+	s/^SHLIB_MARK1=.*/SHLIB_MARK1=$shared_mark1/;
+	s/^SHLIB_MARK2=.*/SHLIB_MARK2=$shared_mark2/;
+	s/^LIBS=.*/LIBS=libcrypto\.so\* libssl\.so\*/ if (!$no_shared);
 	print OUT $_."\n";
 	}
 close(IN);
@@ -1127,9 +1130,8 @@ sub print_table_entry
 	(my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,
 	my $bn_obj,my $des_obj,my $bf_obj,
 	my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
-	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
-	my $shared_extension)=
-	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
+	split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
 			
 	print <<EOF

@@ -1152,6 +1154,5 @@ sub print_table_entry
 \$dso_scheme   = $dso_scheme
 \$shared_target= $shared_target
 \$shared_cflag = $shared_cflag
-\$shared_extension = $shared_extension
 EOF
 	}
--- a/34
+++ b/34
@@ -27,14 +27,12 @@ OpenSSL  -  Frequently Asked Questions
 * Why does the OpenSSL test fail with "bc: 1 no implemented"?
 * Why does the OpenSSL compilation fail on Alpha True64 Unix?
 * Why does the OpenSSL compilation fail with "ar: command not found"?
-* Why does the OpenSSL compilation fail on Win32 with VC++?
-* Why aren't tools like 'autoconf' and 'libtool' used?


 * Which is the current version of OpenSSL?

 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6 was released on September 24th, 2000.
+OpenSSL 0.9.5a was released on April 1st, 2000.

 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -137,7 +135,7 @@ installing the SUNski package from Sun patch 105710-01 (Sparc) which
 adds a /dev/random device and make sure it gets used, usually through
 $RANDFILE.  There are probably similar patches for the other Solaris
 versions.  However, be warned that /dev/random is usually a blocking
-device, which may have some effects on OpenSSL.
+device, which may have som effects on OpenSSL.


 * Why does the linker complain about undefined symbols?
@@ -196,7 +194,7 @@ unsigned char *buf, *p;
 int len;

 len = i2d_PKCS7(p7, NULL);
-buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
+buf = OPENSSL_Malloc(len); /* or Malloc, error checking omitted */
 p = buf;
 i2d_PKCS7(p7, &p);

@@ -432,29 +430,3 @@ and then redo the compilation.  What you should really do is make sure
 '/usr/ccs/bin' is permanently in your $PATH, for example through your
 '.profile' (again, assuming you use a sh-compatible shell).

-
-* Why does the OpenSSL compilation fail on Win32 with VC++?
-
-Sometimes, you may get reports from VC++ command line (cl) that it
-can't find standard include files like stdio.h and other weirdnesses.
-One possible cause is that the environment isn't correctly set up.
-To solve that problem, one should run VCVARS32.BAT which is found in
-the 'bin' subdirectory of the VC++ installation directory (somewhere
-under 'Program Files').  This needs to be done prior to running NMAKE,
-and the changes are only valid for the current DOS session.
-
-
-* Why aren't tools like 'autoconf' and 'libtool' used?
-
-autoconf is a nice tool, but is unfortunately very Unix-centric.
-Although one can come up with solution to have ports keep in track,
-there's also some work needed for that, and can be quite painful at
-times.  If there was a 'autoconf'-like tool that generated perl
-scripts or something similarly general, it would probably be used
-in OpenSSL much earlier.
-
-libtool has repeatadly been reported by some members of the OpenSSL
-development and others to be a pain to use.  So far, those in the
-development team who have said anything about this have expressed
-a wish to avoid libtool for that reason.
-
--- a/5
+++ b/5
@@ -57,7 +57,10 @@

  shared        In addition to the usual static libraries, create shared
                libraries on platforms where it's supported.  See "Note on
-                shared libraries" below.
+                shared libraries" below.  THIS IS NOT RECOMMENDED!  Since
+                this is a development branch, the positions of the ENGINE
+                symbols in the transfer vector are constantly moving, so
+                binary backward compatibility can't be guaranteed in any way.

  no-asm        Do not use assembler code.

--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -108,8 +108,8 @@

 * Compiler installation:

-   Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/
-   gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. GNU make is at
+   Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/
+   mingw32/egcs-1.1.2/egcs-1.1.2-mingw32.zip>. GNU make is at
   <ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
   make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
   C:\egcs-1.1.2\mingw32.bat to set the PATH.
--- a/Makefile.org
+++ b/Makefile.org
@@ -9,7 +9,6 @@ SHLIB_VERSION_NUMBER=
 SHLIB_VERSION_HISTORY=
 SHLIB_MAJOR=
 SHLIB_MINOR=
-SHLIB_EXT=
 PLATFORM=dist
 OPTIONS=
 CONFIGURE_ARGS=
@@ -63,7 +62,7 @@ AR=ar r
 RANLIB= ranlib
 PERL= perl
 TAR= tar
-TARFLAGS= --no-recursion
+TARFLAGS= --norecurse

 # Set BN_ASM to bn_asm.o if you want to use the C version
 BN_ASM= bn_asm.o
@@ -150,18 +149,21 @@ RMD160_ASM_OBJ= asm/rm86-out.o
 #RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
 #RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi

+# To do special treatment, use "directory names" starting with a period.
 # When we're prepared to use shared libraries in the programs we link here
-# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
-SHLIB_MARK=
+# we might have SHLIB_MARK1 get the value ".shlib." and SHLIB_MARK2 be empty,
+# or have that configurable.
+SHLIB_MARK1=.shlib-clean.
+SHLIB_MARK2=.shlib.

-DIRS=   crypto ssl rsaref $(SHLIB_MARK) apps test tools
+DIRS=   crypto ssl rsaref $(SHLIB_MARK1) apps test tools $(SHLIB_MARK2)
 SHLIBDIRS= crypto ssl

 # dirs in crypto to build
 SDIRS=  \
 	md2 md4 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
-	bn rsa dsa dh dso rijndael \
+	bn rsa dsa dh dso engine \
 	buffer bio stack lhash rand err objects \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp

@@ -178,10 +180,7 @@ ONEDIRS=out tmp
 EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
 WDIRS=  windows
 LIBS=   libcrypto.a libssl.a
-SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
-SHARED_SSL=libssl$(SHLIB_EXT)
-SHARED_LIBS=
-SHARED_LIBS_LINK_EXTS=
+SHARED_LIBS=libcrypto.so libssl.so

 GENERAL=        Makefile
 BASENAME=       openssl
@@ -191,77 +190,88 @@ WTARFILE=       $(NAME)-win.tar
 EXHEADER=       e_os.h e_os2.h
 HEADER=         e_os.h

-# When we're prepared to use shared libraries in the programs we link here
-# we might remove 'clean-shared' from the targets to perform at this stage
-
-all: clean-shared Makefile.ssl sub_all
-
-sub_all:
-	@for i in $(DIRS); \
+all: Makefile.ssl
+	@need_shlib=true; \
+	for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
-		(cd $$i && echo "making all in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
+	if [ "$$i" = ".shlib-clean." ]; then \
+		if [ "$(SHLIB_TARGET)" != "" ]; then \
+			$(MAKE) clean-shared; \
+		fi; \
+	elif [ "$$i" = ".shlib." ]; then \
+		if [ "$(SHLIB_TARGET)" != "" ]; then \
+			$(MAKE) $(SHARED_LIBS); \
+		fi; \
+		need_shlib=false; \
 	else \
-		$(MAKE) $$i; \
+		(cd $$i && echo "making all in $$i..." && \
+		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
 	fi; \
 	done; \
-	if echo "$(DIRS)" | \
-	    egrep '(^| )(crypto|ssl)( |$$)' > /dev/null 2>&1 && \
-	   [ -n "$(SHARED_LIBS)" ]; then \
+	if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
 		$(MAKE) $(SHARED_LIBS); \
 	fi

-libcrypto$(SHLIB_EXT): libcrypto.a
+sub_all:
+	@need_shlib=true; \
+	for i in $(DIRS) ;\
+	do \
+	if [ "$$i" = ".shlib-clean." ]; then \
+		if [ "$(SHLIB_TARGET)" != "" ]; then \
+			$(MAKE) clean-shared; \
+		fi; \
+	elif [ "$$i" = ".shlib." ]; then \
+		if [ "$(SHLIB_TARGET)" != "" ]; then \
+			$(MAKE) $(SHARED_LIBS); \
+		fi; \
+		need_shlib=false; \
+	else \
+		(cd $$i && echo "making all in $$i..." && \
+		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
+	fi; \
+	done; \
+	if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
+		$(MAKE) $(SHARED_LIBS); \
+	fi
+
+libcrypto.so: libcrypto.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=crypto build-shared; \
+		$(MAKE) SHLIBDIRS=crypto $(SHLIB_TARGET); \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 	fi
-libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+libssl.so: libcrypto.so libssl.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-L. -lcrypto' build-shared; \
+		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-L. -lcrypto' $(SHLIB_TARGET); \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 	fi

 clean-shared:
-	@for i in $(SHLIBDIRS); do \
-		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-			for j in $${tmp:-x}; do \
-				( set -x; rm -f lib$$i$$j ); \
-			done; \
-		fi; \
-		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+	for i in ${SHLIBDIRS}; do \
+	rm -f lib$$i.so \
+		lib$$i.so.${SHLIB_MAJOR} \
+		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
 	done

-link-shared:
-	@for i in $(SHLIBDIRS); do \
-		prev=lib$$i$(SHLIB_EXT); \
-		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
-			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
-			for j in $${tmp:-x}; do \
-				( set -x; ln -s -f $$prev lib$$i$$j ); \
-				prev=lib$$i$$j; \
-			done; \
-		fi; \
-	done
-
-build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
-
-do_bsd-gcc-shared: linux-shared
-do_linux-shared:
+linux-shared:
 	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
+	rm -f lib$$i.so \
+		lib$$i.so.${SHLIB_MAJOR} \
+		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
 	( set -x; ${CC}  -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
 		-Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR} \
 		-Wl,--whole-archive lib$$i.a \
 		-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
 	libs="$$libs -L. -l$$i"; \
+	( set -x; \
+		ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
+			lib$$i.so.${SHLIB_MAJOR}; \
+		ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so ); \
 	done

 # This assumes that GNU utilities are *not* used
-do_true64-shared:
+true64-shared:
 	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
 	( set -x; ${CC}  -shared -no_archive -o lib$$i.so \
 		-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
@@ -270,31 +280,18 @@ do_true64-shared:
 	done

 # This assumes that GNU utilities are *not* used
-do_solaris-shared:
+solaris-shared:
 	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
+	rm -f lib$$i.so \
+		lib$$i.so.${SHLIB_MAJOR} \
+		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
 	( set -x; ${CC}  -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
 		-h lib$$i.so.${SHLIB_MAJOR} \
 		-z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
 	libs="$$libs -L. -l$$i"; \
-	done
-
-# This assumes that GNU utilities are *not* used
-do_hpux-shared:
-	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	( set -x; /usr/ccs/bin/ld +vnocompatwarnings \
-		-b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Fl lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="$$libs -L. -l$$i"; \
-	done
-
-# This assumes that GNU utilities are *not* used
-do_hpux64-shared:
-	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	( set -x; /usr/ccs/bin/ld -b -z -o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+forceload lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="$$libs -L. -l$$i"; \
+	ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
+		lib$$i.so.${SHLIB_MAJOR}; \
+	ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so; \
 	done

 Makefile.ssl: Makefile.org
@@ -309,7 +306,7 @@ clean:
 	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making clean in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
 		rm -f $(LIBS); \
@@ -330,7 +327,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making 'files' in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
 	fi; \
@@ -341,7 +338,7 @@ links:
 	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
 	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
 	@for i in $(DIRS); do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making links in $$i..." && \
 		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \
 	fi; \
@@ -351,7 +348,7 @@ dclean:
 	rm -f *.bak
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making dclean in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
 	fi; \
@@ -375,7 +372,7 @@ report:
 depend:
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making dependencies $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' depend ) || exit 1; \
 	fi; \
@@ -384,7 +381,7 @@ depend:
 lint:
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making lint $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
 	fi; \
@@ -393,7 +390,7 @@ lint:
 tags:
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i && echo "making tags $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
 	fi; \
@@ -455,7 +452,7 @@ install: all install_docs
 	done;
 	@for i in $(DIRS) ;\
 	do \
-	if [ -d "$$i" ]; then \
+	if echo "$$i" | grep -v '^\.'; then \
 		(cd $$i; echo "installing $$i..."; \
 		$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' install ); \
 	fi; \
@@ -469,20 +466,6 @@ install: all install_docs
 			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
 		fi \
 	done
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-		tmp="$(SHARED_LIBS)"; \
-		for i in $${tmp:-x}; \
-		do \
-			if [ -f "$$i" ]; then \
-			(       echo installing $$i; \
-				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-				chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
-			fi \
-		done; \
-		(	here="`pwd`"; \
-			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-			make -f $$here/Makefile link-shared ); \
-	fi

 install_docs:
 	@$(PERL) $(TOP)/util/mkdir-p.pl \
@@ -490,23 +473,30 @@ install_docs:
 		$(INSTALL_PREFIX)$(MANDIR)/man3 \
 		$(INSTALL_PREFIX)$(MANDIR)/man5 \
 		$(INSTALL_PREFIX)$(MANDIR)/man7
+	@echo installing man 1 and man 5
 	@for i in doc/apps/*.pod; do \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
-		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			 --release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
+	@echo installing man 3 and man 7
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
-		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done

+shlib: all
+	if [ ! -d shlib_dir ] ; then mkdir shlib_dir ; else rm -f shlib_dir/* ; fi
+	cd shlib_dir ; ar -x ../libcrypto.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libcrypto.so.0.9 \
+            -o ./libcrypto.so.0.9.4 && rm *.o
+	cd shlib_dir ; ar -x ../libssl.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libssl.so.0.9 \
+            -o ./libssl.so.0.9.4 && rm *.o
+
 # DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/15
+++ b/15
@@ -5,21 +5,6 @@
  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.

-  Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
-
-      o Some documentation for BIO and SSL libraries.
-      o Enhanced chain verification using key identifiers.
-      o New sign and verify options to 'dgst' application.
-      o Support for DER and PEM encoded messages in 'smime' application.
-      o New 'rsautl' application, low level RSA utility.
-      o MD4 now included.
-      o Bugfix for SSL rollback padding check.
-      o Support for external crypto devices [1].
-      o Enhanced EVP interface.
-
-    [1] The support for external crypto devices is currently a separate
-        distribution.  See the file README.ENGINE.
-
  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:

      o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
--- a/5
+++ b/5
@@ -1,5 +1,5 @@

- OpenSSL 0.9.7-dev 24 Sep 2000
+ OpenSSL 0.9.6-beta2 [engine] 17 Sep 2000

 Copyright (c) 1998-2000 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -163,9 +163,6 @@
 the string "[PATCH]" in the subject. Please be sure to include a
 textual explanation of what your patch does.

- Note: For legal reasons, contributions from the US can be accepted only
- if a copy of the patch is sent to crypt@bxa.doc.gov
-
 The preferred format for changes is "diff -u" output. You might
 generate it like this:

--- a/README.ENGINE
+++ b/README.ENGINE
@@ -1,63 +0,0 @@
-
-  ENGINE
-  ======
-
-  With OpenSSL 0.9.6, a new component has been added to support external 
-  crypto devices, for example accelerator cards.  The component is called
-  ENGINE, and has still a pretty experimental status and almost no
-  documentation.  It's designed to be faily easily extensible by the
-  calling programs.
-
-  There's currently built-in support for the following crypto devices:
-
-      o CryptoSwift
-      o Compaq Atalla
-      o nCipher CHIL
-
-  A number of things are still needed and are being worked on:
-
-      o An openssl utility command to handle or at least check available
-        engines.
-      o A better way of handling the methods that are handled by the
-        engines.
-      o Documentation!
-
-  What already exists is fairly stable as far as it has been tested, but
-  the test base has been a bit small most of the time.
-
-  Because of this experimental status and what's lacking, the ENGINE
-  component is not yet part of the default OpenSSL distribution.  However,
-  we have made a separate kit for those who want to try this out, to be
-  found in the same places as the default OpenSSL distribution, but with
-  "-engine-" being part of the kit file name.  For example, version 0.9.6
-  is distributed in the following two files:
-
-      openssl-0.9.6.tar.gz
-      openssl-engine-0.9.6.tar.gz
-
-  NOTES
-  =====
-
-  openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do
-  not need to download both.
-
-  openssl-engine-0.9.6.tar.gz is usable even if you don't have an external
-  crypto device.  The internal OpenSSL functions are contained in the
-  engine "openssl", and will be used by default.
-
-  No external crypto device is chosen unless you say so.  You have actively
-  tell the openssl utility commands to use it through a new command line
-  switch called "-engine".  And if you want to use the ENGINE library to
-  do something similar, you must also explicitely choose an external crypto
-  device, or the built-in crypto routines will be used, just as in the
-  default OpenSSL distribution.
-
-
-  PROBLEMS
-  ========
-
-  It seems like the ENGINE part doesn't work too well with Cryptoswift on
-  Win32.  A quick test done right before the release showed that trying
-  "openssl speed -engine cswift" generated errors.  If the DSO gets enabled,
-  an attempt is made to write at memory address 0x00000002.
-
--- a/56
+++ b/56
@@ -1,18 +1,49 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/10/23 14:36:18 $
+  ______________                           $Date: 2000/09/17 15:56:27 $

  DEVELOPMENT STATE

-    o  OpenSSL 0.9.7:  Under development...
-    o  OpenSSL 0.9.6:  Released on September 24th, 2000
-    o  OpenSSL 0.9.5a: Released on April      1st, 2000
-    o  OpenSSL 0.9.5:  Released on February  28th, 2000
-    o  OpenSSL 0.9.4:  Released on August    09th, 1999
-    o  OpenSSL 0.9.3a: Released on May       29th, 1999
-    o  OpenSSL 0.9.3:  Released on May       25th, 1999
-    o  OpenSSL 0.9.2b: Released on March     22th, 1999
-    o  OpenSSL 0.9.1c: Released on December  23th, 1998
+    o  OpenSSL 0.9.6:  Under development (in release cycle)...
+                       Proposed release date September 24, 2000
+                       0.9.6-beta1 is available:
+			OpenBSD-x86 2.7			- failed
+				ftime not supported [FIXED]
+			hpux-parisc-cc 10.20		- passed
+			hpux-parisc-gcc 10.20		- passed
+			hpux-parisc-gcc 11.00		- passed
+			hpux-gcc			- passed
+			hpux-brokengcc			- failed
+				BN_sqr fails in test
+			linux-elf			- passed
+			linux-sparcv7			- passed
+			linux-ppc			- passed
+			Solaris [engine]		- failed
+				speed cswift gives odd errors [FIXED]
+			solaris-sparcv8-gcc		- passed
+			solaris-sparcv9-gcc		- passed
+			solaris-sparcv9-cc		- passed
+			solaris64-sparcv9-cc		- passed
+			sco5-gcc			- passed
+			sco5-cc				- passed
+			FreeBSD				- passed
+			Win32 VC++			- failed
+				PCURSORINFO not defined unless Win2000 [FIXED]
+				RAND_poll() problem on Win2000 [FIXED]
+				DSO method always DSO_METHOD_null [FIXED]
+			CygWin32			- test failed
+			MingW32				- failed
+				thelp32.h
+			aix-gcc (AIX 4.3.2)		- passed
+			VMS/Alpha			- failed
+				Some things were missing [FIXED]
+    o  OpenSSL 0.9.5a: Released on April     1st, 2000
+    o  OpenSSL 0.9.5:  Released on February 28th, 2000
+    o  OpenSSL 0.9.4:  Released on August   09th, 1999
+    o  OpenSSL 0.9.3a: Released on May      29th, 1999
+    o  OpenSSL 0.9.3:  Released on May      25th, 1999
+    o  OpenSSL 0.9.2b: Released on March    22th, 1999
+    o  OpenSSL 0.9.1c: Released on December 23th, 1998

  RELEASE SHOWSTOPPERS

@@ -25,7 +56,7 @@
    o Steve is currently working on (in no particular order):
        ASN1 code redesign, butchery, replacement.
        EVP cipher enhancement.
-     /* Proper (or at least usable) certificate chain verification. */
+        Proper (or at least usable) certificate chain verification.
 	Private key, certificate and CRL API and implementation.
 	Developing and bugfixing PKCS#7 (S/MIME code).
        Various X509 issues: character sets, certificate request extensions.
@@ -45,6 +76,9 @@

  OPEN ISSUES

+    o internal_verify doesn't know about X509.v3 (basicConstraints
+      CA flag ...)
+
    o  The Makefile hierarchy and build mechanism is still not a round thing:

       1. The config vs. Configure scripts
--- a/277
+++ b/277
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -158,7 +158,6 @@ app_rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 app_rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
 app_rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 app_rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-app_rand.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 app_rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -179,8 +178,7 @@ apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
 apps.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-apps.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-apps.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+apps.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
 apps.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -201,7 +199,6 @@ asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
 asn1pars.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-asn1pars.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 asn1pars.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -212,17 +209,17 @@ ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h
 ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h
 ca.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-ca.o: ../include/openssl/evp.h ../include/openssl/idea.h
-ca.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-ca.o: ../include/openssl/md4.h ../include/openssl/md5.h
-ca.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-ca.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-ca.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ca.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+ca.o: ../include/openssl/err.h ../include/openssl/evp.h
+ca.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+ca.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ca.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ca.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 ca.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ca.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-ca.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+ca.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 ca.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
 ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
@@ -244,8 +241,7 @@ ciphers.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 ciphers.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 ciphers.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 ciphers.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-ciphers.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-ciphers.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+ciphers.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 ciphers.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 ciphers.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -268,7 +264,6 @@ crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 crl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
 crl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-crl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 crl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -290,7 +285,6 @@ crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
 crl2p7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-crl2p7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 crl2p7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -302,16 +296,16 @@ dgst.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 dgst.o: ../include/openssl/des.h ../include/openssl/dh.h
 dgst.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dgst.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dgst.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+dgst.o: ../include/openssl/engine.h ../include/openssl/err.h
+dgst.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dgst.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dgst.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dgst.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dgst.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 dgst.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dgst.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 dgst.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -322,17 +316,17 @@ dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h
 dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 dh.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h
 dh.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-dh.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-dh.o: ../include/openssl/evp.h ../include/openssl/idea.h
-dh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-dh.o: ../include/openssl/md4.h ../include/openssl/md5.h
-dh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dh.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+dh.o: ../include/openssl/err.h ../include/openssl/evp.h
+dh.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+dh.o: ../include/openssl/md2.h ../include/openssl/md4.h
+dh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+dh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dh.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-dh.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
 dh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -344,16 +338,16 @@ dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 dsa.o: ../include/openssl/des.h ../include/openssl/dh.h
 dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+dsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+dsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 dsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 dsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -365,16 +359,16 @@ dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 dsaparam.o: ../include/openssl/des.h ../include/openssl/dh.h
 dsaparam.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsaparam.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-dsaparam.o: ../include/openssl/md2.h ../include/openssl/md4.h
-dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/idea.h
+dsaparam.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+dsaparam.o: ../include/openssl/md4.h ../include/openssl/md5.h
+dsaparam.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dsaparam.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dsaparam.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 dsaparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -386,21 +380,20 @@ enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 enc.o: ../include/openssl/des.h ../include/openssl/dh.h
 enc.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-enc.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-enc.o: ../include/openssl/md2.h ../include/openssl/md4.h
-enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-enc.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-enc.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
-enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
-enc.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-enc.o: ../include/openssl/x509_vfy.h apps.h
+enc.o: ../include/openssl/engine.h ../include/openssl/err.h
+enc.o: ../include/openssl/evp.h ../include/openssl/idea.h
+enc.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+enc.o: ../include/openssl/md4.h ../include/openssl/md5.h
+enc.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+enc.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+enc.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+enc.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
 errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -417,8 +410,7 @@ errstr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 errstr.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 errstr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 errstr.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-errstr.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-errstr.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+errstr.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 errstr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 errstr.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -432,21 +424,20 @@ gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 gendh.o: ../include/openssl/des.h ../include/openssl/dh.h
 gendh.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendh.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-gendh.o: ../include/openssl/md2.h ../include/openssl/md4.h
-gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-gendh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-gendh.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-gendh.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
-gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-gendh.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-gendh.o: ../include/openssl/x509_vfy.h apps.h
+gendh.o: ../include/openssl/engine.h ../include/openssl/err.h
+gendh.o: ../include/openssl/evp.h ../include/openssl/idea.h
+gendh.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+gendh.o: ../include/openssl/md4.h ../include/openssl/md5.h
+gendh.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+gendh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
 gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -454,16 +445,16 @@ gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 gendsa.o: ../include/openssl/des.h ../include/openssl/dh.h
 gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-gendsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+gendsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+gendsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+gendsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+gendsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-gendsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -475,16 +466,16 @@ genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 genrsa.o: ../include/openssl/des.h ../include/openssl/dh.h
 genrsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-genrsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-genrsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+genrsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+genrsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+genrsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+genrsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-genrsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 genrsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -505,7 +496,6 @@ nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 nseq.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
 nseq.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-nseq.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 nseq.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -526,8 +516,7 @@ openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-openssl.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-openssl.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -550,8 +539,7 @@ passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
 passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 passwd.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-passwd.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-passwd.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+passwd.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 passwd.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h
 passwd.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -563,17 +551,17 @@ pkcs12.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 pkcs12.o: ../include/openssl/des.h ../include/openssl/dh.h
 pkcs12.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs12.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs12.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+pkcs12.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs12.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs12.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs12.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 pkcs12.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs12.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-pkcs12.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+pkcs12.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 pkcs12.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
 pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -585,16 +573,16 @@ pkcs7.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 pkcs7.o: ../include/openssl/des.h ../include/openssl/dh.h
 pkcs7.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs7.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+pkcs7.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs7.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs7.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs7.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkcs7.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 pkcs7.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs7.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 pkcs7.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -606,17 +594,17 @@ pkcs8.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 pkcs8.o: ../include/openssl/des.h ../include/openssl/dh.h
 pkcs8.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-pkcs8.o: ../include/openssl/md2.h ../include/openssl/md4.h
-pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs8.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+pkcs8.o: ../include/openssl/engine.h ../include/openssl/err.h
+pkcs8.o: ../include/openssl/evp.h ../include/openssl/idea.h
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+pkcs8.o: ../include/openssl/md4.h ../include/openssl/md5.h
+pkcs8.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 pkcs8.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs8.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-pkcs8.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+pkcs8.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 pkcs8.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
 pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -628,20 +616,19 @@ rand.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 rand.o: ../include/openssl/des.h ../include/openssl/dh.h
 rand.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rand.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-rand.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rand.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-rand.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
-rand.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rand.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-rand.o: ../include/openssl/x509_vfy.h apps.h
+rand.o: ../include/openssl/engine.h ../include/openssl/err.h
+rand.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rand.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rand.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rand.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
 req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -649,16 +636,16 @@ req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 req.o: ../include/openssl/des.h ../include/openssl/dh.h
 req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 req.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-req.o: ../include/openssl/err.h ../include/openssl/evp.h
-req.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-req.o: ../include/openssl/md2.h ../include/openssl/md4.h
-req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-req.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+req.o: ../include/openssl/engine.h ../include/openssl/err.h
+req.o: ../include/openssl/evp.h ../include/openssl/idea.h
+req.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+req.o: ../include/openssl/md4.h ../include/openssl/md5.h
+req.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+req.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-req.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -671,16 +658,16 @@ rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 rsa.o: ../include/openssl/des.h ../include/openssl/dh.h
 rsa.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsa.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rsa.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+rsa.o: ../include/openssl/engine.h ../include/openssl/err.h
+rsa.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rsa.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rsa.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rsa.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+rsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 rsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rsa.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 rsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -692,16 +679,16 @@ rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 rsautl.o: ../include/openssl/des.h ../include/openssl/dh.h
 rsautl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 rsautl.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsautl.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-rsautl.o: ../include/openssl/md2.h ../include/openssl/md4.h
-rsautl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h
+rsautl.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rsautl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+rsautl.o: ../include/openssl/md4.h ../include/openssl/md5.h
+rsautl.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+rsautl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rsautl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+rsautl.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 rsautl.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rsautl.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 rsautl.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -722,8 +709,7 @@ s_cb.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 s_cb.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 s_cb.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 s_cb.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_cb.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-s_cb.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+s_cb.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 s_cb.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 s_cb.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 s_cb.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -737,17 +723,17 @@ s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h
 s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h
 s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h
 s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_client.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_client.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_client.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_client.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_client.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_client.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_client.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s_client.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+s_client.o: ../include/openssl/md2.h ../include/openssl/md4.h
+s_client.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+s_client.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 s_client.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_client.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-s_client.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+s_client.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 s_client.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 s_client.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -762,17 +748,17 @@ s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h
 s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h
 s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h
 s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os.h
-s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-s_server.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_server.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_server.o: ../include/openssl/md4.h ../include/openssl/md5.h
-s_server.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-s_server.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_server.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s_server.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+s_server.o: ../include/openssl/md2.h ../include/openssl/md4.h
+s_server.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
 s_server.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_server.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-s_server.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+s_server.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 s_server.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -796,7 +782,6 @@ s_socket.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
 s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
 s_socket.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_socket.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 s_socket.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 s_socket.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
@@ -820,8 +805,7 @@ s_time.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 s_time.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 s_time.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 s_time.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_time.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-s_time.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+s_time.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 s_time.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 s_time.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -845,8 +829,7 @@ sess_id.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 sess_id.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
 sess_id.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
 sess_id.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-sess_id.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-sess_id.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+sess_id.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 sess_id.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 sess_id.o: ../include/openssl/sha.h ../include/openssl/ssl.h
 sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
@@ -860,16 +843,16 @@ smime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 smime.o: ../include/openssl/des.h ../include/openssl/dh.h
 smime.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 smime.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-smime.o: ../include/openssl/err.h ../include/openssl/evp.h
-smime.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-smime.o: ../include/openssl/md2.h ../include/openssl/md4.h
-smime.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-smime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-smime.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+smime.o: ../include/openssl/engine.h ../include/openssl/err.h
+smime.o: ../include/openssl/evp.h ../include/openssl/idea.h
+smime.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+smime.o: ../include/openssl/md4.h ../include/openssl/md5.h
+smime.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+smime.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+smime.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 smime.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-smime.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 smime.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -881,21 +864,20 @@ speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 speed.o: ../include/openssl/des.h ../include/openssl/dh.h
 speed.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-speed.o: ../include/openssl/err.h ../include/openssl/evp.h
-speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-speed.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-speed.o: ../include/openssl/md4.h ../include/openssl/md5.h
-speed.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
-speed.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-speed.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
-speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-speed.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-speed.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h
-speed.o: ./testrsa.h apps.h
+speed.o: ../include/openssl/engine.h ../include/openssl/err.h
+speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+speed.o: ../include/openssl/md2.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+speed.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/sha.h ../include/openssl/stack.h
+speed.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+speed.o: ../include/openssl/x509_vfy.h ./testdsa.h ./testrsa.h apps.h
 spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -903,16 +885,16 @@ spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 spkac.o: ../include/openssl/des.h ../include/openssl/dh.h
 spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 spkac.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-spkac.o: ../include/openssl/md2.h ../include/openssl/md4.h
-spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-spkac.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-spkac.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+spkac.o: ../include/openssl/engine.h ../include/openssl/err.h
+spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+spkac.o: ../include/openssl/md4.h ../include/openssl/md5.h
+spkac.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+spkac.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 spkac.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-spkac.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 spkac.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -924,16 +906,16 @@ verify.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 verify.o: ../include/openssl/des.h ../include/openssl/dh.h
 verify.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 verify.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-verify.o: ../include/openssl/md2.h ../include/openssl/md4.h
-verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-verify.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-verify.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+verify.o: ../include/openssl/engine.h ../include/openssl/err.h
+verify.o: ../include/openssl/evp.h ../include/openssl/idea.h
+verify.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+verify.o: ../include/openssl/md4.h ../include/openssl/md5.h
+verify.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+verify.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 verify.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-verify.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 verify.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
@@ -953,8 +935,7 @@ version.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
 version.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 version.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
 version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-version.o: ../include/openssl/rc5.h ../include/openssl/rijndael-alg-fst.h
-version.o: ../include/openssl/rijndael.h ../include/openssl/ripemd.h
+version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
 version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
 version.o: ../include/openssl/sha.h ../include/openssl/stack.h
 version.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
@@ -966,16 +947,16 @@ x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
 x509.o: ../include/openssl/des.h ../include/openssl/dh.h
 x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
 x509.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-x509.o: ../include/openssl/err.h ../include/openssl/evp.h
-x509.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-x509.o: ../include/openssl/md2.h ../include/openssl/md4.h
-x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-x509.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
+x509.o: ../include/openssl/engine.h ../include/openssl/err.h
+x509.o: ../include/openssl/evp.h ../include/openssl/idea.h
+x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+x509.o: ../include/openssl/md4.h ../include/openssl/md5.h
+x509.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
+x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+x509.o: ../include/openssl/rand.h ../include/openssl/rc2.h
 x509.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-x509.o: ../include/openssl/rijndael-alg-fst.h ../include/openssl/rijndael.h
 x509.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -142,21 +142,18 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 		}
 	if (file == NULL || !RAND_load_file(file, -1))
 		{
-		if (RAND_status() == 0)
+		if (RAND_status() == 0 && !dont_warn)
 			{
-			if (!dont_warn)
+			BIO_printf(bio_e,"unable to load 'random state'\n");
+			BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
+			BIO_printf(bio_e,"with much random data.\n");
+			if (consider_randfile) /* explanation does not apply when a file is explicitly named */
 				{
-				BIO_printf(bio_e,"unable to load 'random state'\n");
-				BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
-				BIO_printf(bio_e,"with much random data.\n");
-				if (consider_randfile) /* explanation does not apply when a file is explicitly named */
-					{
-					BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
-					BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
-					}
+				BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
+				BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
 				}
-			return 0;
 			}
+		return 0;
 		}
 	seeded = 1;
 	return 1;
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -74,14 +74,6 @@
 #  include "bss_file.c"
 #endif

-typedef struct {
-	char *name;
-	unsigned long flag;
-	unsigned long mask;
-} NAME_EX_TBL;
-
-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
-
 int app_init(long mesgwin);
 #ifdef undef /* never finished - probably never will be :-) */
 int args_from_file(char *file, int *argc, char **argv[])
@@ -178,6 +170,8 @@ int str2fmt(char *s)
 		|| (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
 		|| (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
 		return(FORMAT_PKCS12);
+	else if ((*s == 'E') || (*s == 'e'))
+		return(FORMAT_ENGINE);
 	else
 		return(FORMAT_UNDEF);
 	}
@@ -702,43 +696,16 @@ end:
 	return(othercerts);
 	}

-
-#define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT		0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN	(1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN	(2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN		(3L << 16)
-
-int set_cert_ex(unsigned long *flags, const char *arg)
-{
-	static const NAME_EX_TBL cert_tbl[] = {
-		{ "compatible", X509_FLAG_COMPAT, 0xffffffffl},
-		{ "no_header", X509_FLAG_NO_HEADER, 0},
-		{ "no_version", X509_FLAG_NO_VERSION, 0},
-		{ "no_serial", X509_FLAG_NO_SERIAL, 0},
-		{ "no_signame", X509_FLAG_NO_SIGNAME, 0},
-		{ "no_validity", X509_FLAG_NO_VALIDITY, 0},
-		{ "no_subject", X509_FLAG_NO_SUBJECT, 0},
-		{ "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
-		{ "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
-		{ "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
-		{ "no_aux", X509_FLAG_NO_AUX, 0},
-		{ "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ "ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
-		{ NULL, 0, 0}
-	};
-	return set_table_opts(flags, arg, cert_tbl);
-}
+typedef struct {
+	char *name;
+	unsigned long flag;
+	unsigned long mask;
+} NAME_EX_TBL;

 int set_name_ex(unsigned long *flags, const char *arg)
 {
-	static const NAME_EX_TBL ex_tbl[] = {
+	char c;
+	const NAME_EX_TBL *ptbl, ex_tbl[] = {
 		{ "esc_2253", ASN1_STRFLGS_ESC_2253, 0},
 		{ "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
 		{ "esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
@@ -766,13 +733,7 @@ int set_name_ex(unsigned long *flags, const char *arg)
 		{ "multiline", XN_FLAG_MULTILINE, 0xffffffffL},
 		{ NULL, 0, 0}
 	};
-	return set_table_opts(flags, arg, ex_tbl);
-}

-static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
-{
-	char c;
-	const NAME_EX_TBL *ptbl;
 	c = arg[0];

 	if(c == '-') {
@@ -783,7 +744,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
 		arg++;
 	} else c = 1;

-	for(ptbl = in_tbl; ptbl->name; ptbl++) {
+	for(ptbl = ex_tbl; ptbl->name; ptbl++) {
 		if(!strcmp(arg, ptbl->name)) {
 			*flags &= ~ptbl->mask;
 			if(c) *flags |= ptbl->flag;
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -147,7 +147,6 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
 int dump_cert_text(BIO *out, X509 *x);
 void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags);
 #endif
-int set_cert_ex(unsigned long *flags, const char *arg);
 int set_name_ex(unsigned long *flags, const char *arg);
 int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
 int add_oid_section(BIO *err, LHASH *conf);
@@ -163,6 +162,8 @@ STACK_OF(X509) *load_certs(BIO *err, char *file, int format);
 #define FORMAT_NETSCAPE 4
 #define FORMAT_PKCS12   5
 #define FORMAT_SMIME    6
+/* Since this is currently inofficial, let's give it a high number */
+#define FORMAT_ENGINE   127

 #define NETSCAPE_CERT_HDR	"certificate"

--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -206,12 +206,6 @@ bad:
 		goto end;
 		}
 	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-#ifdef VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	out = BIO_push(tmpbio, out);
-	}
-#endif

 	if (oidfile != NULL)
 		{
@@ -321,7 +315,7 @@ bad:
 end:
 	BIO_free(derout);
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (b64 != NULL) BIO_free(b64);
 	if (ret != 0)
 		ERR_print_errors(bio_err);
--- a/apps/ca-cert.srl
+++ b/apps/ca-cert.srl
@@ -1 +1 @@
-07
+05
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -74,6 +74,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #ifndef W_OK
 #  ifdef VMS
@@ -167,6 +168,7 @@ static char *ca_usage[]={
 " -revoke file    - Revoke a certificate (given in file)\n",
 " -extensions ..  - Extension section (override value in config file)\n",
 " -crlexts ..     - CRL extension section (override value in config file)\n",
+" -engine e       - use engine e, possibly a hardware device.\n",
 NULL
 };

@@ -216,6 +218,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	char *key=NULL,*passargin=NULL;
 	int total=0;
 	int total_done=0;
@@ -268,6 +271,7 @@ int MAIN(int argc, char **argv)
 #define BSIZE 256
 	MS_STATIC char buf[3][BSIZE];
 	char *randfile=NULL;
+	char *engine = NULL;

 #ifdef EFENCE
 EF_PROTECT_FREE=1;
@@ -419,6 +423,11 @@ EF_ALIGNMENT=0;
 			if (--argc < 1) goto bad;
 			crl_ext= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else
 			{
 bad:
@@ -439,6 +448,24 @@ bad:

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto err;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto err;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	/*****************************************************************/
 	if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
 	if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
@@ -690,12 +717,6 @@ bad:
 	if (verbose)
 		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
 		TXT_DB_write(out,db);
 		BIO_printf(bio_err,"%d entries loaded from the database\n",
 			db->data->num);
@@ -730,15 +751,7 @@ bad:
 				}
 			}
 		else
-			{
 			BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			Sout = BIO_push(tmpbio, Sout);
-			}
-#endif
-			}
 		}

 	if (req)
@@ -1034,7 +1047,7 @@ bad:
 #endif

 			BIO_free(in);
-			BIO_free_all(out);
+			BIO_free(out);
 			in=NULL;
 			out=NULL;
 			if (rename(serialfile,buf[2]) < 0)
@@ -1251,9 +1264,9 @@ bad:
 	ret=0;
 err:
 	BIO_free(hex);
-	BIO_free_all(Cout);
-	BIO_free_all(Sout);
-	BIO_free_all(out);
+	BIO_free(Cout);
+	BIO_free(Sout);
+	BIO_free(out);
 	BIO_free(in);

 	sk_X509_pop_free(cert_sk,X509_free);
@@ -1368,7 +1381,7 @@ static int save_serial(char *serialfile, BIGNUM *serial)
 	BIO_puts(out,"\n");
 	ret=1;
 err:
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (ai != NULL) ASN1_INTEGER_free(ai);
 	return(ret);
 	}
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -108,12 +108,6 @@ int MAIN(int argc, char **argv)
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif

 	argc--;
 	argv++;
@@ -201,7 +195,7 @@ err:
 end:
 	if (ctx != NULL) SSL_CTX_free(ctx);
 	if (ssl != NULL) SSL_free(ssl);
-	if (STDout != NULL) BIO_free_all(STDout);
+	if (STDout != NULL) BIO_free(STDout);
 	EXIT(ret);
 	}

--- a/apps/crl.c
+++ b/apps/crl.c
@@ -122,15 +122,7 @@ int MAIN(int argc, char **argv)

 	if (bio_out == NULL)
 		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
-			{
 			BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			bio_out = BIO_push(tmpbio, bio_out);
-			}
-#endif
-			}

 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
@@ -322,15 +314,7 @@ bad:
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -356,8 +340,8 @@ bad:
 	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
 	ret=0;
 end:
-	BIO_free_all(out);
-	BIO_free_all(bio_out);
+	BIO_free(out);
+	BIO_free(bio_out);
 	bio_out=NULL;
 	X509_CRL_free(x);
 	if(store) {
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -239,15 +239,7 @@ bad:
 	sk_free(certflst);

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -274,7 +266,7 @@ bad:
 	ret=0;
 end:
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (p7 != NULL) PKCS7_free(p7);
 	if (crl != NULL) X509_CRL_free(crl);

--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef BUFSIZE
 #define BUFSIZE	1024*8
@@ -74,12 +75,13 @@
 #define PROG	dgst_main

 void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
-		EVP_PKEY *key, unsigned char *sigin, int siglen);
+		EVP_PKEY *key, unsigned char *sigin, unsigned int siglen);

 int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	unsigned char *buf=NULL;
 	int i,err=0;
 	const EVP_MD *md=NULL,*m;
@@ -96,7 +98,8 @@ int MAIN(int argc, char **argv)
 	char out_bin = -1, want_pub = 0, do_verify = 0;
 	EVP_PKEY *sigkey = NULL;
 	unsigned char *sigbuf = NULL;
-	int siglen = 0;
+	unsigned int siglen = 0;
+	char *engine=NULL;

 	apps_startup();

@@ -154,6 +157,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) break;
 			sigfile=*(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) break;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-hex") == 0)
 			out_bin = 0;
 		else if (strcmp(*argv,"-binary") == 0)
@@ -190,6 +198,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-prverify file  verify a signature using private key in file\n");
 		BIO_printf(bio_err,"-signature file signature to verify\n");
 		BIO_printf(bio_err,"-binary         output in binary form\n");
+		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");

 		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
 			LN_md5,LN_md5);
@@ -209,6 +218,24 @@ int MAIN(int argc, char **argv)
 		goto end;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	in=BIO_new(BIO_s_file());
 	bmd=BIO_new(BIO_f_md());
 	if (debug)
@@ -236,15 +263,7 @@ int MAIN(int argc, char **argv)
 		if(out_bin)
 			out = BIO_new_file(outfile, "wb");
 		else    out = BIO_new_file(outfile, "w");
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);

 	if(!out) {
 		BIO_printf(bio_err, "Error opening output file %s\n", 
@@ -288,7 +307,7 @@ int MAIN(int argc, char **argv)
 		}
 		siglen = BIO_read(sigbio, sigbuf, siglen);
 		BIO_free(sigbio);
-		if(siglen <= 0) {
+		if(siglen == 0) {
 			BIO_printf(bio_err, "Error reading signature file %s\n",
 								sigfile);
 			ERR_print_errors(bio_err);
@@ -331,7 +350,7 @@ end:
 		OPENSSL_free(buf);
 		}
 	if (in != NULL) BIO_free(in);
-	BIO_free_all(out);
+	BIO_free(out);
 	EVP_PKEY_free(sigkey);
 	if(sigbuf) OPENSSL_free(sigbuf);
 	if (bmd != NULL) BIO_free(bmd);
@@ -339,7 +358,7 @@ end:
 	}

 void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
-			EVP_PKEY *key, unsigned char *sigin, int siglen)
+			EVP_PKEY *key, unsigned char *sigin, unsigned int siglen)
 	{
 	int len;
 	int i;
@@ -353,7 +372,7 @@ void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
 		{
 		EVP_MD_CTX *ctx;
 		BIO_get_md_ctx(bp, &ctx);
-		i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); 
+		i = EVP_VerifyFinal(ctx, sigin, siglen, key); 
 		if(i > 0) BIO_printf(out, "Verified OK\n");
 		else if(i == 0) BIO_printf(out, "Verification Failure\n");
 		else
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -69,6 +69,7 @@
 #include <openssl/dh.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	dh_main
@@ -87,11 +88,12 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	DH *dh=NULL;
 	int i,badops=0,text=0;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,check=0,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog;
+	char *infile,*outfile,*prog,*engine;

 	apps_startup();

@@ -99,6 +101,7 @@ int MAIN(int argc, char **argv)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);

+	engine=NULL;
 	infile=NULL;
 	outfile=NULL;
 	informat=FORMAT_PEM;
@@ -129,6 +132,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			outfile= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-check") == 0)
 			check=1;
 		else if (strcmp(*argv,"-text") == 0)
@@ -160,11 +168,30 @@ bad:
 		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -noout        no output\n");
+		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
 		goto end;
 		}

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	in=BIO_new(BIO_s_file());
 	out=BIO_new(BIO_s_file());
 	if ((in == NULL) || (out == NULL))
@@ -184,15 +211,7 @@ bad:
 			}
 		}
 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -317,7 +336,7 @@ bad:
 	ret=0;
 end:
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (dh != NULL) DH_free(dh);
 	EXIT(ret);
 	}
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -121,6 +121,7 @@
 #include <openssl/dh.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #ifndef NO_DSA
 #include <openssl/dsa.h>
@@ -148,6 +149,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	DH *dh=NULL;
 	int i,badops=0,text=0;
 #ifndef NO_DSA
@@ -156,7 +158,7 @@ int MAIN(int argc, char **argv)
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,check=0,noout=0,C=0,ret=1;
 	char *infile,*outfile,*prog;
-	char *inrand=NULL;
+	char *inrand=NULL,*engine=NULL;
 	int num = 0, g = 0;

 	apps_startup();
@@ -195,6 +197,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			outfile= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-check") == 0)
 			check=1;
 		else if (strcmp(*argv,"-text") == 0)
@@ -240,6 +247,7 @@ bad:
 		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
 		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
 		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
+		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"               the random number generator\n");
@@ -249,6 +257,24 @@ bad:

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if (g && !num)
 		num = DEFBITS;

@@ -391,15 +417,7 @@ bad:
 		goto end;
 		}
 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -504,7 +522,7 @@ bad:
 	ret=0;
 end:
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (dh != NULL) DH_free(dh);
 	EXIT(ret);
 	}
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -68,6 +68,7 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	dsa_main
@@ -87,6 +88,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int ret=1;
 	DSA *dsa=NULL;
 	int i,badops=0;
@@ -94,7 +96,7 @@ int MAIN(int argc, char **argv)
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,text=0,noout=0;
 	int pubin = 0, pubout = 0;
-	char *infile,*outfile,*prog;
+	char *infile,*outfile,*prog,*engine;
 	char *passargin = NULL, *passargout = NULL;
 	char *passin = NULL, *passout = NULL;
 	int modulus=0;
@@ -105,6 +107,7 @@ int MAIN(int argc, char **argv)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);

+	engine=NULL;
 	infile=NULL;
 	outfile=NULL;
 	informat=FORMAT_PEM;
@@ -145,6 +148,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			passargout= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
 		else if (strcmp(*argv,"-text") == 0)
@@ -176,6 +184,7 @@ bad:
 		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
 		BIO_printf(bio_err," -out arg        output file\n");
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
+		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
 		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
 #ifndef NO_IDEA
@@ -189,6 +198,24 @@ bad:

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
 		BIO_printf(bio_err, "Error getting passwords\n");
 		goto end;
@@ -233,15 +260,7 @@ bad:
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -289,7 +308,7 @@ bad:
 		ret=0;
 end:
 	if(in != NULL) BIO_free(in);
-	if(out != NULL) BIO_free_all(out);
+	if(out != NULL) BIO_free(out);
 	if(dsa != NULL) DSA_free(dsa);
 	if(passin) OPENSSL_free(passin);
 	if(passout) OPENSSL_free(passout);
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -69,6 +69,7 @@
 #include <openssl/dsa.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	dsaparam_main
@@ -90,11 +91,12 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	DSA *dsa=NULL;
 	int i,badops=0,text=0;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,noout=0,C=0,ret=1;
-	char *infile,*outfile,*prog,*inrand=NULL;
+	char *infile,*outfile,*prog,*inrand=NULL,*engine=NULL;
 	int numbits= -1,num,genkey=0;
 	int need_rand=0;

@@ -205,15 +207,7 @@ bad:
 			}
 		}
 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -355,7 +349,7 @@ bad:
 	ret=0;
 end:
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (dsa != NULL) DSA_free(dsa);
 	EXIT(ret);
 	}
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -70,6 +70,7 @@
 #include <openssl/md5.h>
 #endif
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 int set_hex(char *in,unsigned char *out,int size);
 #undef SIZE
@@ -84,6 +85,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	static const char magic[]="Salted__";
 	char mbuf[8];	/* should be 1 smaller than magic */
 	char *strbuf=NULL;
@@ -101,6 +103,7 @@ int MAIN(int argc, char **argv)
 	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
 #define PROG_NAME_SIZE  16
 	char pname[PROG_NAME_SIZE];
+	char *engine = NULL;

 	apps_startup();

@@ -141,6 +144,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			passarg= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if	(strcmp(*argv,"-d") == 0)
 			enc=0;
 		else if	(strcmp(*argv,"-p") == 0)
@@ -241,6 +249,7 @@ bad:
 			BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
 			BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
 			BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+			BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");

 			BIO_printf(bio_err,"Cipher Types\n");
 			BIO_printf(bio_err,"des     : 56 bit key DES encryption\n");
@@ -308,17 +317,30 @@ bad:
 				LN_rc5_cfb64, LN_rc5_ofb64);
 			BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
 #endif
-#ifndef NO_RIJNDAEL
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s\n",
-				   LN_rijndael_ecb_k128_b128,"","","","");
-#endif
-			
 			goto end;
 			}
 		argc--;
 		argv++;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if (bufsize != NULL)
 		{
 		unsigned long n;
@@ -421,15 +443,7 @@ bad:


 	if (outf == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outf) <= 0)
@@ -597,7 +611,7 @@ end:
 	if (strbuf != NULL) OPENSSL_free(strbuf);
 	if (buff != NULL) OPENSSL_free(buff);
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (benc != NULL) BIO_free(benc);
 	if (b64 != NULL) BIO_free(b64);
 	if(pass) OPENSSL_free(pass);
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -91,18 +91,12 @@ int MAIN(int argc, char **argv)
 		out=BIO_new(BIO_s_file());
 		if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
 			{
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
 			lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
 			lh_stats_bio((LHASH *)ERR_get_string_table(),out);
 			lh_node_usage_stats_bio((LHASH *)
 				ERR_get_string_table(),out);
 			}
-		if (out != NULL) BIO_free_all(out);
+		if (out != NULL) BIO_free(out);
 		argc--;
 		argv++;
 		}
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -70,6 +70,7 @@
 #include <openssl/dh.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #define DEFBITS	512
 #undef PROG
@@ -81,11 +82,13 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	DH *dh=NULL;
 	int ret=1,num=DEFBITS;
 	int g=2;
 	char *outfile=NULL;
 	char *inrand=NULL;
+	char *engine=NULL;
 	BIO *out=NULL;

 	apps_startup();
@@ -110,6 +113,11 @@ int MAIN(int argc, char **argv)
 			g=3; */
 		else if (strcmp(*argv,"-5") == 0)
 			g=5;
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -125,15 +133,34 @@ int MAIN(int argc, char **argv)
 bad:
 		BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
 		BIO_printf(bio_err," -out file - output the key to 'file\n");
-		BIO_printf(bio_err," -2    use 2 as the generator value\n");
-	/*	BIO_printf(bio_err," -3    use 3 as the generator value\n"); */
-		BIO_printf(bio_err," -5    use 5 as the generator value\n");
+		BIO_printf(bio_err," -2        - use 2 as the generator value\n");
+	/*	BIO_printf(bio_err," -3        - use 3 as the generator value\n"); */
+		BIO_printf(bio_err," -5        - use 5 as the generator value\n");
+		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
 		goto end;
 		}
 		
+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	out=BIO_new(BIO_s_file());
 	if (out == NULL)
 		{
@@ -142,15 +169,7 @@ bad:
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -182,7 +201,7 @@ bad:
 end:
 	if (ret != 0)
 		ERR_print_errors(bio_err);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (dh != NULL) DH_free(dh);
 	EXIT(ret);
 	}
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -68,6 +68,7 @@
 #include <openssl/dsa.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #define DEFBITS	512
 #undef PROG
@@ -77,6 +78,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	DSA *dsa=NULL;
 	int ret=1;
 	char *outfile=NULL;
@@ -84,6 +86,7 @@ int MAIN(int argc, char **argv)
 	char *passargout = NULL, *passout = NULL;
 	BIO *out=NULL,*in=NULL;
 	EVP_CIPHER *enc=NULL;
+	char *engine=NULL;

 	apps_startup();

@@ -106,6 +109,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			passargout= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -145,6 +153,7 @@ bad:
 #ifndef NO_IDEA
 		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
+		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
@@ -153,6 +162,24 @@ bad:
 		goto end;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
 		BIO_printf(bio_err, "Error getting password\n");
 		goto end;
@@ -178,15 +205,7 @@ bad:
 	if (out == NULL) goto end;

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -217,7 +236,7 @@ end:
 	if (ret != 0)
 		ERR_print_errors(bio_err);
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (dsa != NULL) DSA_free(dsa);
 	if(passout) OPENSSL_free(passout);
 	EXIT(ret);
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -69,6 +69,7 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #define DEFBITS	512
 #undef PROG
@@ -80,6 +81,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int ret=1;
 	RSA *rsa=NULL;
 	int i,num=DEFBITS;
@@ -88,6 +90,7 @@ int MAIN(int argc, char **argv)
 	unsigned long f4=RSA_F4;
 	char *outfile=NULL;
 	char *passargout = NULL, *passout = NULL;
+	char *engine=NULL;
 	char *inrand=NULL;
 	BIO *out=NULL;

@@ -116,6 +119,11 @@ int MAIN(int argc, char **argv)
 			f4=3;
 		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
 			f4=RSA_F4;
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -154,6 +162,7 @@ bad:
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
 		BIO_printf(bio_err," -3              use 3 for the E value\n");
+		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"                 the random number generator\n");
@@ -167,16 +176,26 @@ bad:
 		goto err;
 	}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto err;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto err;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -186,7 +205,8 @@ bad:
 			}
 		}

-	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+		&& !RAND_status())
 		{
 		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
 		}
@@ -220,7 +240,7 @@ bad:
 	ret=0;
 err:
 	if (rsa != NULL) RSA_free(rsa);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if(passout) OPENSSL_free(passout);
 	if (ret != 0)
 		ERR_print_errors(bio_err);
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -119,15 +119,8 @@ int MAIN(int argc, char **argv)
 				 "Can't open output file %s\n", outfile);
 			goto end;
 		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
 	if (toseq) {
 		seq = NETSCAPE_CERT_SEQUENCE_new();
 		seq->certs = sk_X509_new_null();
@@ -159,7 +152,7 @@ int MAIN(int argc, char **argv)
 	ret = 0;
 end:
 	BIO_free(in);
-	BIO_free_all(out);
+	BIO_free(out);
 	NETSCAPE_CERT_SEQUENCE_free(seq);

 	EXIT(ret);
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -238,19 +238,13 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 	else if ((strncmp(argv[0],"no-",3)) == 0)
 		{
 		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
 		f.name=argv[0]+3;
 		ret = (lh_retrieve(prog,&f) != NULL);
 		if (!ret)
 			BIO_printf(bio_stdout, "%s\n", argv[0]);
 		else
 			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
-		BIO_free_all(bio_stdout);
+		BIO_free(bio_stdout);
 		goto end;
 		}
 	else if ((strcmp(argv[0],"quit") == 0) ||
@@ -275,17 +269,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
 			list_type = FUNC_TYPE_CIPHER;
 		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		bio_stdout = BIO_push(tmpbio, bio_stdout);
-		}
-#endif
 		
 		for (fp=functions; fp->name != NULL; fp++)
 			if (fp->type == list_type)
 				BIO_printf(bio_stdout, "%s\n", fp->name);
-		BIO_free_all(bio_stdout);
+		BIO_free(bio_stdout);
 		ret=0;
 		goto end;
 		}
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -81,12 +81,6 @@ int MAIN(int argc, char **argv)
 	if (out == NULL)
 		goto err;
 	BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	out = BIO_push(tmpbio, out);
-	}
-#endif

 	badopt = 0, opt_done = 0;
 	i = 0;
@@ -282,7 +276,7 @@ err:
 	if (in)
 		BIO_free(in);
 	if (out)
-		BIO_free_all(out);
+		BIO_free(out);
 	EXIT(ret);
 	}

--- a/apps/pca-cert.srl
+++ b/apps/pca-cert.srl
@@ -1 +1 @@
-07
+01
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -66,6 +66,7 @@
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs12.h>
+#include <openssl/engine.h>

 #define PROG pkcs12_main

@@ -92,6 +93,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 {
+    ENGINE *e = NULL;
    char *infile=NULL, *outfile=NULL, *keyname = NULL;	
    char *certfile=NULL;
    BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL;
@@ -118,6 +120,7 @@ int MAIN(int argc, char **argv)
    char *passin = NULL, *passout = NULL;
    char *inrand = NULL;
    char *CApath = NULL, *CAfile = NULL;
+    char *engine=NULL;

    apps_startup();

@@ -236,6 +239,11 @@ int MAIN(int argc, char **argv)
 			args++;	
 			CAfile = *args;
 		    } else badarg = 1;
+		} else if (!strcmp(*args,"-engine")) {
+		    if (args[1]) {
+			args++;	
+			engine = *args;
+		    } else badarg = 1;
 		} else badarg = 1;

 	} else badarg = 1;
@@ -279,12 +287,27 @@ int MAIN(int argc, char **argv)
 	BIO_printf (bio_err, "-password p   set import/export password source\n");
 	BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
 	BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
+	BIO_printf (bio_err, "-engine e     use engine e, possibly a hardware device.\n");
 	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
 	BIO_printf(bio_err,  "              the random number generator\n");
    	goto end;
    }

+    if (engine != NULL) {
+	if((e = ENGINE_by_id(engine)) == NULL) {
+	    BIO_printf(bio_err,"invalid engine \"%s\"\n", engine);
+	    goto end;
+	}
+	if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+	    BIO_printf(bio_err,"can't use that engine\n");
+	    goto end;
+	}
+	BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+	/* Free our "structural" reference. */
+	ENGINE_free(e);
+    }
+
    if(passarg) {
 	if(export_cert) passargout = passarg;
 	else passargin = passarg;
@@ -350,15 +373,8 @@ int MAIN(int argc, char **argv)
    CRYPTO_push_info("write files");
 #endif

-    if (!outfile) {
-	out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-	{
-	    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	    out = BIO_push(tmpbio, out);
-	}
-#endif
-    } else out = BIO_new_file(outfile, "wb");
+    if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
+    else out = BIO_new_file(outfile, "wb");
    if (!out) {
 	BIO_printf(bio_err, "Error opening output file %s\n",
 						outfile ? outfile : "<stdout>");
@@ -664,7 +680,7 @@ int MAIN(int argc, char **argv)
    CRYPTO_remove_all_info();
 #endif
    BIO_free(in);
-    BIO_free_all(out);
+    BIO_free(out);
    if (canames) sk_free(canames);
    if(passin) OPENSSL_free(passin);
    if(passout) OPENSSL_free(passout);
@@ -887,14 +903,14 @@ int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
 				break;

 				case V_ASN1_OCTET_STRING:
-				hex_prin(out, av->value.octet_string->data,
-					av->value.octet_string->length);
+				hex_prin(out, av->value.bit_string->data,
+					av->value.bit_string->length);
 				BIO_printf(out, "\n");	
 				break;

 				case V_ASN1_BIT_STRING:
-				hex_prin(out, av->value.bit_string->data,
-					av->value.bit_string->length);
+				hex_prin(out, av->value.octet_string->data,
+					av->value.octet_string->length);
 				BIO_printf(out, "\n");	
 				break;

--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -67,6 +67,7 @@
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	pkcs7_main
@@ -82,6 +83,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	PKCS7 *p7=NULL;
 	int i,badops=0;
 	BIO *in=NULL,*out=NULL;
@@ -89,6 +91,7 @@ int MAIN(int argc, char **argv)
 	char *infile,*outfile,*prog;
 	int print_certs=0,text=0,noout=0;
 	int ret=0;
+	char *engine=NULL;

 	apps_startup();

@@ -132,6 +135,11 @@ int MAIN(int argc, char **argv)
 			text=1;
 		else if (strcmp(*argv,"-print_certs") == 0)
 			print_certs=1;
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -154,11 +162,30 @@ bad:
 		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
 		BIO_printf(bio_err," -text         print full details of certificates\n");
 		BIO_printf(bio_err," -noout        don't output encoded data\n");
+		BIO_printf(bio_err," -engine e     use engine e, possibly a hardware device.\n");
 		EXIT(1);
 		}

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	in=BIO_new(BIO_s_file());
 	out=BIO_new(BIO_s_file());
 	if ((in == NULL) || (out == NULL))
@@ -196,15 +223,7 @@ bad:
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -288,6 +307,6 @@ bad:
 end:
 	if (p7 != NULL) PKCS7_free(p7);
 	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	EXIT(ret);
 	}
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -62,6 +62,7 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/pkcs12.h>
+#include <openssl/engine.h>

 #include "apps.h"
 #define PROG pkcs8_main
@@ -70,6 +71,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 {
+	ENGINE *e = NULL;
 	char **args, *infile = NULL, *outfile = NULL;
 	char *passargin = NULL, *passargout = NULL;
 	BIO *in = NULL, *out = NULL;
@@ -85,9 +87,13 @@ int MAIN(int argc, char **argv)
 	EVP_PKEY *pkey;
 	char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
 	int badarg = 0;
+	char *engine=NULL;
+
 	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
+
 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
+
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_algorithms();
 	args = argv + 1;
@@ -138,6 +144,11 @@ int MAIN(int argc, char **argv)
 			if (!args[1]) goto bad;
 			passargout= *(++args);
 			}
+		else if (strcmp(*args,"-engine") == 0)
+			{
+			if (!args[1]) goto bad;
+			engine= *(++args);
+			}
 		else if (!strcmp (*args, "-in")) {
 			if (args[1]) {
 				args++;
@@ -170,9 +181,28 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err, "-nocrypt        use or expect unencrypted private key\n");
 		BIO_printf(bio_err, "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
 		BIO_printf(bio_err, "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
+		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 		return (1);
 	}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			return (1);
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			return (1);
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
 		BIO_printf(bio_err, "Error getting passwords\n");
 		return (1);
@@ -194,15 +224,8 @@ int MAIN(int argc, char **argv)
 				 "Can't open output file %s\n", outfile);
 			return (1);
 		}
-	} else {
-		out = BIO_new_fp (stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	} else out = BIO_new_fp (stdout, BIO_NOCLOSE);
+
 	if (topk8) {
 		if(informat == FORMAT_PEM)
 			pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, passin);
@@ -260,7 +283,7 @@ int MAIN(int argc, char **argv)
 		}
 		PKCS8_PRIV_KEY_INFO_free (p8inf);
 		EVP_PKEY_free(pkey);
-		BIO_free_all(out);
+		BIO_free(out);
 		if(passin) OPENSSL_free(passin);
 		if(passout) OPENSSL_free(passout);
 		return (0);
@@ -343,7 +366,7 @@ int MAIN(int argc, char **argv)
 	}

 	EVP_PKEY_free(pkey);
-	BIO_free_all(out);
+	BIO_free(out);
 	BIO_free(in);
 	if(passin) OPENSSL_free(passin);
 	if(passout) OPENSSL_free(passout);
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -9,6 +9,7 @@
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG rand_main
@@ -23,6 +24,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int i, r, ret = 1;
 	int badopt;
 	char *outfile = NULL;
@@ -30,6 +32,7 @@ int MAIN(int argc, char **argv)
 	int base64 = 0;
 	BIO *out = NULL;
 	int num = -1;
+	char *engine=NULL;

 	apps_startup();

@@ -48,6 +51,13 @@ int MAIN(int argc, char **argv)
 			else
 				badopt = 1;
 			}
+		if (strcmp(argv[i], "-engine") == 0)
+			{
+			if ((argv[i+1] != NULL) && (engine == NULL))
+				engine = argv[++i];
+			else
+				badopt = 1;
+			}
 		else if (strcmp(argv[i], "-rand") == 0)
 			{
 			if ((argv[i+1] != NULL) && (inrand == NULL))
@@ -84,12 +94,31 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_printf(bio_err, "Usage: rand [options] num\n");
 		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-out file            - write to file\n");
-		BIO_printf(bio_err, "-rand file%cfile%c...  - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-base64              - encode output\n");
+		BIO_printf(bio_err, "-out file             - write to file\n");
+		BIO_printf(bio_err," -engine e             - use engine e, possibly a hardware device.\n");
+		BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err, "-base64               - encode output\n");
 		goto err;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto err;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto err;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
 	if (inrand != NULL)
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
@@ -101,15 +130,7 @@ int MAIN(int argc, char **argv)
 	if (outfile != NULL)
 		r = BIO_write_filename(out, outfile);
 	else
-		{
 		r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	if (r <= 0)
 		goto err;

--- a/apps/req.c
+++ b/apps/req.c
@@ -73,6 +73,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #define SECTION		"req"

@@ -140,10 +141,10 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 #ifndef NO_DSA
 	DSA *dsa_params=NULL;
 #endif
-	unsigned long nmflag = 0;
 	int ex=1,x509=0,days=30;
 	X509 *x509ss=NULL;
 	X509_REQ *req=NULL;
@@ -151,8 +152,9 @@ int MAIN(int argc, char **argv)
 	int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
-	int nodes=0,kludge=0,newhdr=0,subject=0;
+	int nodes=0,kludge=0,newhdr=0;
 	char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
+	char *engine=NULL;
 	char *extensions = NULL;
 	char *req_exts = NULL;
 	EVP_CIPHER *cipher=NULL;
@@ -196,6 +198,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			outformat=str2fmt(*(++argv));
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-key") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -323,13 +330,6 @@ int MAIN(int argc, char **argv)
 			nodes=1;
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
-		else if (strcmp(*argv,"-nameopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_name_ex(&nmflag, *(++argv))) goto bad;
-			}
-		else if (strcmp(*argv,"-subject") == 0)
-			subject=1;
 		else if (strcmp(*argv,"-text") == 0)
 			text=1;
 		else if (strcmp(*argv,"-x509") == 0)
@@ -383,6 +383,7 @@ bad:
 		BIO_printf(bio_err," -verify        verify signature on REQ\n");
 		BIO_printf(bio_err," -modulus       RSA modulus\n");
 		BIO_printf(bio_err," -nodes         don't encrypt the output key\n");
+		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err," -key file	use the private key contained in file\n");
 		BIO_printf(bio_err," -keyform arg   key file format\n");
 		BIO_printf(bio_err," -keyout arg    file to send the key to\n");
@@ -530,24 +531,55 @@ bad:
 	if ((in == NULL) || (out == NULL))
 		goto end;

-	if (keyfile != NULL)
+	if (engine != NULL)
 		{
-		if (BIO_read_filename(in,keyfile) <= 0)
+		if((e = ENGINE_by_id(engine)) == NULL)
 			{
-			perror(keyfile);
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
 			goto end;
 			}
-
-		if (keyform == FORMAT_ASN1)
-			pkey=d2i_PrivateKey_bio(in,NULL);
-		else if (keyform == FORMAT_PEM)
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
 			{
-			pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,passin);
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
+	if (keyfile != NULL)
+		{
+		if (keyform == FORMAT_ENGINE)
+			{
+			if (!e)
+				{
+				BIO_printf(bio_err,"no engine specified\n");
+				goto end;
+				}
+			pkey = ENGINE_load_private_key(e, keyfile, NULL);
 			}
 		else
 			{
-			BIO_printf(bio_err,"bad input format specified for X509 request\n");
-			goto end;
+			if (BIO_read_filename(in,keyfile) <= 0)
+				{
+				perror(keyfile);
+				goto end;
+				}
+
+			if (keyform == FORMAT_ASN1)
+				pkey=d2i_PrivateKey_bio(in,NULL);
+			else if (keyform == FORMAT_PEM)
+				{
+				pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,
+					passin);
+				}
+			else
+				{
+				BIO_printf(bio_err,"bad input format specified for X509 request\n");
+				goto end;
+				}
 			}

 		if (pkey == NULL)
@@ -617,12 +649,6 @@ bad:
 			{
 			BIO_printf(bio_err,"writing new private key to stdout\n");
 			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
 			}
 		else
 			{
@@ -811,22 +837,14 @@ loop:
 			BIO_printf(bio_err,"verify OK\n");
 		}

-	if (noout && !text && !modulus && !subject)
+	if (noout && !text && !modulus)
 		{
 		ex=0;
 		goto end;
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
@@ -848,14 +866,6 @@ loop:
 			X509_REQ_print(out,req);
 		}

-	if(subject) 
-		{
-		if(x509)
-			print_name(out, "subject=", X509_get_subject_name(x509ss), nmflag);
-		else
-			print_name(out, "subject=", X509_REQ_get_subject_name(req), nmflag);
-		}
-
 	if (modulus)
 		{
 		EVP_PKEY *pubkey;
@@ -920,7 +930,7 @@ end:
 		}
 	if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf);
 	BIO_free(in);
-	BIO_free_all(out);
+	BIO_free(out);
 	EVP_PKEY_free(pkey);
 	X509_REQ_free(req);
 	X509_free(x509ss);
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -68,6 +68,7 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	rsa_main
@@ -90,6 +91,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int ret=1;
 	RSA *rsa=NULL;
 	int i,badops=0, sgckey=0;
@@ -100,6 +102,7 @@ int MAIN(int argc, char **argv)
 	char *infile,*outfile,*prog;
 	char *passargin = NULL, *passargout = NULL;
 	char *passin = NULL, *passout = NULL;
+	char *engine=NULL;
 	int modulus=0;

 	apps_startup();
@@ -148,6 +151,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			passargout= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-sgckey") == 0)
 			sgckey=1;
 		else if (strcmp(*argv,"-pubin") == 0)
@@ -195,11 +203,30 @@ bad:
 		BIO_printf(bio_err," -check          verify key consistency\n");
 		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
 		BIO_printf(bio_err," -pubout         output a public key\n");
+		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 		goto end;
 		}

 	ERR_load_crypto_strings();

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
 		BIO_printf(bio_err, "Error getting passwords\n");
 		goto end;
@@ -278,15 +305,7 @@ bad:
 		}

 	if (outfile == NULL)
-		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-		{
-		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		out = BIO_push(tmpbio, out);
-		}
-#endif
-		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -385,7 +404,7 @@ bad:
 		ret=0;
 end:
 	if(in != NULL) BIO_free(in);
-	if(out != NULL) BIO_free_all(out);
+	if(out != NULL) BIO_free(out);
 	if(rsa != NULL) RSA_free(rsa);
 	if(passin) OPENSSL_free(passin);
 	if(passout) OPENSSL_free(passout);
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -55,13 +55,11 @@
 * Hudson (tjh@cryptsoft.com).
 *
 */
-
-#ifndef NO_RSA
-
 #include "apps.h"
 #include <string.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #define RSA_SIGN 	1
 #define RSA_VERIFY 	2
@@ -82,6 +80,7 @@ int MAIN(int argc, char **);

 int MAIN(int argc, char **argv)
 {
+	ENGINE *e = NULL;
 	BIO *in = NULL, *out = NULL;
 	char *infile = NULL, *outfile = NULL;
 	char *keyfile = NULL;
@@ -95,6 +94,7 @@ int MAIN(int argc, char **argv)
 	unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
 	int rsa_inlen, rsa_outlen = 0;
 	int keysize;
+	char *engine=NULL;

 	int ret = 1;

@@ -117,6 +117,9 @@ int MAIN(int argc, char **argv)
 		} else if(!strcmp(*argv, "-inkey")) {
 			if (--argc < 1) badarg = 1;
 			keyfile = *(++argv);
+		} else if(!strcmp(*argv, "-engine")) {
+			if (--argc < 1) badarg = 1;
+			engine = *(++argv);
 		} else if(!strcmp(*argv, "-pubin")) {
 			key_type = KEY_PUBKEY;
 		} else if(!strcmp(*argv, "-certin")) {
@@ -151,6 +154,24 @@ int MAIN(int argc, char **argv)
 		goto end;
 	}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 /* FIXME: seed PRNG only if needed */
 	app_RAND_load_file(NULL, bio_err, 0);
 	
@@ -201,15 +222,7 @@ int MAIN(int argc, char **argv)
 			ERR_print_errors(bio_err);	
 			goto end;
 		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);

 	keysize = RSA_size(rsa);

@@ -266,7 +279,7 @@ int MAIN(int argc, char **argv)
 	end:
 	RSA_free(rsa);
 	BIO_free(in);
-	BIO_free_all(out);
+	BIO_free(out);
 	if(rsa_in) OPENSSL_free(rsa_in);
 	if(rsa_out) OPENSSL_free(rsa_out);
 	return ret;
@@ -280,6 +293,7 @@ static void usage()
 	BIO_printf(bio_err, "-inkey file     input key\n");
 	BIO_printf(bio_err, "-pubin          input is an RSA public\n");
 	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
+	BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
 	BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
 	BIO_printf(bio_err, "-raw            use no padding\n");
 	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");
@@ -291,4 +305,3 @@ static void usage()
 	BIO_printf(bio_err, "-hexdump        hex dump output\n");
 }

-#endif
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -79,6 +79,7 @@ typedef unsigned int u_int;
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>
 #include "s_apps.h"

 #ifdef WINDOWS
@@ -152,6 +153,7 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
 	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
 	BIO_printf(bio_err,"                 command to see what is available\n");
+	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");

 	}

@@ -179,6 +181,8 @@ int MAIN(int argc, char **argv)
 	int prexit = 0;
 	SSL_METHOD *meth=NULL;
 	BIO *sbio;
+	char *engine_id=NULL;
+	ENGINE *e=NULL;
 #ifdef WINDOWS
 	struct timeval tv;
 #endif
@@ -316,6 +320,11 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-nbio") == 0)
 			{ c_nbio=1; }
 #endif
+		else if	(strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine_id = *(++argv);
+			}
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -349,6 +358,30 @@ bad:

 	OpenSSL_add_ssl_algorithms();
 	SSL_load_error_strings();
+
+	if (engine_id != NULL)
+		{
+		if((e = ENGINE_by_id(engine_id)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		if (c_debug)
+			{
+			ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
+				0, bio_err, 0);
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine_id);
+		ENGINE_free(e);
+		}
+
 	ctx=SSL_CTX_new(meth);
 	if (ctx == NULL)
 		{
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -83,6 +83,7 @@ typedef unsigned int u_int;
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
+#include <openssl/engine.h>
 #include "s_apps.h"

 #ifdef WINDOWS
@@ -176,6 +177,7 @@ static int s_debug=0;
 static int s_quiet=0;

 static int hack=0;
+static char *engine_id=NULL;

 #ifdef MONOLITH
 static void s_server_init(void)
@@ -198,6 +200,7 @@ static void s_server_init(void)
 	s_debug=0;
 	s_quiet=0;
 	hack=0;
+	engine_id=NULL;
 	}
 #endif

@@ -242,6 +245,7 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatibility\n");
 	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
 	BIO_printf(bio_err," -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 	}

 static int local_argc=0;
@@ -411,6 +415,7 @@ int MAIN(int argc, char *argv[])
 	int no_tmp_rsa=0,no_dhe=0,nocert=0;
 	int state=0;
 	SSL_METHOD *meth=NULL;
+	ENGINE *e=NULL;
 #ifndef NO_DH
 	DH *dh=NULL;
 #endif
@@ -565,6 +570,11 @@ int MAIN(int argc, char *argv[])
 		else if	(strcmp(*argv,"-tls1") == 0)
 			{ meth=TLSv1_server_method(); }
 #endif
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine_id= *(++argv);
+			}
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -609,6 +619,29 @@ bad:
 	SSL_load_error_strings();
 	OpenSSL_add_ssl_algorithms();

+	if (engine_id != NULL)
+		{
+		if((e = ENGINE_by_id(engine_id)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		if (s_debug)
+			{
+			ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
+				0, bio_err, 0);
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine_id);
+		ENGINE_free(e);
+		}
+
 	ctx=SSL_CTX_new(meth);
 	if (ctx == NULL)
 		{
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -209,11 +209,9 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port)
 	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
 	if (s == INVALID_SOCKET) { perror("socket"); return(0); }

-#ifndef MPE
 	i=0;
 	i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
 	if (i < 0) { perror("keepalive"); return(0); }
-#endif

 	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
 		{ close(s); perror("connect"); return(0); }
--- a/apps/server.pem
+++ b/apps/server.pem
@@ -1,17 +1,17 @@
 issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
 BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
-MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
+MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
 A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
 cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
 Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
-GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
-k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
-itAE+OjGF+PFKbwX8Q==
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
+JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
+IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
+FUGcPZf9ND22Etc+AQ==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -206,15 +206,7 @@ bad:
 			}

 		if (outfile == NULL)
-			{
 			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
 		else
 			{
 			if (BIO_write_filename(out,outfile) <= 0)
@@ -270,7 +262,7 @@ bad:
 		}
 	ret=0;
 end:
-	if (out != NULL) BIO_free_all(out);
+	if (out != NULL) BIO_free(out);
 	if (x != NULL) SSL_SESSION_free(x);
 	EXIT(ret);
 	}
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -64,6 +64,7 @@
 #include <openssl/crypto.h>
 #include <openssl/pem.h>
 #include <openssl/err.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG smime_main
@@ -81,6 +82,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 {
+	ENGINE *e = NULL;
 	int operation = 0;
 	int ret = 0;
 	char **args;
@@ -103,8 +105,9 @@ int MAIN(int argc, char **argv)
 	char *inrand = NULL;
 	int need_rand = 0;
 	int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
-	args = argv + 1;
+	char *engine=NULL;

+	args = argv + 1;
 	ret = 1;

 	while (!badarg && *args && *args[0] == '-') {
@@ -153,6 +156,11 @@ int MAIN(int argc, char **argv)
 				inrand = *args;
 			} else badarg = 1;
 			need_rand = 1;
+		} else if (!strcmp(*args,"-engine")) {
+			if (args[1]) {
+				args++;
+				engine = *args;
+			} else badarg = 1;
 		} else if (!strcmp(*args,"-passin")) {
 			if (args[1]) {
 				args++;
@@ -290,6 +298,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
+		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
 		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");
@@ -297,6 +306,24 @@ int MAIN(int argc, char **argv)
 		goto end;
 	}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
 		BIO_printf(bio_err, "Error getting password\n");
 		goto end;
@@ -393,15 +420,7 @@ int MAIN(int argc, char **argv)
 				 "Can't open output file %s\n", outfile);
 			goto end;
 		}
-	} else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);

 	if(operation == SMIME_VERIFY) {
 		if(!(store = setup_verify(CAfile, CApath))) goto end;
@@ -498,7 +517,7 @@ end:
 	PKCS7_free(p7);
 	BIO_free(in);
 	BIO_free(indata);
-	BIO_free_all(out);
+	BIO_free(out);
 	if(passin) OPENSSL_free(passin);
 	return (ret);
 }
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -81,13 +81,14 @@
 #include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include <openssl/err.h>
+#include <openssl/engine.h>

 #if defined(__FreeBSD__)
 # define USE_TOD
 #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
 # define TIMES
 #endif
-#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE)
+#if !defined(_UNICOS) && !defined(__OpenBSD__)
 # define TIMEB
 #endif

@@ -115,7 +116,7 @@
 #include <sys/timeb.h>
 #endif

-#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD)
+#if !defined(TIMES) && !defined(TIMEB)
 #error "It seems neither struct tms nor struct timeb is supported in this platform!"
 #endif

@@ -310,6 +311,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e;
 	unsigned char *buf=NULL,*buf2=NULL;
 	int mret=1;
 #define ALGOR_NUM	15
@@ -470,6 +472,37 @@ int MAIN(int argc, char **argv)
 		{
 		if	((argc > 0) && (strcmp(*argv,"-elapsed") == 0))
 			usertime = 0;
+		else
+		if	((argc > 0) && (strcmp(*argv,"-engine") == 0))
+			{
+			argc--;
+			argv++;
+			if(argc == 0)
+				{
+				BIO_printf(bio_err,"no engine given\n");
+				goto end;
+				}
+			if((e = ENGINE_by_id(*argv)) == NULL)
+				{
+				BIO_printf(bio_err,"invalid engine \"%s\"\n",
+					*argv);
+				goto end;
+				}
+			if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+				{
+				BIO_printf(bio_err,"can't use that engine\n");
+				goto end;
+				}
+			BIO_printf(bio_err,"engine \"%s\" set.\n", *argv);
+			/* Free our "structural" reference. */
+			ENGINE_free(e);
+			/* It will be increased again further down.  We just
+			   don't want speed to confuse an engine with an
+			   algorithm, especially when none is given (which
+			   means all of them should be run) */
+			j--;
+			}
+		else
 #ifndef NO_MD2
 		if	(strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
 		else
@@ -517,7 +550,7 @@ int MAIN(int argc, char **argv)
 #ifdef RSAref
 			if (strcmp(*argv,"rsaref") == 0) 
 			{
-			RSA_set_default_method(RSA_PKCS1_RSAref());
+			RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
 			j--;
 			}
 		else
@@ -525,7 +558,7 @@ int MAIN(int argc, char **argv)
 #ifndef RSA_NULL
 			if (strcmp(*argv,"openssl") == 0) 
 			{
-			RSA_set_default_method(RSA_PKCS1_SSLeay());
+			RSA_set_default_openssl_method(RSA_PKCS1_SSLeay());
 			j--;
 			}
 		else
@@ -670,11 +703,12 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err,"\n");
 #endif

-#ifdef TIMES
 			BIO_printf(bio_err,"\n");
 			BIO_printf(bio_err,"Available options:\n");
+#ifdef TIMES
 			BIO_printf(bio_err,"-elapsed        measure time in real time instead of CPU user time.\n");
 #endif
+			BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
 			goto end;
 			}
 		argc--;
@@ -1379,6 +1413,7 @@ int MAIN(int argc, char **argv)
 #endif
 	mret=0;
 end:
+	ERR_print_errors(bio_err);
 	if (buf != NULL) OPENSSL_free(buf);
 	if (buf2 != NULL) OPENSSL_free(buf2);
 #ifndef NO_RSA
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -69,6 +69,7 @@
 #include <openssl/lhash.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	spkac_main
@@ -81,6 +82,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int i,badops=0, ret = 1;
 	BIO *in = NULL,*out = NULL, *key = NULL;
 	int verify=0,noout=0,pubkey=0;
@@ -91,6 +93,7 @@ int MAIN(int argc, char **argv)
 	LHASH *conf = NULL;
 	NETSCAPE_SPKI *spki = NULL;
 	EVP_PKEY *pkey = NULL;
+	char *engine=NULL;

 	apps_startup();

@@ -136,6 +139,11 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			spksect= *(++argv);
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-noout") == 0)
 			noout=1;
 		else if (strcmp(*argv,"-pubkey") == 0)
@@ -161,6 +169,7 @@ bad:
 		BIO_printf(bio_err," -noout         don't print SPKAC\n");
 		BIO_printf(bio_err," -pubkey        output public key\n");
 		BIO_printf(bio_err," -verify        verify SPKAC signature\n");
+		BIO_printf(bio_err," -engine e      use engine e, possibly a hardware device.\n");
 		goto end;
 		}

@@ -170,6 +179,24 @@ bad:
 		goto end;
 	}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if(keyfile) {
 		if(strcmp(keyfile, "-")) key = BIO_new_file(keyfile, "r");
 		else key = BIO_new_fp(stdin, BIO_NOCLOSE);
@@ -192,15 +219,7 @@ bad:
 		spkstr = NETSCAPE_SPKI_b64_encode(spki);

 		if (outfile) out = BIO_new_file(outfile, "w");
-		else {
-			out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-			{
-			    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			    out = BIO_push(tmpbio, out);
-			}
-#endif
-		}
+		else out = BIO_new_fp(stdout, BIO_NOCLOSE);

 		if(!out) {
 			BIO_printf(bio_err, "Error opening output file\n");
@@ -249,15 +268,7 @@ bad:
 	}

 	if (outfile) out = BIO_new_file(outfile, "w");
-	else {
-		out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef VMS
-		{
-		    BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-		    out = BIO_push(tmpbio, out);
-		}
-#endif
-	}
+	else out = BIO_new_fp(stdout, BIO_NOCLOSE);

 	if(!out) {
 		BIO_printf(bio_err, "Error opening output file\n");
@@ -284,7 +295,7 @@ end:
 	CONF_free(conf);
 	NETSCAPE_SPKI_free(spki);
 	BIO_free(in);
-	BIO_free_all(out);
+	BIO_free(out);
 	BIO_free(key);
 	EVP_PKEY_free(pkey);
 	if(passin) OPENSSL_free(passin);
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -65,6 +65,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG	verify_main
@@ -78,6 +79,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int i,ret=1;
 	int purpose = -1;
 	char *CApath=NULL,*CAfile=NULL;
@@ -85,6 +87,7 @@ int MAIN(int argc, char **argv)
 	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
 	X509_STORE *cert_ctx=NULL;
 	X509_LOOKUP *lookup=NULL;
+	char *engine=NULL;

 	cert_ctx=X509_STORE_new();
 	if (cert_ctx == NULL) goto end;
@@ -137,6 +140,11 @@ int MAIN(int argc, char **argv)
 				if (argc-- < 1) goto end;
 				trustfile= *(++argv);
 				}
+			else if (strcmp(*argv,"-engine") == 0)
+				{
+				if (--argc < 1) goto end;
+				engine= *(++argv);
+				}
 			else if (strcmp(*argv,"-help") == 0)
 				goto end;
 			else if (strcmp(*argv,"-issuer_checks") == 0)
@@ -154,6 +162,24 @@ int MAIN(int argc, char **argv)
 			break;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
 	if (lookup == NULL) abort();
 	if (CAfile) {
@@ -201,7 +227,7 @@ int MAIN(int argc, char **argv)
 	ret=0;
 end:
 	if (ret == 1) {
-		BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] cert1 cert2 ...\n");
+		BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-engine e] cert1 cert2 ...\n");
 		BIO_printf(bio_err,"recognized usages:\n");
 		for(i = 0; i < X509_PURPOSE_get_count(); i++) {
 			X509_PURPOSE *ptmp;
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -73,6 +73,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/objects.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>

 #undef PROG
 #define PROG x509_main
@@ -129,7 +130,7 @@ static char *x509_usage[]={
 " -extensions     - section from config file with X509V3 extensions to add\n",
 " -clrext         - delete extensions before signing and input certificate\n",
 " -nameopt arg    - various certificate name options\n",
-" -certopt arg    - various certificate text options\n",
+" -engine e       - use engine e, possibly a hardware device.\n",
 NULL
 };

@@ -146,6 +147,7 @@ int MAIN(int, char **);

 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int ret=1;
 	X509_REQ *req=NULL;
 	X509 *x=NULL,*xca=NULL;
@@ -175,7 +177,8 @@ int MAIN(int argc, char **argv)
 	char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
 	int need_rand = 0;
 	int checkend=0,checkoffset=0;
-	unsigned long nmflag = 0, certflag = 0;
+	unsigned long nmflag = 0;
+	char *engine=NULL;

 	reqfile=0;

@@ -184,12 +187,6 @@ int MAIN(int argc, char **argv)
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 	STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef VMS
-	{
-	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-	STDout = BIO_push(tmpbio, STDout);
-	}
-#endif

 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
@@ -327,11 +324,6 @@ int MAIN(int argc, char **argv)
 			alias= *(++argv);
 			trustout = 1;
 			}
-		else if (strcmp(*argv,"-certopt") == 0)
-			{
-			if (--argc < 1) goto bad;
-			if (!set_cert_ex(&certflag, *(++argv))) goto bad;
-			}
 		else if (strcmp(*argv,"-nameopt") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -343,6 +335,11 @@ int MAIN(int argc, char **argv)
 			alias= *(++argv);
 			trustout = 1;
 			}
+		else if (strcmp(*argv,"-engine") == 0)
+			{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+			}
 		else if (strcmp(*argv,"-C") == 0)
 			C= ++num;
 		else if (strcmp(*argv,"-email") == 0)
@@ -426,6 +423,24 @@ bad:
 		goto end;
 		}

+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
 	if (need_rand)
 		app_RAND_load_file(NULL, bio_err, 0);

@@ -588,15 +603,7 @@ bad:
 			goto end;
 			}
 		if (outfile == NULL)
-			{
 			BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
-			{
-			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
-			out = BIO_push(tmpbio, out);
-			}
-#endif
-			}
 		else
 			{
 			if (BIO_write_filename(out,outfile) <= 0)
@@ -780,7 +787,7 @@ bad:
 				}
 			else if (text == i)
 				{
-				X509_print_ex(out,x,nmflag, certflag);
+				X509_print(out,x);
 				}
 			else if (startdate == i)
 				{
@@ -953,8 +960,8 @@ end:
 		app_RAND_write_file(NULL, bio_err);
 	OBJ_cleanup();
 	CONF_free(extconf);
-	BIO_free_all(out);
-	BIO_free_all(STDout);
+	BIO_free(out);
+	BIO_free(STDout);
 	X509_STORE_free(ctx);
 	X509_REQ_free(req);
 	X509_free(x);
--- a/certs/expired/rsa-ssca.pem
+++ b/certs/expired/rsa-ssca.pem
--- a/32
+++ b/32
@@ -71,10 +71,6 @@ fi
 # Now we simply scan though... In most cases, the SYSTEM info is enough
 #
 case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
-    MPE/iX:*)
-	MACHINE=`echo "$MACHINE" | sed -e 's/-/_/g'`
-	echo "parisc-hp-MPE/iX"; exit 0
-	;;
    A/UX:*)
 	echo "m68k-apple-aux3"; exit 0
 	;;
@@ -168,7 +164,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
        ;;

    NetBSD:*:*:*386*)
-        echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
+        echo "`/usr/sbin/sysctl -n hw.model | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
 	;;

    NetBSD:*)
@@ -482,11 +478,27 @@ case "$GUESSOS" in
  *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
 esac

+# NB: This atalla support has been superceded by the ENGINE support
+# That contains its own header and definitions anyway. Support can
+# be enabled or disabled on any supported platform without external
+# headers, eg. by adding the "hw-atalla" switch to ./config or
+# perl Configure
+#
 # See whether we can compile Atalla support
-if [ -f /usr/include/atasi.h ]
-then
-  options="$options -DATALLA"
-fi
+#if [ -f /usr/include/atasi.h ]
+#then
+#  options="$options -DATALLA"
+#fi
+
+#get some basic shared lib support (behnke@trustcenter.de)
+case "$OUT" in
+   solaris-*-gcc)
+	if  [ "$SHARED" = "true" ] 
+	 then
+	  options="$options -DPIC -fPIC"
+        fi
+     ;;
+esac

 # gcc < 2.8 does not support -mcpu=ultrasparc
 if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
@@ -557,7 +569,7 @@ OUT="$PREFIX$OUT"

 $PERL ./Configure LIST | grep "$OUT" > /dev/null
 if [ $? = "0" ]; then
-  echo Configuring for $OUT
+  #echo Configuring for $OUT

  if [ "$TEST" = "true" ]; then
    echo $PERL ./Configure $OUT $options
--- a/crypto/Makefile.ssl
+++ b/crypto/Makefile.ssl
@@ -27,9 +27,9 @@ LIBS=

 SDIRS=	md2 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
-	bn rsa dsa dh dso \
+	bn rsa dsa dh dso engine \
 	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp rijndael
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp

 GENERAL=Makefile README crypto-lib.com install.com

@@ -90,8 +90,7 @@ links:

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 libs:
--- a/crypto/asn1/Makefile.ssl
+++ b/crypto/asn1/Makefile.ssl
@@ -75,8 +75,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
@@ -171,9 +170,7 @@ a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 a_digest.o: ../../include/openssl/opensslconf.h
 a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 a_digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-a_digest.o: ../../include/openssl/rc5.h
-a_digest.o: ../../include/openssl/rijndael-alg-fst.h
-a_digest.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+a_digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -298,12 +295,11 @@ a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 a_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_sign.o: ../../include/openssl/rijndael-alg-fst.h
-a_sign.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-a_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+a_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_sign.o: ../cryptlib.h
 a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 a_strex.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -317,12 +313,11 @@ a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 a_strex.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-a_strex.o: ../../include/openssl/rijndael-alg-fst.h
-a_strex.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_strex.o: ../../include/openssl/x509_vfy.h charmap.h
+a_strex.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_strex.o: charmap.h
 a_strnid.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 a_strnid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
@@ -378,9 +373,7 @@ a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 a_verify.o: ../../include/openssl/opensslconf.h
 a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 a_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-a_verify.o: ../../include/openssl/rc5.h
-a_verify.o: ../../include/openssl/rijndael-alg-fst.h
-a_verify.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+a_verify.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -459,8 +452,7 @@ d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-d2i_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 d2i_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
@@ -477,8 +469,7 @@ d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
@@ -589,8 +580,7 @@ i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-i2d_pr.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 i2d_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
@@ -607,8 +597,7 @@ i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
@@ -668,8 +657,7 @@ n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 n_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -688,12 +676,10 @@ nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-nsseq.o: ../../include/openssl/rijndael-alg-fst.h
-nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-nsseq.o: ../../include/openssl/x509_vfy.h
+nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 p5_pbe.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -709,12 +695,11 @@ p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
 p5_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_pbe.o: ../../include/openssl/rijndael-alg-fst.h
-p5_pbe.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p5_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+p5_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../cryptlib.h
 p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -730,12 +715,11 @@ p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p5_pbev2.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
 p5_pbev2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_pbev2.o: ../../include/openssl/rijndael-alg-fst.h
-p5_pbev2.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p5_pbev2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_pbev2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_pbev2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_pbev2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+p5_pbev2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbev2.o: ../cryptlib.h
 p7_dgst.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 p7_dgst.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p7_dgst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -750,8 +734,7 @@ p7_dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_dgst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_dgst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_dgst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_dgst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -770,8 +753,7 @@ p7_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -790,9 +772,7 @@ p7_enc_c.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_enc_c.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_enc_c.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_enc_c.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc_c.o: ../../include/openssl/rc5.h
-p7_enc_c.o: ../../include/openssl/rijndael-alg-fst.h
-p7_enc_c.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_enc_c.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_enc_c.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_enc_c.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_enc_c.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -811,8 +791,7 @@ p7_evp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_evp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_evp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_evp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_evp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -831,8 +810,7 @@ p7_i_s.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_i_s.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_i_s.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_i_s.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_i_s.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_i_s.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_i_s.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_i_s.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -851,8 +829,7 @@ p7_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -871,9 +848,7 @@ p7_recip.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_recip.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_recip.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_recip.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_recip.o: ../../include/openssl/rc5.h
-p7_recip.o: ../../include/openssl/rijndael-alg-fst.h
-p7_recip.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_recip.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_recip.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_recip.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_recip.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -892,8 +867,7 @@ p7_s_e.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_s_e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_s_e.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_s_e.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p7_s_e.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_s_e.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_s_e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_s_e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -912,9 +886,7 @@ p7_signd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_signd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_signd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_signd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signd.o: ../../include/openssl/rc5.h
-p7_signd.o: ../../include/openssl/rijndael-alg-fst.h
-p7_signd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_signd.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_signd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_signd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_signd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -933,9 +905,7 @@ p7_signi.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p7_signi.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p7_signi.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p7_signi.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signi.o: ../../include/openssl/rc5.h
-p7_signi.o: ../../include/openssl/rijndael-alg-fst.h
-p7_signi.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p7_signi.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p7_signi.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p7_signi.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p7_signi.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -954,8 +924,7 @@ p8_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 p8_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-p8_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+p8_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p8_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -975,13 +944,11 @@ t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 t_bitst.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_bitst.o: ../../include/openssl/rijndael-alg-fst.h
-t_bitst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_bitst.o: ../cryptlib.h
+t_bitst.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h
 t_crl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_crl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 t_crl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -997,13 +964,11 @@ t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 t_crl.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_crl.o: ../../include/openssl/rijndael-alg-fst.h
-t_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_crl.o: ../cryptlib.h
+t_crl.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h
 t_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 t_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 t_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
@@ -1028,13 +993,11 @@ t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 t_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_req.o: ../../include/openssl/rijndael-alg-fst.h
-t_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_req.o: ../cryptlib.h
+t_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h
 t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -1049,8 +1012,7 @@ t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 t_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1070,13 +1032,11 @@ t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
 t_x509.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-t_x509.o: ../../include/openssl/rijndael-alg-fst.h
-t_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-t_x509.o: ../cryptlib.h
+t_x509.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
 t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -1091,8 +1051,7 @@ t_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1111,8 +1070,7 @@ x_algor.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_algor.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_algor.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_algor.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1131,9 +1089,7 @@ x_attrib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_attrib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_attrib.o: ../../include/openssl/rc5.h
-x_attrib.o: ../../include/openssl/rijndael-alg-fst.h
-x_attrib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_attrib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1152,8 +1108,7 @@ x_cinf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_cinf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_cinf.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_cinf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_cinf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_cinf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_cinf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_cinf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1172,8 +1127,7 @@ x_crl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_crl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_crl.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_crl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1192,8 +1146,7 @@ x_exten.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_exten.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_exten.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_exten.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1212,8 +1165,7 @@ x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_info.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_info.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1232,8 +1184,7 @@ x_name.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_name.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_name.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1252,8 +1203,7 @@ x_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1272,9 +1222,7 @@ x_pubkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_pubkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_pubkey.o: ../../include/openssl/rc5.h
-x_pubkey.o: ../../include/openssl/rijndael-alg-fst.h
-x_pubkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_pubkey.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_pubkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1293,8 +1241,7 @@ x_req.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_req.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_req.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1313,8 +1260,7 @@ x_sig.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_sig.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_sig.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_sig.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1333,8 +1279,7 @@ x_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_spki.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1353,8 +1298,7 @@ x_val.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_val.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_val.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_val.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_val.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1374,8 +1318,7 @@ x_x509.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_x509.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_x509.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_x509.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
@@ -1395,8 +1338,7 @@ x_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
 x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-x_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+x_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 x_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -491,24 +491,12 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,

 int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
 {
-	if(flags == XN_FLAG_COMPAT)
-		return X509_NAME_print(out, nm, indent);
 	return do_name_ex(send_bio_chars, out, nm, indent, flags);
 }


 int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
 {
-	if(flags == XN_FLAG_COMPAT)
-		{
-		BIO *btmp;
-		int ret;
-		btmp = BIO_new_fp(fp, BIO_NOCLOSE);
-		if(!btmp) return -1;
-		ret = X509_NAME_print(btmp, nm, indent);
-		BIO_free(btmp);
-		return ret;
-		}
 	return do_name_ex(send_fp_chars, fp, nm, indent, flags);
 }

--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -133,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
 	if(tbl) {
 		mask = tbl->mask;
 		if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
-		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
+		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask,
 					tbl->minsize, tbl->maxsize);
 	} else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
 	if(ret <= 0) return NULL;
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -123,8 +123,6 @@ int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
 		break;
 	case V_ASN1_SET:
 	case V_ASN1_SEQUENCE:
-	case V_ASN1_OTHER:
-	default:
 		if (a->value.set == NULL)
 			r=0;
 		else
@@ -161,8 +159,6 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)

 	inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
 	if (inf & 0x80) goto err;
-	/* If not universal tag we've no idea what it is */
-	if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
 	
 	ASN1_TYPE_component_free(ret);

@@ -249,8 +245,6 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
 		break;
 	case V_ASN1_SET:
 	case V_ASN1_SEQUENCE:
-	case V_ASN1_OTHER:
-	default:
 		/* Sets and sequences are left complete */
 		if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
 		ret->value.set->type=tag;
@@ -258,6 +252,9 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
 		if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
 		p+=len;
 		break;
+	default:
+		ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
+		goto err;
 		}

 	ret->type=tag;
@@ -315,8 +312,6 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
 		case V_ASN1_OBJECT:
 			ASN1_OBJECT_free(a->value.object);
 			break;
-		case V_ASN1_NULL:
-			break;
 		case V_ASN1_INTEGER:
 		case V_ASN1_NEG_INTEGER:
 		case V_ASN1_ENUMERATED:
@@ -338,10 +333,11 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
 		case V_ASN1_UNIVERSALSTRING:
 		case V_ASN1_BMPSTRING:
 		case V_ASN1_UTF8STRING:
-		case V_ASN1_OTHER:
-		default:
 			ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
 			break;
+		default:
+			/* MEMORY LEAK */
+			break;
 			}
 		a->type=0;
 		a->value.ptr=NULL;
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -83,7 +83,6 @@ extern "C" {
 #define V_ASN1_PRIMATIVE_TAG		0x1f

 #define V_ASN1_APP_CHOOSE		-2	/* let the recipient choose */
-#define V_ASN1_OTHER			-3	/* used in ASN1_TYPE */

 #define V_ASN1_NEG			0x100	/* negative flag */

--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -72,11 +72,6 @@

 #ifndef NO_FP_API
 int X509_print_fp(FILE *fp, X509 *x)
-	{
-	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-	}
-
-int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
        {
        BIO *b;
        int ret;
@@ -87,23 +82,17 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla
                return(0);
 		}
        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=X509_print_ex(b, x, nmflag, cflag);
+        ret=X509_print(b, x);
        BIO_free(b);
        return(ret);
        }
 #endif

 int X509_print(BIO *bp, X509 *x)
-{
-	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 	{
 	long l;
 	int ret=0,i,j,n;
-	char *m=NULL,*s, mlch = ' ';
-	int nmindent = 0;
+	char *m=NULL,*s;
 	X509_CINF *ci;
 	ASN1_INTEGER *bs;
 	EVP_PKEY *pkey=NULL;
@@ -111,127 +100,89 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 	X509_EXTENSION *ex;
 	ASN1_STRING *str=NULL;

-	if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-			mlch = '\n';
-			nmindent = 16;
-	}
-
-	if(nmflags == X509_FLAG_COMPAT)
-		nmindent = 16;
-
 	ci=x->cert_info;
-	if(!(cflag & X509_FLAG_NO_HEADER))
-		{
-		if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
-		if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_VERSION))
-		{
-		l=X509_get_version(x);
-		if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_SERIAL))
-		{
+	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+	if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
+	l=X509_get_version(x);
+	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+	if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;

-		if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
-
-		bs=X509_get_serialNumber(x);
-		if (bs->length <= 4)
+	bs=X509_get_serialNumber(x);
+	if (bs->length <= 4)
+		{
+		l=ASN1_INTEGER_get(bs);
+		if (l < 0)
 			{
-			l=ASN1_INTEGER_get(bs);
-			if (l < 0)
-				{
-				l= -l;
-				neg="-";
-				}
-			else
-				neg="";
-			if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
+			l= -l;
+			neg="-";
+			}
+		else
+			neg="";
+		if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
+			goto err;
+		}
+	else
+		{
+		neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+		if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
+
+		for (i=0; i<bs->length; i++)
+			{
+			if (BIO_printf(bp,"%02x%c",bs->data[i],
+				((i+1 == bs->length)?'\n':':')) <= 0)
 				goto err;
 			}
-		else
-			{
-			neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
-			if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
-
-			for (i=0; i<bs->length; i++)
-				{
-				if (BIO_printf(bp,"%02x%c",bs->data[i],
-					((i+1 == bs->length)?'\n':':')) <= 0)
-					goto err;
-				}
-			}
-
 		}

-	if(!(cflag & X509_FLAG_NO_SIGNAME))
-		{
-		i=OBJ_obj2nid(ci->signature->algorithm);
-		if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
-			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
-			goto err;
-		}
+	i=OBJ_obj2nid(ci->signature->algorithm);
+	if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+		goto err;

-	if(!(cflag & X509_FLAG_NO_ISSUER))
-		{
-		if (BIO_printf(bp,"        Issuer:%c",mlch) <= 0) goto err;
-		if (!X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags)) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_VALIDITY))
-		{
-		if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
-		if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
-		if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
-		if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
-		if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
-		if (BIO_write(bp,"\n",1) <= 0) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_SUBJECT))
-		{
-		if (BIO_printf(bp,"        Subject:%c",mlch) <= 0) goto err;
-		if (!X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags)) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_PUBKEY))
-		{
-		if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
-			goto err;
-		i=OBJ_obj2nid(ci->key->algor->algorithm);
-		if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
-			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+	if (BIO_write(bp,"        Issuer: ",16) <= 0) goto err;
+	if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
+	if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
+	if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
+	if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
+	if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
+	if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
+	if (BIO_write(bp,"\n        Subject: ",18) <= 0) goto err;
+	if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
+	if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
+		goto err;
+	i=OBJ_obj2nid(ci->key->algor->algorithm);
+	if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;

-		pkey=X509_get_pubkey(x);
-		if (pkey == NULL)
-			{
-			BIO_printf(bp,"%12sUnable to load Public Key\n","");
-			ERR_print_errors(bp);
-			}
-		else
+	pkey=X509_get_pubkey(x);
+	if (pkey == NULL)
+		{
+		BIO_printf(bp,"%12sUnable to load Public Key\n","");
+		ERR_print_errors(bp);
+		}
+	else
 #ifndef NO_RSA
-		if (pkey->type == EVP_PKEY_RSA)
-			{
-			BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
-			BN_num_bits(pkey->pkey.rsa->n));
-			RSA_print(bp,pkey->pkey.rsa,16);
-			}
-		else
+	if (pkey->type == EVP_PKEY_RSA)
+		{
+		BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+		BN_num_bits(pkey->pkey.rsa->n));
+		RSA_print(bp,pkey->pkey.rsa,16);
+		}
+	else
 #endif
 #ifndef NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			{
-			BIO_printf(bp,"%12sDSA Public Key:\n","");
-			DSA_print(bp,pkey->pkey.dsa,16);
-			}
-		else
-#endif
-			BIO_printf(bp,"%12sUnknown Public Key:\n","");
-
-		EVP_PKEY_free(pkey);
+	if (pkey->type == EVP_PKEY_DSA)
+		{
+		BIO_printf(bp,"%12sDSA Public Key:\n","");
+		DSA_print(bp,pkey->pkey.dsa,16);
 		}
-
-	if (cflag & X509_FLAG_NO_EXTENSIONS)
-		n = 0;
 	else
-		n=X509_get_ext_count(x);
+#endif
+		BIO_printf(bp,"%12sUnknown Public Key:\n","");
+
+	EVP_PKEY_free(pkey);
+
+	n=X509_get_ext_count(x);
 	if (n > 0)
 		{
 		BIO_printf(bp,"%8sX509v3 extensions:\n","");
@@ -245,7 +196,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			j=X509_EXTENSION_get_critical(ex);
 			if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
 				goto err;
-			if(!X509V3_EXT_print(bp, ex, cflag, 16))
+			if(!X509V3_EXT_print(bp, ex, 0, 16))
 				{
 				BIO_printf(bp, "%16s", "");
 				M_ASN1_OCTET_STRING_print(bp,ex->value);
@@ -254,27 +205,21 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			}
 		}

-	if(!(cflag & X509_FLAG_NO_SIGDUMP))
-		{
-		i=OBJ_obj2nid(x->sig_alg->algorithm);
-		if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
-			(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;

-		n=x->signature->length;
-		s=(char *)x->signature->data;
-		for (i=0; i<n; i++)
-			{
-			if ((i%18) == 0)
-				if (BIO_write(bp,"\n        ",9) <= 0) goto err;
-			if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
-				((i+1) == n)?"":":") <= 0) goto err;
-			}
-		if (BIO_write(bp,"\n",1) != 1) goto err;
-		}
-	if(!(cflag & X509_FLAG_NO_AUX))
+	n=x->signature->length;
+	s=(char *)x->signature->data;
+	for (i=0; i<n; i++)
 		{
-		if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
+		if ((i%18) == 0)
+			if (BIO_write(bp,"\n        ",9) <= 0) goto err;
+		if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+			((i+1) == n)?"":":") <= 0) goto err;
 		}
+	if (BIO_write(bp,"\n",1) != 1) goto err;
+	if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
 	ret=1;
 err:
 	if (str != NULL) ASN1_STRING_free(str);
--- a/crypto/bf/Makefile.ssl
+++ b/crypto/bf/Makefile.ssl
@@ -44,8 +44,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 # elf
--- a/crypto/bio/Makefile.ssl
+++ b/crypto/bio/Makefile.ssl
@@ -27,13 +27,11 @@ LIBSRC= bio_lib.c bio_cb.c bio_err.c \
 	bss_file.c bss_sock.c bss_conn.c \
 	bf_null.c bf_buff.c b_print.c b_dump.c \
 	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c
-#	bf_lbuf.c
 LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
 	bss_mem.o bss_null.o bss_fd.o \
 	bss_file.o bss_sock.o bss_conn.o \
 	bf_null.o bf_buff.o b_print.o b_dump.o \
 	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o
-#	bf_lbuf.o

 SRC= $(LIBSRC)

@@ -49,8 +47,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
@@ -123,8 +120,7 @@ bf_buff.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 bf_buff.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 bf_buff.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 bf_buff.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-bf_buff.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+bf_buff.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 bf_buff.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 bf_buff.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h
@@ -142,11 +138,10 @@ bf_nbio.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 bf_nbio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
 bf_nbio.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bf_nbio.o: ../../include/openssl/rijndael-alg-fst.h
-bf_nbio.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-bf_nbio.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bf_nbio.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bf_nbio.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bf_nbio.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+bf_nbio.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_nbio.o: ../cryptlib.h
 bf_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 bf_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -160,8 +155,7 @@ bf_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 bf_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 bf_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 bf_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/rijndael-alg-fst.h
-bf_null.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+bf_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 bf_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 bf_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -151,7 +151,7 @@ static void _dopr(char **sbuffer, char **buffer,

 /* some handy macros */
 #define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
+#define MAX(p,q) ((p >= q) ? p : q)

 static void
 _dopr(
@@ -502,13 +502,13 @@ fmtint(
    convert[place] = 0;

    zpadlen = max - place;
-    spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
+    spadlen = min - MAX(max, place) - (signvalue ? 1 : 0);
    if (zpadlen < 0)
        zpadlen = 0;
    if (spadlen < 0)
        spadlen = 0;
    if (flags & DP_F_ZERO) {
-        zpadlen = OSSL_MAX(zpadlen, spadlen);
+        zpadlen = MAX(zpadlen, spadlen);
        spadlen = 0;
    }
    if (flags & DP_F_MINUS)
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -113,8 +113,8 @@ int BIO_get_host_ip(const char *str, unsigned char *ip)

 	/* At this point, we have something that is most probably correct
 	   in some way, so let's init the socket. */
-	if (BIO_sock_init() != 1)
-		return 0; /* don't generate another error code here */
+	if (!BIO_sock_init())
+		return(0); /* don't generate another error code here */

 	/* If the string actually contained an IP address, we need not do
 	   anything more */
@@ -527,7 +527,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 	unsigned long l;
 	int err_num;

-	if (BIO_sock_init() != 1) return(INVALID_SOCKET);
+	if (!BIO_sock_init()) return(INVALID_SOCKET);

 	if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);

@@ -661,7 +661,6 @@ int BIO_accept(int sock, char **addr)
 	ret=accept(sock,(struct sockaddr *)&from,(void *)&len);
 	if (ret == INVALID_SOCKET)
 		{
-		if(BIO_sock_should_retry(ret)) return -2;
 		SYSerr(SYS_F_ACCEPT,get_last_socket_error());
 		BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
 		goto end;
--- a/crypto/bio/bf_lbuf.c
+++ b/crypto/bio/bf_lbuf.c
@@ -1,397 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int linebuffer_write(BIO *h, const char *buf,int num);
-static int linebuffer_read(BIO *h, char *buf, int size);
-static int linebuffer_puts(BIO *h, const char *str);
-static int linebuffer_gets(BIO *h, char *str, int size);
-static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int linebuffer_new(BIO *h);
-static int linebuffer_free(BIO *data);
-static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-/* A 10k maximum should be enough for most purposes */
-#define DEFAULT_LINEBUFFER_SIZE	1024*10
-
-/* #define DEBUG */
-
-static BIO_METHOD methods_linebuffer=
-	{
-	BIO_TYPE_LINEBUFFER,
-	"linebuffer",
-	linebuffer_write,
-	linebuffer_read,
-	linebuffer_puts,
-	linebuffer_gets,
-	linebuffer_ctrl,
-	linebuffer_new,
-	linebuffer_free,
-	linebuffer_callback_ctrl,
-	};
-
-BIO_METHOD *BIO_f_linebuffer(void)
-	{
-	return(&methods_linebuffer);
-	}
-
-typedef struct bio_linebuffer_ctx_struct
-	{
-	char *obuf;		/* the output char array */
-	int obuf_size;		/* how big is the output buffer */
-	int obuf_len;		/* how many bytes are in it */
-	} BIO_LINEBUFFER_CTX;
-
-static int linebuffer_new(BIO *bi)
-	{
-	BIO_LINEBUFFER_CTX *ctx;
-
-	ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
-	if (ctx == NULL) return(0);
-	ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
-	if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); }
-	ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE;
-	ctx->obuf_len=0;
-
-	bi->init=1;
-	bi->ptr=(char *)ctx;
-	bi->flags=0;
-	return(1);
-	}
-
-static int linebuffer_free(BIO *a)
-	{
-	BIO_LINEBUFFER_CTX *b;
-
-	if (a == NULL) return(0);
-	b=(BIO_LINEBUFFER_CTX *)a->ptr;
-	if (b->obuf != NULL) OPENSSL_free(b->obuf);
-	OPENSSL_free(a->ptr);
-	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;
-	return(1);
-	}
-	
-static int linebuffer_read(BIO *b, char *out, int outl)
-	{
-	int ret=0;
- 
-	if (out == NULL) return(0);
-	if (b->next_bio == NULL) return(0);
-	ret=BIO_read(b->next_bio,out,outl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return(ret);
-	}
-
-static int linebuffer_write(BIO *b, const char *in, int inl)
-	{
-	int i,num=0,foundnl;
-	BIO_LINEBUFFER_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0)) return(0);
-	ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
-	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
-
-	BIO_clear_retry_flags(b);
-
-	do
-		{
-		const char *p;
-
-		for(p = in; p < in + inl && *p != '\n'; p++)
-			;
-		if (*p == '\n')
-			{
-			p++;
-			foundnl = 1;
-			}
-		else
-			foundnl = 0;
-
-		/* If a NL was found and we already have text in the save
-		   buffer, concatenate them and write */
-		while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
-			&& ctx->obuf_len > 0)
-			{
-			int orig_olen = ctx->obuf_len;
-			
-			i = ctx->obuf_size - ctx->obuf_len;
-			if (p - in > 0)
-				{
-				if (i >= p - in)
-					{
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-						in,p - in);
-					ctx->obuf_len += p - in;
-					inl -= p - in;
-					num += p - in;
-					in = p;
-					}
-				else
-					{
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-						in,i);
-					ctx->obuf_len += i;
-					inl -= i;
-					in += i;
-					num += i;
-					}
-				}
-
-#ifdef DEBUG
-BIO_write(b->next_bio, "<*<", 3);
-#endif
-			i=BIO_write(b->next_bio,
-				ctx->obuf, ctx->obuf_len);
-			if (i <= 0)
-				{
-				ctx->obuf_len = orig_olen;
-				BIO_copy_next_retry(b);
-
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-			if (i < ctx->obuf_len)
-				memmove(ctx->obuf, ctx->obuf + i,
-					ctx->obuf_len - i);
-			ctx->obuf_len-=i;
-			}
-
-		/* Now that the save buffer is emptied, let's write the input
-		   buffer if a NL was found and there is anything to write. */
-		if ((foundnl || p - in > ctx->obuf_size) && p - in > 0)
-			{
-#ifdef DEBUG
-BIO_write(b->next_bio, "<*<", 3);
-#endif
-			i=BIO_write(b->next_bio,in,p - in);
-			if (i <= 0)
-				{
-				BIO_copy_next_retry(b);
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-				if (i < 0) return((num > 0)?num:i);
-				if (i == 0) return(num);
-				}
-#ifdef DEBUG
-BIO_write(b->next_bio, ">*>", 3);
-#endif
-			num+=i;
-			in+=i;
-			inl-=i;
-			}
-		}
-	while(foundnl && inl > 0);
-	/* We've written as much as we can.  The rest of the input buffer, if
-	   any, is text that doesn't and with a NL and therefore needs to be
-	   saved for the next trip. */
-	if (inl > 0)
-		{
-		memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
-		ctx->obuf_len += inl;
-		num += inl;
-		}
-	return num;
-	}
-
-static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-	{
-	BIO *dbio;
-	BIO_LINEBUFFER_CTX *ctx;
-	long ret=1;
-	char *p;
-	int r;
-	int obs;
-
-	ctx=(BIO_LINEBUFFER_CTX *)b->ptr;
-
-	switch (cmd)
-		{
-	case BIO_CTRL_RESET:
-		ctx->obuf_len=0;
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_INFO:
-		ret=(long)ctx->obuf_len;
-		break;
-	case BIO_CTRL_WPENDING:
-		ret=(long)ctx->obuf_len;
-		if (ret == 0)
-			{
-			if (b->next_bio == NULL) return(0);
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			}
-		break;
-	case BIO_C_SET_BUFF_SIZE:
-		obs=(int)num;
-		p=ctx->obuf;
-		if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size))
-			{
-			p=(char *)OPENSSL_malloc((int)num);
-			if (p == NULL)
-				goto malloc_error;
-			}
-		if (ctx->obuf != p)
-			{
-			if (ctx->obuf_len > obs)
-				{
-				ctx->obuf_len = obs;
-				}
-			memcpy(p, ctx->obuf, ctx->obuf_len);
-			OPENSSL_free(ctx->obuf);
-			ctx->obuf=p;
-			ctx->obuf_size=obs;
-			}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		if (b->next_bio == NULL) return(0);
-		BIO_clear_retry_flags(b);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (b->next_bio == NULL) return(0);
-		if (ctx->obuf_len <= 0)
-			{
-			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-			break;
-			}
-
-		for (;;)
-			{
-			BIO_clear_retry_flags(b);
-			if (ctx->obuf_len > 0)
-				{
-				r=BIO_write(b->next_bio,
-					ctx->obuf, ctx->obuf_len);
-#if 0
-fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r);
-#endif
-				BIO_copy_next_retry(b);
-				if (r <= 0) return((long)r);
-				if (r < ctx->obuf_len)
-					memmove(ctx->obuf, ctx->obuf + r,
-						ctx->obuf_len - r);
-				ctx->obuf_len-=r;
-				}
-			else
-				{
-				ctx->obuf_len=0;
-				ret=1;
-				break;
-				}
-			}
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-	case BIO_CTRL_DUP:
-		dbio=(BIO *)ptr;
-		if (	!BIO_set_write_buffer_size(dbio,ctx->obuf_size))
-			ret=0;
-		break;
-	default:
-		if (b->next_bio == NULL) return(0);
-		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
-		break;
-		}
-	return(ret);
-malloc_error:
-	BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
-static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-	{
-	long ret=1;
-
-	if (b->next_bio == NULL) return(0);
-	switch (cmd)
-		{
-	default:
-		ret=BIO_callback_ctrl(b->next_bio,cmd,fp);
-		break;
-		}
-	return(ret);
-	}
-
-static int linebuffer_gets(BIO *b, char *buf, int size)
-	{
-	if (b->next_bio == NULL) return(0);
-	return(BIO_gets(b->next_bio,buf,size));
-	}
-
-static int linebuffer_puts(BIO *b, const char *str)
-	{
-	return(linebuffer_write(b,str,strlen(str)));
-	}
-
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -91,7 +91,6 @@ extern "C" {
 #define BIO_TYPE_NULL_FILTER	(17|0x0200)
 #define BIO_TYPE_BER		(18|0x0200)		/* BER -> bin filter */
 #define BIO_TYPE_BIO		(19|0x0400)		/* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER	(20|0x0200)		/* filter */

 #define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
 #define BIO_TYPE_FILTER		0x0200
@@ -179,7 +178,7 @@ extern "C" {
 #define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
 #define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)

-/* The next three are used in conjunction with the
+/* The next two are used in conjunction with the
 * BIO_should_io_special() condition.  After this returns true,
 * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO 
 * stack and return the 'reason' for the special and the offending BIO.
@@ -188,8 +187,6 @@ extern "C" {
 #define BIO_RR_SSL_X509_LOOKUP		0x01
 /* Returned from the connect BIO when a connect would have blocked */
 #define BIO_RR_CONNECT			0x02
-/* Returned from the accept BIO when an accept would have blocked */
-#define BIO_RR_ACCEPT			0x03

 /* These are passed by the BIO callback */
 #define BIO_CB_FREE	0x01
@@ -557,9 +554,6 @@ BIO_METHOD *BIO_s_bio(void);
 BIO_METHOD *BIO_s_null(void);
 BIO_METHOD *BIO_f_null(void);
 BIO_METHOD *BIO_f_buffer(void);
-#ifdef VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-#endif
 BIO_METHOD *BIO_f_nbio_test(void);
 /* BIO_METHOD *BIO_f_ber(void); */

@@ -646,7 +640,6 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args);
 #define BIO_F_CONN_CTRL					 127
 #define BIO_F_CONN_STATE				 115
 #define BIO_F_FILE_CTRL					 116
-#define BIO_F_LINEBUFFER_CTRL				 129
 #define BIO_F_MEM_READ					 128
 #define BIO_F_MEM_WRITE					 117
 #define BIO_F_SSL_NEW					 118
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -91,7 +91,6 @@ static ERR_STRING_DATA BIO_str_functs[]=
 {ERR_PACK(0,BIO_F_CONN_CTRL,0),	"CONN_CTRL"},
 {ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
 {ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
-{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0),	"LINEBUFFER_CTRL"},
 {ERR_PACK(0,BIO_F_MEM_READ,0),	"MEM_READ"},
 {ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
 {ERR_PACK(0,BIO_F_SSL_NEW,0),	"SSL_new"},
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -236,20 +236,8 @@ again:
 			c->state=ACPT_S_OK;
 			goto again;
 			}
-		BIO_clear_retry_flags(b);
-		b->retry_reason=0;
 		i=BIO_accept(c->accept_sock,&(c->addr));
-
-		/* -2 return means we should retry */
-		if(i == -2)
-			{
-			BIO_set_retry_special(b);
-			b->retry_reason=BIO_RR_ACCEPT;
-			return -1;
-			}
-
 		if (i < 0) return(i);
-
 		bio=BIO_new_socket(i,BIO_CLOSE);
 		if (bio == NULL) goto err;

--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -236,7 +236,7 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
 				}
 			c->state=BIO_CONN_S_CONNECT;

-#if defined(SO_KEEPALIVE) && !defined(MPE)
+#ifdef SO_KEEPALIVE
 			i=1;
 			i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
 			if (i < 0)
--- a/crypto/bn/Makefile.ssl
+++ b/crypto/bn/Makefile.ssl
@@ -68,8 +68,7 @@ bnbug: bnbug.c ../../libcrypto.a top

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 # elf
--- a/crypto/bn/asm/pa-risc2.s
+++ b/crypto/bn/asm/pa-risc2.s
@@ -1611,7 +1611,7 @@ bn_mul_comba4
 	.IMPORT	$global$,DATA
 	.SPACE	$TEXT$
 	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,ACCESS=0x2c
+	.SUBSPA	$LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16
 C$7
 	.ALIGN	8
 	.STRINGZ	"Division would overflow (%d)\n"
--- a/crypto/bn/asm/pa-risc2W.s
+++ b/crypto/bn/asm/pa-risc2W.s
@@ -1598,7 +1598,7 @@ bn_mul_comba4
 	.IMPORT	$global$,DATA
 	.SPACE	$TEXT$
 	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,ACCESS=0x2c
+	.SUBSPA	$LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16
 C$4
 	.ALIGN	8
 	.STRINGZ	"Division would overflow (%d)\n"
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -113,13 +113,6 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
-#ifdef ATALLA
-# include <alloca.h>
-# include <atasi.h>
-# include <assert.h>
-# include <dlfcn.h>
-#endif
-

 #define TABLE_SIZE	32

@@ -183,174 +176,6 @@ err:
 	}


-#ifdef ATALLA
-
-/*
- * This routine will dynamically check for the existance of an Atalla AXL-200
- * SSL accelerator module.  If one is found, the variable
- * asi_accelerator_present is set to 1 and the function pointers
- * ptr_ASI_xxxxxx above will be initialized to corresponding ASI API calls.
- */
-typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
-					    unsigned int *ret_buf);
-typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
-typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
-				     unsigned char *output,
-				     unsigned char *input,
-				     unsigned int modulus_len);
-
-static tfnASI_GetHardwareConfig *ptr_ASI_GetHardwareConfig;
-static tfnASI_RSAPrivateKeyOpFn *ptr_ASI_RSAPrivateKeyOpFn;
-static tfnASI_GetPerformanceStatistics *ptr_ASI_GetPerformanceStatistics;
-static int asi_accelerator_present;
-static int tried_atalla;
-
-void atalla_initialize_accelerator_handle(void)
-	{
-	void *dl_handle;
-	int status;
-	unsigned int config_buf[1024]; 
-	static int tested;
-
-	if(tested)
-		return;
-
-	tested=1;
-
-	bzero((void *)config_buf, 1024);
-
-	/*
-	 * Check to see if the library is present on the system
-	 */
-	dl_handle = dlopen("atasi.so", RTLD_NOW);
-	if (dl_handle == (void *) NULL)
-		{
-/*		printf("atasi.so library is not present on the system\n");
-		printf("No HW acceleration available\n");*/
-		return;
-	        }
-
-	/*
-	 * The library is present.  Now we'll check to insure that the
-	 * LDM is up and running. First we'll get the address of the
-	 * function in the atasi library that we need to see if the
-	 * LDM is operating.
-	 */
-
-	ptr_ASI_GetHardwareConfig =
-	  (tfnASI_GetHardwareConfig *)dlsym(dl_handle,"ASI_GetHardwareConfig");
-
-	if (ptr_ASI_GetHardwareConfig)
-		{
-		/*
-		 * We found the call, now we'll get our config
-		 * status.  If we get a non 0 result, the LDM is not
-		 * running and we cannot use the Atalla ASI *
-		 * library.
-		 */
-		status = (*ptr_ASI_GetHardwareConfig)(0L, config_buf);
-		if (status != 0)
-			{
-			printf("atasi.so library is present but not initialized\n");
-			printf("No HW acceleration available\n");
-			return;
-			}    
-	        }
-	else
-		{
-/*		printf("We found the library, but not the function. Very Strange!\n");*/
-		return ;
-	      	}
-
-	/* 
-	 * It looks like we have acceleration capabilities.  Load up the
-	 * pointers to our ASI API calls.
-	 */
-	ptr_ASI_RSAPrivateKeyOpFn=
-	  (tfnASI_RSAPrivateKeyOpFn *)dlsym(dl_handle, "ASI_RSAPrivateKeyOpFn");
-	if (ptr_ASI_RSAPrivateKeyOpFn == NULL)
-		{
-/*		printf("We found the library, but no RSA function. Very Strange!\n");*/
-		return;
-	        }
-
-	ptr_ASI_GetPerformanceStatistics =
-	  (tfnASI_GetPerformanceStatistics *)dlsym(dl_handle, "ASI_GetPerformanceStatistics");
-	if (ptr_ASI_GetPerformanceStatistics == NULL)
-		{
-/*		printf("We found the library, but no stat function. Very Strange!\n");*/
-		return;
-	      }
-
-	/*
-	 * Indicate that acceleration is available
-	 */
-	asi_accelerator_present = 1;
-
-/*	printf("This system has acceleration!\n");*/
-
-	return;
-	}
-
-/* make sure this only gets called once when bn_mod_exp calls bn_mod_exp_mont */
-int BN_mod_exp_atalla(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m)
-	{
-	unsigned char *abin;
-	unsigned char *pbin;
-	unsigned char *mbin;
-	unsigned char *rbin;
-	int an,pn,mn,ret;
-	RSAPrivateKey keydata;
-
-	atalla_initialize_accelerator_handle();
-	if(!asi_accelerator_present)
-		return 0;
-
-
-/* We should be able to run without size testing */
-# define ASIZE	128
-	an=BN_num_bytes(a);
-	pn=BN_num_bytes(p);
-	mn=BN_num_bytes(m);
-
-	if(an <= ASIZE && pn <= ASIZE && mn <= ASIZE)
-	    {
-	    int size=mn;
-
-	    assert(an <= mn);
-	    abin=alloca(size);
-	    memset(abin,'\0',mn);
-	    BN_bn2bin(a,abin+size-an);
-
-	    pbin=alloca(pn);
-	    BN_bn2bin(p,pbin);
-
-	    mbin=alloca(size);
-	    memset(mbin,'\0',mn);
-	    BN_bn2bin(m,mbin+size-mn);
-
-	    rbin=alloca(size);
-
-	    memset(&keydata,'\0',sizeof keydata);
-	    keydata.privateExponent.data=pbin;
-	    keydata.privateExponent.len=pn;
-	    keydata.modulus.data=mbin;
-	    keydata.modulus.len=size;
-
-	    ret=(*ptr_ASI_RSAPrivateKeyOpFn)(&keydata,rbin,abin,keydata.modulus.len);
-/*fprintf(stderr,"!%s\n",BN_bn2hex(a));*/
-	    if(!ret)
-	        {
-		BN_bin2bn(rbin,keydata.modulus.len,r);
-/*fprintf(stderr,"?%s\n",BN_bn2hex(r));*/
-		return 1;
-	        }
-	    }
-	return 0;
-        }
-#endif /* def ATALLA */
-
-
 int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 	       BN_CTX *ctx)
 	{
@@ -360,13 +185,6 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 	bn_check_top(p);
 	bn_check_top(m);

-#ifdef ATALLA
-	if(BN_mod_exp_atalla(r,a,p,m))
-	    return 1;
-/* If it fails, try the other methods (but don't try atalla again) */
-	tried_atalla=1;
-#endif
-
 #ifdef MONT_MUL_MOD
 	/* I have finally been able to take out this pre-condition of
 	 * the top bit being set.  It was caused by an error in BN_div
@@ -392,10 +210,6 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 		{ ret=BN_mod_exp_simple(r,a,p,m,ctx); }
 #endif

-#ifdef ATALLA
-	tried_atalla=0;
-#endif
-
 	return(ret);
 	}

@@ -525,12 +339,6 @@ int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p,
 	bn_check_top(p);
 	bn_check_top(m);

-#ifdef ATALLA
-	if(!tried_atalla && BN_mod_exp_atalla(rr,a,p,m))
-	    return 1;
-/* If it fails, try the other methods */
-#endif
-
 	if (!(m->d[0] & 1))
 		{
 		BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
@@ -693,19 +501,6 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 	t = BN_CTX_get(ctx);
 	if (d == NULL || r == NULL || t == NULL) goto err;

-#ifdef ATALLA
-	if (!tried_atalla)
-		{
-		BN_set_word(t, a);
-		if (BN_mod_exp_atalla(rr, t, p, m))
-			{
-			BN_CTX_end(ctx);
-			return 1;
-			}
-		}
-/* If it fails, try the other methods */
-#endif
-
 	if (in_mont != NULL)
 		mont=in_mont;
 	else
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -85,7 +85,16 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,

 	if (a == b)
 		{
+#if 1 
+		bn_wexpand(tmp,a->top*2);
+		bn_wexpand(tmp2,a->top*4);
+		bn_sqr_recursive(tmp->d,a->d,a->top,tmp2->d);
+		tmp->top=a->top*2;
+		if (tmp->top > 0 && tmp->d[tmp->top-1] == 0)
+			tmp->top--;
+#else
 		if (!BN_sqr(tmp,a,ctx)) goto err;
+#endif
 		}
 	else
 		{
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -188,7 +188,7 @@ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp)

 #ifdef BN_RECURSION
 /* r is 2*n words in size,
- * a and b are both n words in size.    (There's not actually a 'b' here ...)
+ * a and b are both n words in size.
 * n must be a power of 2.
 * We multiply and return the result.
 * t must be 2*n words in size
--- a/crypto/buffer/Makefile.ssl
+++ b/crypto/buffer/Makefile.ssl
@@ -39,8 +39,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
--- a/crypto/cast/Makefile.ssl
+++ b/crypto/cast/Makefile.ssl
@@ -47,8 +47,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 # elf
--- a/crypto/comp/Makefile.ssl
+++ b/crypto/comp/Makefile.ssl
@@ -42,8 +42,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
--- a/crypto/conf/Makefile.ssl
+++ b/crypto/conf/Makefile.ssl
@@ -40,8 +40,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -90,11 +90,10 @@ struct conf_method_st
 	int (MS_FAR *init)(CONF *conf);
 	int (MS_FAR *destroy)(CONF *conf);
 	int (MS_FAR *destroy_data)(CONF *conf);
-	int (MS_FAR *load_bio)(CONF *conf, BIO *bp, long *eline);
+	int (MS_FAR *load)(CONF *conf, BIO *bp, long *eline);
 	int (MS_FAR *dump)(CONF *conf, BIO *bp);
 	int (MS_FAR *is_number)(CONF *conf, char c);
 	int (MS_FAR *to_int)(CONF *conf, char c);
-	int (MS_FAR *load)(CONF *conf, const char *name, long *eline);
 	};

 int CONF_set_default_method(CONF_METHOD *meth);
@@ -137,17 +136,10 @@ int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
 int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
 STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section);
 char *NCONF_get_string(CONF *conf,char *group,char *name);
-int NCONF_get_number_e(CONF *conf,char *group,char *name,long *result);
+long NCONF_get_number(CONF *conf,char *group,char *name);
 int NCONF_dump_fp(CONF *conf, FILE *out);
 int NCONF_dump_bio(CONF *conf, BIO *out);

-#if 0 /* The following function has no error checking,
-	 and should therefore be avoided */
-long NCONF_get_number(CONF *conf,char *group,char *name);
-#else
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r);
-#endif
-

 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -164,12 +156,9 @@ long NCONF_get_number(CONF *conf,char *group,char *name);
 #define CONF_F_NCONF_DUMP_BIO				 105
 #define CONF_F_NCONF_DUMP_FP				 106
 #define CONF_F_NCONF_GET_NUMBER				 107
-#define CONF_F_NCONF_GET_NUMBER_E			 112
 #define CONF_F_NCONF_GET_SECTION			 108
 #define CONF_F_NCONF_GET_STRING				 109
-#define CONF_F_NCONF_LOAD				 113
 #define CONF_F_NCONF_LOAD_BIO				 110
-#define CONF_F_NCONF_LOAD_FP				 114
 #define CONF_F_NCONF_NEW				 111
 #define CONF_F_STR_COPY					 101

@@ -178,9 +167,6 @@ long NCONF_get_number(CONF *conf,char *group,char *name);
 #define CONF_R_MISSING_EQUAL_SIGN			 101
 #define CONF_R_NO_CLOSE_BRACE				 102
 #define CONF_R_NO_CONF					 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE		 106
-#define CONF_R_NO_SECTION				 107
-#define CONF_R_NO_VALUE					 108
 #define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
 #define CONF_R_VARIABLE_HAS_NO_VALUE			 104

--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -153,9 +153,6 @@ char *_CONF_get_string(CONF *conf, char *section, char *name)
 		return(Getenv(name));
 	}

-#if 0 /* There's no way to provide error checking with this function, so
-	 force implementors of the higher levels to get a string and read
-	 the number themselves. */
 long _CONF_get_number(CONF *conf, char *section, char *name)
 	{
 	char *str;
@@ -172,7 +169,6 @@ long _CONF_get_number(CONF *conf, char *section, char *name)
 		str++;
 		}
 	}
-#endif

 int _CONF_new_data(CONF *conf)
 	{
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -81,8 +81,7 @@ static int def_init_default(CONF *conf);
 static int def_init_WIN32(CONF *conf);
 static int def_destroy(CONF *conf);
 static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, const char *name, long *eline);
-static int def_load_bio(CONF *conf, BIO *bp, long *eline);
+static int def_load(CONF *conf, BIO *bp, long *eline);
 static int def_dump(CONF *conf, BIO *bp);
 static int def_is_number(CONF *conf, char c);
 static int def_to_int(CONF *conf, char c);
@@ -95,11 +94,10 @@ static CONF_METHOD default_method = {
 	def_init_default,
 	def_destroy,
 	def_destroy_data,
-	def_load_bio,
+	def_load,
 	def_dump,
 	def_is_number,
-	def_to_int,
-	def_load
+	def_to_int
 	};

 static CONF_METHOD WIN32_method = {
@@ -108,11 +106,10 @@ static CONF_METHOD WIN32_method = {
 	def_init_WIN32,
 	def_destroy,
 	def_destroy_data,
-	def_load_bio,
+	def_load,
 	def_dump,
 	def_is_number,
-	def_to_int,
-	def_load
+	def_to_int
 	};

 CONF_METHOD *NCONF_default()
@@ -180,29 +177,7 @@ static int def_destroy_data(CONF *conf)
 	return 1;
 	}

-static int def_load(CONF *conf, const char *name, long *line)
-	{
-	int ret;
-	BIO *in=NULL;
-
-#ifdef VMS
-	in=BIO_new_file(name, "r");
-#else
-	in=BIO_new_file(name, "rb");
-#endif
-	if (in == NULL)
-		{
-		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
-		return 0;
-		}
-
-	ret = def_load_bio(conf, in, line);
-	BIO_free(in);
-
-	return ret;
-	}
-
-static int def_load_bio(CONF *conf, BIO *in, long *line)
+static int def_load(CONF *conf, BIO *in, long *line)
 	{
 #define BUFSIZE	512
 	char btmp[16];
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -73,12 +73,9 @@ static ERR_STRING_DATA CONF_str_functs[]=
 {ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0),	"NCONF_dump_bio"},
 {ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0),	"NCONF_dump_fp"},
 {ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0),	"NCONF_get_number"},
-{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER_E,0),	"NCONF_get_number_e"},
 {ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0),	"NCONF_get_section"},
 {ERR_PACK(0,CONF_F_NCONF_GET_STRING,0),	"NCONF_get_string"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD,0),	"NCONF_load"},
 {ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0),	"NCONF_load_bio"},
-{ERR_PACK(0,CONF_F_NCONF_LOAD_FP,0),	"NCONF_load_fp"},
 {ERR_PACK(0,CONF_F_NCONF_NEW,0),	"NCONF_new"},
 {ERR_PACK(0,CONF_F_STR_COPY,0),	"STR_COPY"},
 {0,NULL}
@@ -90,9 +87,6 @@ static ERR_STRING_DATA CONF_str_reasons[]=
 {CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
 {CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
 {CONF_R_NO_CONF                          ,"no conf"},
-{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE  ,"no conf or environment variable"},
-{CONF_R_NO_SECTION                       ,"no section"},
-{CONF_R_NO_VALUE                         ,"no value"},
 {CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
 {CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
 {0,NULL}
--- a/crypto/conf/conf_lib.c
+++ b/crypto/conf/conf_lib.c
@@ -156,21 +156,13 @@ char *CONF_get_string(LHASH *conf,char *group,char *name)
 long CONF_get_number(LHASH *conf,char *group,char *name)
 	{
 	CONF ctmp;
-	int status;
-	long result = 0;

 	if (default_CONF_method == NULL)
 		default_CONF_method = NCONF_default();

 	default_CONF_method->init(&ctmp);
 	ctmp.data = conf;
-	status = NCONF_get_number_e(&ctmp, group, name, &result);
-	if (status == 0)
-		{
-		/* This function does not believe in errors... */
-		ERR_get_error();
-		}
-	return result;
+	return NCONF_get_number(&ctmp, group, name);
 	}

 void CONF_free(LHASH *conf)
@@ -252,13 +244,24 @@ void NCONF_free_data(CONF *conf)

 int NCONF_load(CONF *conf, const char *file, long *eline)
 	{
-	if (conf == NULL)
+	int ret;
+	BIO *in=NULL;
+
+#ifdef VMS
+	in=BIO_new_file(file, "r");
+#else
+	in=BIO_new_file(file, "rb");
+#endif
+	if (in == NULL)
 		{
-		CONFerr(CONF_F_NCONF_LOAD,CONF_R_NO_CONF);
+		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
 		return 0;
 		}

-	return conf->meth->load(conf, file, eline);
+	ret = NCONF_load_bio(conf, in, eline);
+	BIO_free(in);
+
+	return ret;
 	}

 #ifndef NO_FP_API
@@ -268,7 +271,7 @@ int NCONF_load_fp(CONF *conf, FILE *fp,long *eline)
 	int ret;
 	if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE)))
 		{
-		CONFerr(CONF_F_NCONF_LOAD_FP,ERR_R_BUF_LIB);
+		CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
 		return 0;
 		}
 	ret = NCONF_load_bio(conf, btmp, eline);
@@ -285,7 +288,7 @@ int NCONF_load_bio(CONF *conf, BIO *bp,long *eline)
 		return 0;
 		}

-	return conf->meth->load_bio(conf, bp, eline);
+	return conf->meth->load(conf, bp, eline);
 	}

 STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section)
@@ -296,56 +299,29 @@ STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section)
 		return NULL;
 		}

-	if (section == NULL)
-		{
-		CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
-		return NULL;
-		}
-
 	return _CONF_get_section_values(conf, section);
 	}

 char *NCONF_get_string(CONF *conf,char *group,char *name)
 	{
-	char *s = _CONF_get_string(conf, group, name);
-
-        /* Since we may get a value from an environment variable even
-           if conf is NULL, let's check the value first */
-        if (s) return s;
-
 	if (conf == NULL)
 		{
-		CONFerr(CONF_F_NCONF_GET_STRING,
-                        CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
+		CONFerr(CONF_F_NCONF_GET_STRING,CONF_R_NO_CONF);
 		return NULL;
 		}
-	CONFerr(CONF_F_NCONF_GET_STRING,
-		CONF_R_NO_VALUE);
-	return NULL;
+
+	return _CONF_get_string(conf, group, name);
 	}

-int NCONF_get_number_e(CONF *conf,char *group,char *name,long *result)
+long NCONF_get_number(CONF *conf,char *group,char *name)
 	{
-	char *str;
-
-	if (result == NULL)
+	if (conf == NULL)
 		{
-		CONFerr(CONF_F_NCONF_GET_NUMBER_E,ERR_R_PASSED_NULL_PARAMETER);
+		CONFerr(CONF_F_NCONF_GET_NUMBER,CONF_R_NO_CONF);
 		return 0;
 		}
-
-	str = NCONF_get_string(conf,group,name);
-
-	if (str == NULL)
-		return 0;
-
-	for (;conf->meth->is_number(conf, *str);)
-		{
-		*result = (*result)*10 + conf->meth->to_int(conf, *str);
-		str++;
-		}
-
-	return 1;
+	
+	return _CONF_get_number(conf, group, name);
 	}

 #ifndef NO_FP_API
@@ -374,19 +350,3 @@ int NCONF_dump_bio(CONF *conf, BIO *out)
 	return conf->meth->dump(conf, out);
 	}

-/* This function should be avoided */
-#undef NCONF_get_number
-long NCONF_get_number(CONF *conf,char *group,char *name)
-	{
-	int status;
-	long ret=0;
-
-	status = NCONF_get_number_e(conf, group, name, &ret);
-	if (status == 0)
-		{
-		/* This function does not believe in errors... */
-		ERR_get_error();
-		}
-	return ret;
-	}
-
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -100,7 +100,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
 	"debug_malloc2",
 	"dso",
 	"dynlock",
-#if CRYPTO_NUM_LOCKS != 28
+	"engine",
+#if CRYPTO_NUM_LOCKS != 29
 # error "Inconsistency between crypto.h and cryptlib.c"
 #endif
 	};
--- a/crypto/crypto-lib.com
+++ b/crypto/crypto-lib.com
@@ -88,7 +88,7 @@ $! Define The Different Encryption Types.
 $!
 $ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
 		  "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ -
-		  "BN,RSA,DSA,DH,DSO,"+ -
+		  "BN,RSA,DSA,DH,DSO,ENGINE,"+ -
 		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ -
 		  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
 		  "CONF,TXT_DB,PKCS7,PKCS12,COMP"
@@ -206,13 +206,14 @@ $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err,dsa_ossl"
 $ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err"
 $ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
 	"dso_openssl,dso_win32,dso_vms"
+$ LIB_ENGINE = "engine_err,engine_lib,engine_list,engine_openssl,"+ -
+	"hw_atalla,hw_cswift,hw_ncipher"
 $ LIB_BUFFER = "buffer,buf_err"
 $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
 	"bss_mem,bss_null,bss_fd,"+ -
 	"bss_file,bss_sock,bss_conn,"+ -
 	"bf_null,bf_buff,b_print,b_dump,"+ -
-	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log,"+ -
-	"bf_lbuf"
+	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log"
 $ LIB_STACK = "stack"
 $ LIB_LHASH = "lhash,lh_stats"
 $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,rand_win"
@@ -1194,7 +1195,9 @@ $     CC = "CC"
 $     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
 	 THEN CC = "CC/DECC"
 $     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
-           "/NOLIST/PREFIX=ALL/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS
+           "/NOLIST/PREFIX=ALL" + -
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+	   CCEXTRAFLAGS
 $!
 $!    Define The Linker Options File Name.
 $!
@@ -1226,7 +1229,8 @@ $	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
 $	EXIT
 $     ENDIF
 $     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
-$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST/INCLUDE=SYS$DISK:[]" + -
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
 	   CCEXTRAFLAGS
 $     CCDEFS = """VAXC""," + CCDEFS
 $!
@@ -1258,7 +1262,8 @@ $!
 $!    Use GNU C...
 $!
 $     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
-	   "/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS
+	   "/INCLUDE=(SYS$DISK:[],SYS$DISK:[.ENGINE.VENDOR_DEFNS])" + -
+	   CCEXTRAFLAGS
 $!
 $!    Define The Linker Options File Name.
 $!
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -122,7 +122,8 @@ extern "C" {
 #define	CRYPTO_LOCK_MALLOC2		25
 #define	CRYPTO_LOCK_DSO			26
 #define	CRYPTO_LOCK_DYNLOCK		27
-#define	CRYPTO_NUM_LOCKS		28
+#define	CRYPTO_LOCK_ENGINE		28
+#define	CRYPTO_NUM_LOCKS		29

 #define CRYPTO_LOCK		1
 #define CRYPTO_UNLOCK		2
--- a/crypto/des/Makefile.ssl
+++ b/crypto/des/Makefile.ssl
@@ -57,8 +57,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 des: des.o cbc3_enc.o lib
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -271,9 +271,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt,
 #elif defined(MAC_OS_pre_X)
 	tty=stdin;
 #else
-#ifndef MPE
 	if ((tty=fopen("/dev/tty","r")) == NULL)
-#endif
 		tty=stdin;
 #endif

@@ -314,12 +312,8 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt,

 #if defined(TTY_set) && !defined(VMS)
 	if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
-#ifdef MPE 
-		; /* MPE lies -- echo really has been disabled */
-#else
 		return(-1);
 #endif
-#endif
 #ifdef VMS
 	tty_new[0] = tty_orig[0];
 	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
--- a/crypto/dh/Makefile.ssl
+++ b/crypto/dh/Makefile.ssl
@@ -39,8 +39,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
@@ -101,19 +100,39 @@ dh_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 dh_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 dh_gen.o: ../cryptlib.h
-dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dh_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dh_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dh_key.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+dh_key.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+dh_key.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+dh_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dh_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dh_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
-dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dh_lib.o: ../cryptlib.h
+dh_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dh_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+dh_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+dh_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dh_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dh_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -115,7 +115,11 @@ struct dh_st

 	int references;
 	CRYPTO_EX_DATA ex_data;
+#if 0
 	DH_METHOD *meth;
+#else
+	struct engine_st *engine;
+#endif
 	};

 #define DH_GENERATOR_2		2
@@ -150,10 +154,15 @@ struct dh_st

 DH_METHOD *DH_OpenSSL(void);

-void DH_set_default_method(DH_METHOD *meth);
-DH_METHOD *DH_get_default_method(void);
+void DH_set_default_openssl_method(DH_METHOD *meth);
+DH_METHOD *DH_get_default_openssl_method(void);
+#if 0
 DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
 DH *DH_new_method(DH_METHOD *meth);
+#else
+int DH_set_method(DH *dh, struct engine_st *engine);
+DH *DH_new_method(struct engine_st *engine);
+#endif

 DH *	DH_new(void);
 void	DH_free(DH *dh);
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -61,6 +61,7 @@
 #include <openssl/bn.h>
 #include <openssl/rand.h>
 #include <openssl/dh.h>
+#include <openssl/engine.h>

 static int generate_key(DH *dh);
 static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
@@ -72,12 +73,12 @@ static int dh_finish(DH *dh);

 int DH_generate_key(DH *dh)
 	{
-	return dh->meth->generate_key(dh);
+	return ENGINE_get_DH(dh->engine)->generate_key(dh);
 	}

 int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
 	{
-	return dh->meth->compute_key(key, pub_key, dh);
+	return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh);
 	}

 static DH_METHOD dh_ossl = {
@@ -137,8 +138,9 @@ static int generate_key(DH *dh)
 		}
 	mont=(BN_MONT_CTX *)dh->method_mont_p;

-	if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont))
-								goto err;
+	if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
+				priv_key,dh->p,&ctx,mont))
+		goto err;
 		
 	dh->pub_key=pub_key;
 	dh->priv_key=priv_key;
@@ -177,7 +179,8 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
 		}

 	mont=(BN_MONT_CTX *)dh->method_mont_p;
-	if (!dh->meth->bn_mod_exp(dh, tmp,pub_key,dh->priv_key,dh->p,&ctx,mont))
+	if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key,
+				dh->priv_key,dh->p,&ctx,mont))
 		{
 		DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
 		goto err;
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -60,6 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#include <openssl/engine.h>

 const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;

@@ -67,17 +68,32 @@ static DH_METHOD *default_DH_method;
 static int dh_meth_num = 0;
 static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;

-void DH_set_default_method(DH_METHOD *meth)
+void DH_set_default_openssl_method(DH_METHOD *meth)
 {
-	default_DH_method = meth;
+	ENGINE *e;
+	/* We'll need to notify the "openssl" ENGINE of this
+	 * change too. We won't bother locking things down at
+	 * our end as there was never any locking in these
+	 * functions! */
+	if(default_DH_method != meth)
+		{
+		default_DH_method = meth;
+		e = ENGINE_by_id("openssl");
+		if(e)
+			{
+			ENGINE_set_DH(e, meth);
+			ENGINE_free(e);
+			}
+		}
 }

-DH_METHOD *DH_get_default_method(void)
+DH_METHOD *DH_get_default_openssl_method(void)
 {
 	if(!default_DH_method) default_DH_method = DH_OpenSSL();
 	return default_DH_method;
 }

+#if 0
 DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
 {
        DH_METHOD *mtmp;
@@ -87,14 +103,37 @@ DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
        if (meth->init) meth->init(dh);
        return mtmp;
 }
+#else
+int DH_set_method(DH *dh, ENGINE *engine)
+{
+	ENGINE *mtmp;
+	DH_METHOD *meth;
+	mtmp = dh->engine;
+	meth = ENGINE_get_DH(mtmp);
+	if (!ENGINE_init(engine))
+		return 0;
+	if (meth->finish) meth->finish(dh);
+	dh->engine= engine;
+	meth = ENGINE_get_DH(engine);
+	if (meth->init) meth->init(dh);
+	/* SHOULD ERROR CHECK THIS!!! */
+	ENGINE_finish(mtmp);
+	return 1;
+}
+#endif

 DH *DH_new(void)
 {
 	return DH_new_method(NULL);
 }

+#if 0
 DH *DH_new_method(DH_METHOD *meth)
+#else
+DH *DH_new_method(ENGINE *engine)
+#endif
 	{
+	DH_METHOD *meth;
 	DH *ret;
 	ret=(DH *)OPENSSL_malloc(sizeof(DH));

@@ -103,8 +142,17 @@ DH *DH_new_method(DH_METHOD *meth)
 		DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
-	if(meth) ret->meth = meth;
-	else ret->meth = DH_get_default_method();
+	if(engine)
+		ret->engine = engine;
+	else
+		{
+		if((ret->engine=ENGINE_get_default_DH()) == NULL)
+			{
+			OPENSSL_free(ret);
+			return NULL;
+			}
+		}
+	meth = ENGINE_get_DH(ret->engine);
 	ret->pad=0;
 	ret->version=0;
 	ret->p=NULL;
@@ -119,8 +167,8 @@ DH *DH_new_method(DH_METHOD *meth)
 	ret->counter = NULL;
 	ret->method_mont_p=NULL;
 	ret->references = 1;
-	ret->flags=ret->meth->flags;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+	ret->flags=meth->flags;
+	if ((meth->init != NULL) && !meth->init(ret))
 		{
 		OPENSSL_free(ret);
 		ret=NULL;
@@ -132,6 +180,7 @@ DH *DH_new_method(DH_METHOD *meth)

 void DH_free(DH *r)
 	{
+	DH_METHOD *meth;
 	int i;
 	if(r == NULL) return;
 	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
@@ -149,7 +198,9 @@ void DH_free(DH *r)

 	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);

-	if(r->meth->finish) r->meth->finish(r);
+	meth = ENGINE_get_DH(r->engine);
+	if(meth->finish) meth->finish(r);
+	ENGINE_finish(r->engine);

 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->g != NULL) BN_clear_free(r->g);
--- a/crypto/dsa/Makefile.ssl
+++ b/crypto/dsa/Makefile.ssl
@@ -41,8 +41,7 @@ all:	lib

 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib

 files:
@@ -116,39 +115,75 @@ dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
 dsa_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
 dsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_lib.o: ../cryptlib.h
+dsa_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+dsa_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+dsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
 dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dsa_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_ossl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_ossl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_ossl.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+dsa_ossl.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+dsa_ossl.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+dsa_ossl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_ossl.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dsa_ossl.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h
 dsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+dsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+dsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+dsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
-dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+dsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+dsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 dsa_sign.o: ../../include/openssl/symhacks.h ../cryptlib.h
 dsa_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_vrf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_vrf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_vrf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/des.h ../../include/openssl/dh.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_vrf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+dsa_vrf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+dsa_vrf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+dsa_vrf.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+dsa_vrf.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 dsa_vrf.o: ../cryptlib.h
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -133,7 +133,11 @@ struct dsa_st
 	char *method_mont_p;
 	int references;
 	CRYPTO_EX_DATA ex_data;
+#if 0
 	DSA_METHOD *meth;
+#else
+	struct engine_st *engine;
+#endif
 	};

 #define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
@@ -159,12 +163,20 @@ int	DSA_do_verify(const unsigned char *dgst,int dgst_len,

 DSA_METHOD *DSA_OpenSSL(void);

-void        DSA_set_default_method(DSA_METHOD *);
-DSA_METHOD *DSA_get_default_method(void);
+void        DSA_set_default_openssl_method(DSA_METHOD *);
+DSA_METHOD *DSA_get_default_openssl_method(void);
+#if 0
 DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
+#else
+int DSA_set_method(DSA *dsa, struct engine_st *engine);
+#endif

 DSA *	DSA_new(void);
+#if 0
 DSA *	DSA_new_method(DSA_METHOD *meth);
+#else
+DSA *	DSA_new_method(struct engine_st *engine);
+#endif
 int	DSA_size(DSA *);
 	/* next 4 return -1 on error */
 int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -63,6 +63,7 @@
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/asn1.h>
+#include <openssl/engine.h>

 const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;

@@ -70,12 +71,26 @@ static DSA_METHOD *default_DSA_method;
 static int dsa_meth_num = 0;
 static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;

-void DSA_set_default_method(DSA_METHOD *meth)
+void DSA_set_default_openssl_method(DSA_METHOD *meth)
 {
-	default_DSA_method = meth;
+	ENGINE *e;
+	/* We'll need to notify the "openssl" ENGINE of this
+	 * change too. We won't bother locking things down at
+	 * our end as there was never any locking in these
+	 * functions! */
+	if(default_DSA_method != meth)
+		{
+		default_DSA_method = meth;
+		e = ENGINE_by_id("openssl");
+		if(e)
+			{
+			ENGINE_set_DSA(e, meth);
+			ENGINE_free(e);
+			}
+		}
 }

-DSA_METHOD *DSA_get_default_method(void)
+DSA_METHOD *DSA_get_default_openssl_method(void)
 {
 	if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();
 	return default_DSA_method;
@@ -86,6 +101,7 @@ DSA *DSA_new(void)
 	return DSA_new_method(NULL);
 }

+#if 0
 DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
 {
        DSA_METHOD *mtmp;
@@ -95,10 +111,33 @@ DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
        if (meth->init) meth->init(dsa);
        return mtmp;
 }
-
-
-DSA *DSA_new_method(DSA_METHOD *meth)
+#else
+int DSA_set_method(DSA *dsa, ENGINE *engine)
 	{
+	ENGINE *mtmp;
+	DSA_METHOD *meth;
+	mtmp = dsa->engine;
+	meth = ENGINE_get_DSA(mtmp);
+	if (!ENGINE_init(engine))
+		return 0;
+	if (meth->finish) meth->finish(dsa);
+	dsa->engine = engine;
+	meth = ENGINE_get_DSA(engine);
+	if (meth->init) meth->init(dsa);
+	/* SHOULD ERROR CHECK THIS!!! */
+	ENGINE_finish(mtmp);
+	return 1;
+	}
+#endif
+
+
+#if 0
+DSA *DSA_new_method(DSA_METHOD *meth)
+#else
+DSA *DSA_new_method(ENGINE *engine)
+#endif
+	{
+	DSA_METHOD *meth;
 	DSA *ret;

 	ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
@@ -107,8 +146,17 @@ DSA *DSA_new_method(DSA_METHOD *meth)
 		DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
-	if(meth) ret->meth = meth;
-	else ret->meth = DSA_get_default_method();
+	if(engine)
+		ret->engine = engine;
+	else
+		{
+		if((ret->engine=ENGINE_get_default_DSA()) == NULL)
+			{
+			OPENSSL_free(ret);
+			return NULL;
+			}
+		}
+	meth = ENGINE_get_DSA(ret->engine);
 	ret->pad=0;
 	ret->version=0;
 	ret->write_params=1;
@@ -124,8 +172,8 @@ DSA *DSA_new_method(DSA_METHOD *meth)
 	ret->method_mont_p=NULL;

 	ret->references=1;
-	ret->flags=ret->meth->flags;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+	ret->flags=meth->flags;
+	if ((meth->init != NULL) && !meth->init(ret))
 		{
 		OPENSSL_free(ret);
 		ret=NULL;
@@ -138,6 +186,7 @@ DSA *DSA_new_method(DSA_METHOD *meth)

 void DSA_free(DSA *r)
 	{
+	DSA_METHOD *meth;
 	int i;

 	if (r == NULL) return;
@@ -157,7 +206,9 @@ void DSA_free(DSA *r)

 	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);

-	if(r->meth->finish) r->meth->finish(r);
+	meth = ENGINE_get_DSA(r->engine);
+	if(meth->finish) meth->finish(r);
+	ENGINE_finish(r->engine);

 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->q != NULL) BN_clear_free(r->q);
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -64,6 +64,7 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
+#include <openssl/engine.h>

 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
@@ -195,7 +196,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		}

 	/* Compute r = (g^k mod p) mod q */
-	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+	if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
 		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;

@@ -273,7 +274,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
 #else
 	{
-	if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
+	if (!ENGINE_get_DSA(dsa->engine)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
 						dsa->p,ctx,mont)) goto err;
 	/* BN_copy(&u1,&t1); */
 	/* let u1 = u1 mod q */
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -64,10 +64,11 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
+#include <openssl/engine.h>

 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
-	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
+	return ENGINE_get_DSA(dsa->engine)->dsa_do_sign(dgst, dlen, dsa);
 	}

 int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
@@ -87,6 +88,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,

 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	{
-	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
+	return ENGINE_get_DSA(dsa->engine)->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
 	}

--- a/crypto/dsa/dsa_vrf.c
+++ b/crypto/dsa/dsa_vrf.c
@@ -65,11 +65,12 @@
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
 #include <openssl/asn1_mac.h>
+#include <openssl/engine.h>

 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		  DSA *dsa)
 	{
-	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+	return ENGINE_get_DSA(dsa->engine)->dsa_do_verify(dgst, dgst_len, sig, dsa);
 	}

 /* data has already been hashed (probably with SHA or SHA-1). */
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Richard Levitte	ce6990739e	The rest of the merge in of the main trunk, a few conflicts resolved.	2000-09-17 20:37:33 +00:00
Richard Levitte	42cc160301	Merge in the main trunk, a few conflicts resolved.	2000-09-17 20:34:31 +00:00
cvs2svn	0e61cfff53	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-17 20:04:43 +00:00
Richard Levitte	f77600524f	Since there are some big symbols, engine.h needs to include symhacks.h.	2000-09-17 18:16:02 +00:00
Richard Levitte	ebcdd0c43e	Merge from the main trunk and a 'make update'.	2000-09-17 15:56:27 +00:00
Richard Levitte	8de7587e02	Merge from main trunk.	2000-09-17 00:10:29 +00:00
cvs2svn	90ac586317	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-16 21:21:02 +00:00
Richard Levitte	15c0fb18a2	Make damn sure that it's as hard as possible to actually produce shared libraries from this branch... Of course, we need to watch out whenever a merge is happening :-).	2000-09-15 22:50:11 +00:00
Richard Levitte	f30839ecaa	Merged in the main trunk, did a 'make update', added a couple of warnings in appropriate places about building a shared library from the ENGINE source.	2000-09-15 22:36:49 +00:00
cvs2svn	eb31944f81	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-15 22:12:54 +00:00
Richard Levitte	0dcf7fd543	Merge of main trunk, conflicts resolved.	2000-09-13 21:20:49 +00:00
cvs2svn	02539402af	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-13 17:27:43 +00:00
Richard Levitte	2be9694116	Merge of main trunk, conflicts resolved.	2000-09-12 08:37:51 +00:00
cvs2svn	b46ba9b1bc	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-12 01:56:57 +00:00
Richard Levitte	8e1ec9fb37	Actually, that was perfectly correct. The fault is in the checking elsewhere.	2000-09-11 22:17:31 +00:00
Richard Levitte	dc005a7367	cswift_dsa_verify() incorrectly return -1 on error.	2000-09-11 22:15:53 +00:00
Richard Levitte	da867a51a0	Time to build the beta of the engine branch. Change version number texts accordingly.	2000-09-11 13:28:35 +00:00
Richard Levitte	25814b9690	Merge of main trunk, no conflicts this time. make update	2000-09-11 13:23:47 +00:00
Richard Levitte	0fc7c5010d	Merge of main trunk, no conflicts this time	2000-09-11 10:18:56 +00:00
cvs2svn	166e1f304b	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-11 01:04:10 +00:00
Richard Levitte	ef413a7ee8	Merge of main trunk, no conflicts this time	2000-09-09 18:10:35 +00:00
Richard Levitte	dcd4d341e1	Since C compilers on VMS (perhaps with gcc being the great exception) do not quite follow the same rules as on Unix, we need to use the FLAT_INC tweak to include the vendor-specific header files.	2000-09-09 07:14:43 +00:00
Richard Levitte	61b337bd22	Synchronise VMS with Unix.	2000-09-09 07:07:54 +00:00
Richard Levitte	06b71aec85	Merge of main trunk, no conflicts this time	2000-09-09 07:03:02 +00:00
cvs2svn	527cc9841c	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-09 01:01:36 +00:00
Geoff Thorpe	6901ba7dc8	Fix a little glitch before I forget about it. (I noticed it while reading through the diff from Richard's last commit.)	2000-09-07 17:09:05 +00:00
Richard Levitte	ab13064406	Integrate engine in most utilities. Now really tested yet.	2000-09-07 16:19:27 +00:00
Richard Levitte	192295a094	Merge main trunk to engine branch, all conflicts resolved.	2000-09-07 10:59:04 +00:00
cvs2svn	7dfded5c26	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-09-07 08:18:06 +00:00
Richard Levitte	28b3b4c6e6	Additional description of the engine code and why it was designed the way it was.	2000-08-01 17:29:22 +00:00
Geoff Thorpe	acab12fbe3	ENGINE_ctrl() had been insisting that the ENGINE supplied was already initialised for use, but one of the useful things about ENGINE_ctrl() is that it can be a useful way to provide settings that should be used during initialisation. Instead, I've altered the code to insist that the engine has a valid structural reference (rather than a functional one).	2000-08-01 12:22:14 +00:00
Richard Levitte	1ba5b1b530	Merge from main trunk, conflicts resolved	2000-08-01 12:21:46 +00:00
Geoff Thorpe	d786112124	This commit takes care of a couple of things; (a) a couple of typos in the source code (b) adds a ctrl command and handling code to enable or disable the fork() checking that CHIL can do when applications are calling fork() in their application and using the library from multiple child processes after the one initialisation. (c) adds another ctrl command to prevent the initialisation of the CHIL library from providing mutex-handling callbacks, even if the library has suitable callbacks already available. This can simplify (and optimise) applications that do not use multi-threading.	2000-07-31 15:05:30 +00:00
cvs2svn	bdecf23415	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-07-30 01:28:00 +00:00
Geoff Thorpe	03ef63ba69	Try to catch some memory leaks in the error case.	2000-07-26 22:11:13 +00:00
Richard Levitte	cb9c5dc571	Merge from main, all conflicts resolved. (I do this far too seldom...)	2000-07-12 16:34:34 +00:00
Richard Levitte	a6f8bbcad9	Avoid the conflict between () and (void)	2000-07-12 15:14:12 +00:00
cvs2svn	9f10f9beeb	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-07-08 07:56:13 +00:00
Richard Levitte	a46229b43f	Add the possibility to use an engine as random byte generator.	2000-07-07 17:13:54 +00:00
Richard Levitte	c7a48d3d00	Cut'n'paste error corrected	2000-07-07 17:08:10 +00:00
Richard Levitte	9188480827	Handle the hwcrhk private key with a bit more consistency. Also, for the random numbers generator, always return status 1 since the entropy is already presumably there...	2000-07-07 17:04:44 +00:00
Richard Levitte	2b912846b9	Some error checking when loading keys	2000-07-07 17:02:21 +00:00
Richard Levitte	854067e8e4	API change.	2000-07-07 17:00:36 +00:00
Richard Levitte	eb2f937b93	Change the overall RAND routines to actually make use of engines. This seems to work, but I'm a little unsure that I got it all right, and would like this to be reviewed.	2000-07-07 16:57:16 +00:00
Richard Levitte	64c4f5732d	Add the possibility to load prvate and public keys from an engine and implement it for nCipher hardware. The interface in itself should be clear enough, but the nCipher implementation is currently not the best when it comes to getting a passphrase from the user. However, getting it better is a little hard until a better user interaction method is create. Also, use the possibility in req, so we can start to create CSR's with keys from the nForce box. WARNING: I've made no tests yet, mostly because I didn't implement this on the machine where I have an nForce box to play with. All I know is that it compiles cleanly on Linux...	2000-07-06 18:40:10 +00:00
Richard Levitte	f3052a9eee	Don't initialise the pointers to mutex functions directly in the structure. This is correctly taken care of by hwcrhk_init(). While we're at it, give this engine the official name of the library used (CHIL, for Cryptographic Hardware Interface Library).	2000-07-05 16:00:18 +00:00
Richard Levitte	e1e9ead6fb	Merge in the latest changes from the main trunk, and extra in apps/speed.c	2000-06-30 17:52:33 +00:00
Richard Levitte	5ac85984ec	Check for missing engine name, and also, do not count up the number of given algorithms when an engine is given	2000-06-30 15:58:37 +00:00
Richard Levitte	e11b297730	p_CSwift_AttachKeyParam actually returns more than one kind of error. Detect the input size error, treat any that are not specially checked as 'request failed', not as 'provide parameters', and for those, add the actual status code to the error message	2000-06-30 15:54:48 +00:00
Richard Levitte	48555cf0fc	Cryptoswitch actually has a few more statuses than SW_OK. Let's provide the possibility for a better granularity in error checking	2000-06-30 15:52:07 +00:00
Richard Levitte	ae02fc5348	Make it possible to turn off compilation of hardware support through the configuration parameter 'no-hw'.	2000-06-30 11:02:02 +00:00
Richard Levitte	93e147dd32	`make update'	2000-06-29 21:26:46 +00:00
Richard Levitte	3257904c56	It makes much more sense and is much more consistent with the rest of OpenSSL to have to opt out hardware support instead of having to opt it in. And since the hardware support modules are self-contained and actually check that the vendor stuff is loadable, it still works as expected, or at least, so I think...	2000-06-29 21:20:14 +00:00
Richard Levitte	2a7619d762	Give the programmer of extra engines the possibility to actually make it functional :-).	2000-06-29 16:33:59 +00:00
Richard Levitte	70d03c4f59	Make the use of logstream thread-safe.	2000-06-29 16:32:34 +00:00
Richard Levitte	5971d37400	Use the new control to add a log stream.	2000-06-29 16:17:28 +00:00
Richard Levitte	d813a428a7	When closing the hwcrhk engine, also remove the reference to the logstream.	2000-06-29 16:16:50 +00:00
Richard Levitte	3b2972d8d9	Add the possibility to control some engine internals.	2000-06-29 14:26:07 +00:00
Richard Levitte	2165d91196	Rename 'hwcrhk' to 'ncipher' in all public symbols. Redo the logging function so it takes a BIO. Make module-local functions static	2000-06-29 13:00:07 +00:00
Richard Levitte	fc99c92835	The error ENGINE_R_HWCRYPTOHOOK_REPORTS should never have been used	2000-06-29 12:58:52 +00:00
Richard Levitte	1dde74f229	Rename 'hwcrhk' to 'ncipher' in all public symbols	2000-06-26 23:15:16 +00:00
Geoff Thorpe	665b5ab5a7	Strange how one line can make a world of difference, particularly when the one line turns an error return value into a success return value. :-) "openssl speed -engine hwcrhk rsa1024" now passes through ok.	2000-06-26 15:58:33 +00:00
Geoff Thorpe	13232559fc	Get rid of those annoying "?"s from cvs update :-)	2000-06-26 13:36:04 +00:00
Richard Levitte	1b2f8b6e2a	Things merged from the main trunk, among others some well needed Win32 fixes.	2000-06-23 22:24:53 +00:00
Geoff Thorpe	ccd98b43ed	'make update' in the engine branch.	2000-06-20 14:12:35 +00:00
Geoff Thorpe	d32e8acf08	Now that the branch has been updated with the DSO changes in the head, correct the DSO-dependant code in the engine code.	2000-06-20 13:59:48 +00:00
Richard Levitte	d8c4d0e819	Merge of stuff from main trunk, all conflicts resolved, and addition of dynamic lock support in the nCipher code.	2000-06-19 17:35:39 +00:00
Richard Levitte	b215f70a0e	Merge of stuff from main trunk, all conflicts resolved, and addition of dynamic lock support in the nCipher code.	2000-06-19 17:28:22 +00:00
Richard Levitte	7ed20a2158	Merge of stuff from main trunk, all conflicts resolved.	2000-06-19 14:44:57 +00:00
Geoff Thorpe	6c62150674	The README for the engine code was quite out of date. Hopefully it is now less so.	2000-06-15 17:50:08 +00:00
Geoff Thorpe	aa23a57918	(1) In the atalla initialisation, use the test from Ben's earlier Atalla code to see if the accelerator is running. (2) Turn some spaces into tabs.	2000-06-15 17:32:42 +00:00
Geoff Thorpe	8e2c277353	Ah, ok so my problem had been typographical rather than philosophical. It's cute to observe that Atalla having no RSA-specific form of mod_exp causes a DSA server to achieve about 6 times as many signatures per second than an RSA server. :-)	2000-06-15 17:14:45 +00:00
Geoff Thorpe	f18ef82a9f	Little typo.	2000-06-14 17:54:28 +00:00
Geoff Thorpe	cc015c48db	This adds Atalla support code to the ENGINE framework. If you have an Atalla card, you should be able to compile with the "hw-atalla" switch with "./config" or "perl Configure", and then you can use the command- line switch "-engine atalla" inside speed, s_cient and s_server (after checking out note (1)). Notes: (1) I've turned on native name translation when loading the shared- library, but this means that the Unix shared library needs to be libatasi.so rather than atasi.so. I got around this in my testing by creating a symbollic link from /usr/lib/libatasi.so to the real library, but something better will be needed. It also assumes in win32 that the DLL will be called atasi.dll - but as I don't have a win32/atalla environment to try I have no idea yet if this is the case. (2) Currently DSA verifies are not accelerated because I haven't yet got a mod_exp-based variant of BN_mod_exp2_mont() that yields correct results. (3) Currently the "init()" doesn't fail if the shared library can load successfully but the card is not operational. In this case, the ENGINE_init() call will succeed, but all RSA, DSA, DH, and the two BN_*** operations will fail until the ENGINE is switched back to something that does work. I expect to correct this next. (4) Although the API for the Atalla card just has the one crypto function suggesting an RSA private key operation - this is in fact just a straight mod_exp function that ignores all the RSA key parameters except the (private) exponent and modulus. This is why the only accelerator work is taking place inside the mod_exp function and there's no optimisation of RSA private key operations based on CRT etc.	2000-06-14 17:04:10 +00:00
Richard Levitte	9a4051050c	Geoff inspired me to nullify some pointers if initialisation went wrong. Additionally, just give a new value to hndidx once.	2000-06-14 16:57:57 +00:00
Geoff Thorpe	4c4ea428cc	DSO_bind() is effectively a method-specific wrapper for dlopen() or whatever the underlying API is. It must return (void *) because shared libraries can expose functions, structures, or whatever. However, some compilers give loads of warnings about casted function pointers through this code, so I am explicitly casting them to the right prototypes.	2000-06-14 14:28:16 +00:00
Geoff Thorpe	28e94dc70d	I'm working on Atalla ENGINE code, and the existing bn_exp.c hooks (initiated by ./config and the presence of SDK headers) are conflicting.	2000-06-14 13:27:47 +00:00
Geoff Thorpe	f812743544	If initialisation fails for any reason, the global function pointers should be NULL'd out.	2000-06-14 13:24:37 +00:00
Geoff Thorpe	87f3435f78	This hooks the "hwcrhk" engine Richard just submitted into the default engine list if HW_NCIPHER is defined. I want to play :-)	2000-06-13 18:11:38 +00:00
Richard Levitte	86787f93d6	- merged in the latest from the main trunk, fixed all conflicts - implemented nCipher support via the nfhwcrhk library (not well tested). - make update + make depend	2000-06-13 16:21:06 +00:00
Geoff Thorpe	05d909c549	* Migrate the engine code's Malloc + Free calls to the newer OPENSSL_malloc and OPENSSL_free. * 3 "normal" files (crypto/rsa/rsa_lib.c, crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c) had their Malloc's and Free's missed when Richard merged the changes across to this branch - probably because those files have been changed in this branch and gave some grief to the merge - so I've changed them manually here.	2000-06-09 11:42:02 +00:00
Richard Levitte	d44c7dcf00	Merge in code from main trunk to BRANCH_engine.	2000-06-08 11:00:37 +00:00
cvs2svn	5decfb7002	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-06-01 22:19:22 +00:00
Geoff Thorpe	50008364a6	Update the relevant parts of the docs with the ENGINE changes. I've also unbolded a few bits that looked unecessary.	2000-05-30 13:52:45 +00:00
Richard Levitte	6a1129837a	Main trunk changes merged into BRANCH_engine. There were no conflicts, which is a good thing. Propper tagging of merge point done.	2000-05-30 07:16:56 +00:00
cvs2svn	20ca3d49e7	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-05-30 02:21:16 +00:00
Geoff Thorpe	f156d5495d	"handle", "h" and even "e" were probably not the best terms to use. The original idea of "handle" was that it represented a functional reference to an ENGINE (rather than just a pointer), but on reflection I think this now looks a little more readable.	2000-05-29 16:24:42 +00:00
Geoff Thorpe	96d7e0ece7	This adds DSA signature verification to the CryptoSwift support.	2000-05-29 13:01:34 +00:00
Geoff Thorpe	974e22704d	"make update"	2000-05-29 11:21:29 +00:00
Geoff Thorpe	835475a2d6	Tie DSA into the engine framework as with RSA and DH so far. I've verified this integration with a web-server using CryptoSwift engine code with RSA and DSA certificates (and with EDH cipher suites).	2000-05-29 11:07:38 +00:00
Geoff Thorpe	a26f2b5e62	General tidy up of existing code, and add first half of DSA support for CryptoSwift (this currently only does signing, verification will be hooked in shortly).	2000-05-29 10:59:46 +00:00
Geoff Thorpe	67e08eb185	The engine code has changed the "[get\|set]_default_method" functions a bit, so bring libeay.num up to date.	2000-05-29 04:55:26 +00:00
Geoff Thorpe	0b4cb28f39	Update dependencies courtesy of "make update". Changes to libeay.num coming up soon after some more tinkering. Submitted by: Reviewed by: PR:	2000-05-29 00:54:36 +00:00
Geoff Thorpe	9c5ed502ee	This hooks the DH code into the engine framework in the same way that has already been done for RSA. The others (DSA + RAND) will probably follow in the near future too, but DH is easiest to test with RSA because one can just force the use of the EDH cipher-suites.	2000-05-29 00:46:47 +00:00
Geoff Thorpe	6111f7408b	Provide command line options to s_client and s_server to select an "engine" to use.	2000-05-28 23:00:20 +00:00
Geoff Thorpe	b6577e040e	The switch to having an (ENGINE ) handle inside each RSA structure rather than (RSA_METHOD ) required a couple of functions to change shape. I didn't really pick the best shape to change RSA_set_method into though. :-) There's nothing really appropriate to return from RSA_set_method; the temptation to return an "old handle" fails when you consider that the caller might ignore the return value and so botch up the reference counting, this wasn't an issue before because there was no reference counting.	2000-05-28 22:54:51 +00:00
Geoff Thorpe	bb51f21728	Update the test program to compile and run with the changes I just made to ENGINE_new (and ENGINE_get_struct_size).	2000-05-26 15:43:28 +00:00
Geoff Thorpe	0e0e569cbf	Prevent calling code from doing the allocation of the ENGINE structure. This was a bad idea in the first place, in particular it would have made it trickier to implement error-handling, particularly when shutting down third-party shared libraries etc.	2000-05-26 15:21:47 +00:00
Richard Levitte	71c8e9f1c3	Added Geoff's latest changes, which seems to mostly be DH stuff and a README. Oh, and a test program.	2000-05-25 21:21:03 +00:00
Richard Levitte	e759b095d4	Add code and changes to implement the ENGINE mechanism. These are the patches that Geoff had in a patch file in his play directory. NOTE for openssl-cvs: THIS IS A CVS BRANCH (BRANCH_engine). IT IS NOT FOR THE FAINTHEARTED TO PLAY WITH. The code works as it is, but it's not at all sure it ends up in the OpenSSL distributio in this form, so do not get dependent on it! Those rsyncing the repository are considered warned!	2000-05-25 19:55:54 +00:00
cvs2svn	afa0598f06	This commit was manufactured by cvs2svn to create branch 'BRANCH_engine'.	2000-05-25 13:20:12 +00:00