This commit was manufactured by cvs2svn to create tag 'OpenSSL_0_9_6-beta1'.

This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.
2000-10-10 09:15:50 +00:00 · 2000-10-10 09:15:48 +00:00 · 2000-10-10 09:15:47 +00:00 · 2000-10-09 16:40:16 +00:00 · 2000-10-09 01:57:54 +00:00 · 2000-10-09 00:50:04 +00:00
13 changed files with 36 additions and 535 deletions
--- a/2
+++ b/2
@@ -1,5 +1,5 @@

- OpenSSL 0.9.5a  1 Apr 2000
+ OpenSSL 0.9.6-beta1 11 Sep 2000

 Copyright (c) 1998-2000 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
--- a/5
+++ b/5
@@ -1,10 +1,11 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/09/07 08:14:46 $
+  ______________                           $Date: 2000/09/11 12:39:43 $

  DEVELOPMENT STATE

-    o  OpenSSL 0.9.6:  Under development...
+    o  OpenSSL 0.9.6:  Under development (in release cycle)...
+                       Proposed release date September 24, 2000
    o  OpenSSL 0.9.5a: Released on April     1st, 2000
    o  OpenSSL 0.9.5:  Released on February 28th, 2000
    o  OpenSSL 0.9.4:  Released on August   09th, 1999
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -36,6 +36,7 @@
 # default openssl.cnf file has setup as per the following
 # demoCA ... where everything is stored

+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
 $DAYS="-days 365";
 $REQ="openssl req $SSLEAY_CONFIG";
 $CA="openssl ca $SSLEAY_CONFIG";
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,8 +25,8 @@
 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
 *  major minor fix final patch/beta)
 */
-#define OPENSSL_VERSION_NUMBER	0x00905820L
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.5b-dev 1 Apr 2000"
+#define OPENSSL_VERSION_NUMBER	0x00906001L
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.6-beta1 11 Sep 2000"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT


@@ -79,7 +79,7 @@
 * should only keep the versions that are binary compatible with the current.
 */
 #define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "0.9.5b"
+#define SHLIB_VERSION_NUMBER "0.9.6"


 #endif /* HEADER_OPENSSLV_H */
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -236,7 +236,7 @@ int RAND_poll(void)
 		if (cursor)
 			{
 			/* cursor position */
-			cursor(buf);
+			cursor((PCURSORINFO)buf);
 			RAND_add(buf, sizeof(buf), 0);
 			}

--- a/demos/pkcs12/README
+++ b/demos/pkcs12/README
@@ -1,3 +0,0 @@
-PKCS#12 demo applications
-
-Written by Steve Henson.
--- a/demos/pkcs12/pkread.c
+++ b/demos/pkcs12/pkread.c
@@ -1,61 +0,0 @@
-/* pkread.c */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Simple PKCS#12 file reader */
-
-int main(int argc, char **argv)
-{
-	FILE *fp;
-	EVP_PKEY *pkey;
-	X509 *cert;
-	STACK_OF(X509) *ca = NULL;
-	PKCS12 *p12;
-	int i;
-	if (argc != 4) {
-		fprintf(stderr, "Usage: pkread p12file password opfile\n");
-		exit (1);
-	}
-	SSLeay_add_all_algorithms();
-	ERR_load_crypto_strings();
-	if (!(fp = fopen(argv[1], "rb"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	p12 = d2i_PKCS12_fp(fp, NULL);
-	fclose (fp);
-	if (!p12) {
-		fprintf(stderr, "Error reading PKCS#12 file\n");
-		ERR_print_errors_fp(stderr);
-		exit (1);
-	}
-	if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
-		fprintf(stderr, "Error parsing PKCS#12 file\n");
-		ERR_print_errors_fp(stderr);
-		exit (1);
-	}
-	PKCS12_free(p12);
-	if (!(fp = fopen(argv[3], "w"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	if (pkey) {
-		fprintf(fp, "***Private Key***\n");
-		PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL);
-	}
-	if (cert) {
-		fprintf(fp, "***User Certificate***\n");
-		PEM_write_X509_AUX(fp, cert);
-	}
-	if (ca && sk_num(ca)) {
-		fprintf(fp, "***Other Certificates***\n");
-		for (i = 0; i < sk_X509_num(ca); i++) 
-		    PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
-	}
-	fclose(fp);
-	return 0;
-}
--- a/demos/pkcs12/pkwrite.c
+++ b/demos/pkcs12/pkwrite.c
@@ -1,46 +0,0 @@
-/* pkwrite.c */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Simple PKCS#12 file creator */
-
-int main(int argc, char **argv)
-{
-	FILE *fp;
-	EVP_PKEY *pkey;
-	X509 *cert;
-	PKCS12 *p12;
-	if (argc != 5) {
-		fprintf(stderr, "Usage: pkwrite infile password name p12file\n");
-		exit(1);
-	}
-	SSLeay_add_all_algorithms();
-	ERR_load_crypto_strings();
-	if (!(fp = fopen(argv[1], "r"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		exit(1);
-	}
-	cert = PEM_read_X509(fp, NULL, NULL, NULL);
-	rewind(fp);
-	pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
-	fclose(fp);
-	p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0,0,0,0,0);
-	if(!p12) {
-		fprintf(stderr, "Error creating PKCS#12 structure\n");
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-	if (!(fp = fopen(argv[4], "wb"))) {
-		fprintf(stderr, "Error opening file %s\n", argv[1]);
-		ERR_print_errors_fp(stderr);
-		exit(1);
-	}
-	i2d_PKCS12_fp(fp, p12);
-	PKCS12_free(p12);
-	fclose(fp);
-	return 0;
-}
--- a/demos/state_machine/.cvsignore
+++ b/demos/state_machine/.cvsignore
@@ -1 +0,0 @@
-state_machine
--- a/demos/state_machine/Makefile
+++ b/demos/state_machine/Makefile
@@ -1,9 +0,0 @@
-CFLAGS=-I../../include -Wall -Werror -g
-
-all: state_machine
-
-state_machine: state_machine.o
-	$(CC) -o state_machine state_machine.o -L../.. -lssl -lcrypto
-
-test: state_machine
-	./state_machine 10000 ../../apps/server.pem ../../apps/server.pem
--- a/demos/state_machine/state_machine.c
+++ b/demos/state_machine/state_machine.c
@@ -1,395 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Nuron, a leader in hardware encryption technology, generously
- * sponsored the development of this demo by Ben Laurie.
- *
- * See http://www.nuron.com/.
- */
-
-/*
- * the aim of this demo is to provide a fully working state-machine
- * style SSL implementation, i.e. one where the main loop acquires
- * some data, then converts it from or to SSL by feeding it into the
- * SSL state machine. It then does any I/O required by the state machine
- * and loops.
- *
- * In order to keep things as simple as possible, this implementation
- * listens on a TCP socket, which it expects to get an SSL connection
- * on (for example, from s_client) and from then on writes decrypted
- * data to stdout and encrypts anything arriving on stdin. Verbose
- * commentary is written to stderr.
- *
- * This implementation acts as a server, but it can also be done for a client.  */
-
-#include <openssl/ssl.h>
-#include <assert.h>
-#include <unistd.h>
-#include <string.h>
-#include <openssl/err.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-
-/* die_unless is intended to work like assert, except that it happens
-   always, even if NDEBUG is defined. Use assert as a stopgap. */
-
-#define die_unless(x)	assert(x)
-
-typedef struct
-    {
-    SSL_CTX *pCtx;
-    BIO *pbioRead;
-    BIO *pbioWrite;
-    SSL *pSSL;
-    } SSLStateMachine;
-
-void SSLStateMachine_print_error(SSLStateMachine *pMachine,const char *szErr)
-    {
-    unsigned long l;
-
-    fprintf(stderr,"%s\n",szErr);
-    while((l=ERR_get_error()))
-	{
-	char buf[1024];
-
-	ERR_error_string_n(l,buf,sizeof buf);
-	fprintf(stderr,"Error %lx: %s\n",l,buf);
-	}
-    }
-
-SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
-				     const char *szKeyFile)
-    {
-    SSLStateMachine *pMachine=malloc(sizeof *pMachine);
-    int n;
-
-    die_unless(pMachine);
-
-    pMachine->pCtx=SSL_CTX_new(SSLv23_server_method());
-    die_unless(pMachine->pCtx);
-
-    n=SSL_CTX_use_certificate_file(pMachine->pCtx,szCertificateFile,
-				   SSL_FILETYPE_PEM);
-    die_unless(n > 0);
-
-    n=SSL_CTX_use_PrivateKey_file(pMachine->pCtx,szKeyFile,SSL_FILETYPE_PEM);
-    die_unless(n > 0);
-
-    pMachine->pSSL=SSL_new(pMachine->pCtx);
-    die_unless(pMachine->pSSL);
-
-    pMachine->pbioRead=BIO_new(BIO_s_mem());
-
-    pMachine->pbioWrite=BIO_new(BIO_s_mem());
-
-    SSL_set_bio(pMachine->pSSL,pMachine->pbioRead,pMachine->pbioWrite);
-
-    SSL_set_accept_state(pMachine->pSSL);
-
-    return pMachine;
-    }
-
-void SSLStateMachine_read_inject(SSLStateMachine *pMachine,
-				 const unsigned char *aucBuf,int nBuf)
-    {
-    int n=BIO_write(pMachine->pbioRead,aucBuf,nBuf);
-    /* If it turns out this assert fails, then buffer the data here
-     * and just feed it in in churn instead. Seems to me that it
-     * should be guaranteed to succeed, though.
-     */
-    assert(n == nBuf);
-    fprintf(stderr,"%d bytes of encrypted data fed to state machine\n",n);
-    }
-
-int SSLStateMachine_read_extract(SSLStateMachine *pMachine,
-				 unsigned char *aucBuf,int nBuf)
-    {
-    int n;
-
-    if(!SSL_is_init_finished(pMachine->pSSL))
-	{
-	fprintf(stderr,"Doing SSL_accept\n");
-	n=SSL_accept(pMachine->pSSL);
-	if(n == 0)
-	    fprintf(stderr,"SSL_accept returned zero\n");
-	if(n < 0)
-	    {
-	    int err;
-
-	    if((err=SSL_get_error(pMachine->pSSL,n)) == SSL_ERROR_WANT_READ)
-		{
-		fprintf(stderr,"SSL_accept wants more data\n");
-		return 0;
-		}
-
-	    SSLStateMachine_print_error(pMachine,"SSL_accept error");
-	    exit(7);
-	    }
-	return 0;
-	}
-
-    n=SSL_read(pMachine->pSSL,aucBuf,nBuf);
-    if(n < 0)
-	{
-	int err=SSL_get_error(pMachine->pSSL,n);
-
-	if(err == SSL_ERROR_WANT_READ)
-	    {
-	    fprintf(stderr,"SSL_read wants more data\n");
-	    return 0;
-	    }
-	}
-
-    fprintf(stderr,"%d bytes of decrypted data read from state machine\n",n);
-    return n;
-    }
-
-int SSLStateMachine_write_can_extract(SSLStateMachine *pMachine)
-    {
-    int n=BIO_pending(pMachine->pbioWrite);
-    if(n)
-	fprintf(stderr,"There is encrypted data available to write\n");
-    else
-	fprintf(stderr,"There is no encrypted data available to write\n");
-
-    return n;
-    }
-
-int SSLStateMachine_write_extract(SSLStateMachine *pMachine,
-				  unsigned char *aucBuf,int nBuf)
-    {
-    int n;
-
-    n=BIO_read(pMachine->pbioWrite,aucBuf,nBuf);
-    fprintf(stderr,"%d bytes of encrypted data read from state machine\n",n);
-    return n;
-    }
-
-void SSLStateMachine_write_inject(SSLStateMachine *pMachine,
-				  const unsigned char *aucBuf,int nBuf)
-    {
-    int n=SSL_write(pMachine->pSSL,aucBuf,nBuf);
-    /* If it turns out this assert fails, then buffer the data here
-     * and just feed it in in churn instead. Seems to me that it
-     * should be guaranteed to succeed, though.
-     */
-    assert(n == nBuf);
-    fprintf(stderr,"%d bytes of unencrypted data fed to state machine\n",n);
-    }
-
-int OpenSocket(int nPort)
-    {
-    int nSocket;
-    struct sockaddr_in saServer;
-    struct sockaddr_in saClient;
-    int one=1;
-    int nSize;
-    int nFD;
-    int nLen;
-
-    nSocket=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
-    if(nSocket < 0)
-	{
-	perror("socket");
-	exit(1);
-	}
-
-    if(setsockopt(nSocket,SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof one) < 0)
-	{
-	perror("setsockopt");
-        exit(2);
-	}
-
-    memset(&saServer,0,sizeof saServer);
-    saServer.sin_family=AF_INET;
-    saServer.sin_port=htons(nPort);
-    nSize=sizeof saServer;
-    if(bind(nSocket,(struct sockaddr *)&saServer,nSize) < 0)
-	{
-	perror("bind");
-	exit(3);
-	}
-
-    if(listen(nSocket,512) < 0)
-	{
-	perror("listen");
-	exit(4);
-	}
-
-    nLen=sizeof saClient;
-    nFD=accept(nSocket,(struct sockaddr *)&saClient,&nLen);
-    if(nFD < 0)
-	{
-	perror("accept");
-	exit(5);
-	}
-
-    fprintf(stderr,"Incoming accepted on port %d\n",nPort);
-
-    return nFD;
-    }
-
-int main(int argc,char **argv)
-    {
-    SSLStateMachine *pMachine;
-    int nPort;
-    int nFD;
-    const char *szCertificateFile;
-    const char *szKeyFile;
-
-    if(argc != 4)
-	{
-	fprintf(stderr,"%s <port> <certificate file> <key file>\n",argv[0]);
-	exit(6);
-	}
-
-    nPort=atoi(argv[1]);
-    szCertificateFile=argv[2];
-    szKeyFile=argv[3];
-
-    SSL_library_init();
-    OpenSSL_add_ssl_algorithms();
-    SSL_load_error_strings();
-    ERR_load_crypto_strings();
-
-    nFD=OpenSocket(nPort);
-
-    pMachine=SSLStateMachine_new(szCertificateFile,szKeyFile);
-
-    for( ; ; )
-	{
-	fd_set rfds,wfds;
-	unsigned char buf[1024];
-	int n;
-
-	FD_ZERO(&rfds);
-	FD_ZERO(&wfds);
-
-	/* Select socket for input */
-	FD_SET(nFD,&rfds);
-
-	/* Select socket for output */
-	if(SSLStateMachine_write_can_extract(pMachine))
-	    FD_SET(nFD,&wfds);
-
-	/* Select stdin for input */
-	FD_SET(0,&rfds);
-
-	/* Wait for something to do something */
-	n=select(nFD+1,&rfds,&wfds,NULL,NULL);
-	assert(n > 0);
-
-	/* Socket is ready for input */
-	if(FD_ISSET(nFD,&rfds))
-	    {
-	    n=read(nFD,buf,sizeof buf);
-	    if(n == 0)
-		{
-		fprintf(stderr,"Got EOF on socket\n");
-		exit(0);
-		}
-	    assert(n > 0);
-
-	    SSLStateMachine_read_inject(pMachine,buf,n);
-	    }
-
-	/* FIXME: we should only extract if stdout is ready */
-	n=SSLStateMachine_read_extract(pMachine,buf,n);
-	if(n < 0)
-	    {
-	    SSLStateMachine_print_error(pMachine,"read extract failed");
-	    break;
-	    }
-	assert(n >= 0);
-	if(n > 0)
-	    {
-	    int w;
-
-	    w=write(1,buf,n);
-	    /* FIXME: we should push back any unwritten data */
-	    assert(w == n);
-	    }
-
-	/* Socket is ready for output (and therefore we have output to send) */
-	if(FD_ISSET(nFD,&wfds))
-	    {
-	    int w;
-
-	    n=SSLStateMachine_write_extract(pMachine,buf,sizeof buf);
-	    assert(n > 0);
-
-	    w=write(nFD,buf,n);
-	    /* FIXME: we should push back any unwritten data */
-	    assert(w == n);
-	    }
-
-	/* Stdin is ready for input */
-	if(FD_ISSET(0,&rfds))
-	    {
-	    n=read(0,buf,sizeof buf);
-	    if(n == 0)
-		{
-		fprintf(stderr,"Got EOF on stdin\n");
-		exit(0);
-		}
-	    assert(n > 0);
-
-	    SSLStateMachine_write_inject(pMachine,buf,n);
-	    }
-	}
-    /* not reached */
-    return 0;
-    }
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1812,15 +1812,21 @@ d2i_RSA_NET                             2408	EXIST::FUNCTION:RSA
 DSO_bind_func                           2409	EXIST::FUNCTION:
 CRYPTO_get_new_dynlockid                2410	EXIST::FUNCTION:
 sk_new_null                             2411	EXIST::FUNCTION:
-CRYPTO_set_dynlock_destroy_callback     2412	EXIST::FUNCTION:
+CRYPTO_set_dynlock_destroy_callback     2412	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_destroy_cb           2412	EXIST:VMS:FUNCTION:
 CRYPTO_destroy_dynlockid                2413	EXIST::FUNCTION:
 CRYPTO_set_dynlock_size                 2414	NOEXIST::FUNCTION:
-CRYPTO_set_dynlock_create_callback      2415	EXIST::FUNCTION:
-CRYPTO_set_dynlock_lock_callback        2416	EXIST::FUNCTION:
-CRYPTO_get_dynlock_lock_callback        2417	EXIST::FUNCTION:
-CRYPTO_get_dynlock_destroy_callback     2418	EXIST::FUNCTION:
+CRYPTO_set_dynlock_create_callback      2415	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_create_cb            2415	EXIST:VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_callback        2416	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_cb              2416	EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_callback        2417	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_cb              2417	EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_callback     2418	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_cb           2418	EXIST:VMS:FUNCTION:
 CRYPTO_get_dynlock_value                2419	EXIST::FUNCTION:
-CRYPTO_get_dynlock_create_callback      2420	EXIST::FUNCTION:
+CRYPTO_get_dynlock_create_callback      2420	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_create_cb            2420	EXIST:VMS:FUNCTION:
 c2i_ASN1_BIT_STRING                     2421	EXIST::FUNCTION:
 i2c_ASN1_BIT_STRING                     2422	EXIST::FUNCTION:
 RAND_poll                               2423	EXIST::FUNCTION:
@@ -1860,3 +1866,5 @@ des_set_weak_key_flag                   2456	EXIST::VARIABLE:DES
 des_check_key                           2457	EXIST::VARIABLE:DES
 des_rw_mode                             2458	EXIST::VARIABLE:DES
 RSA_PKCS1_RSAref                        2459	EXIST:RSAREF:FUNCTION:RSA
+X509_keyid_set1                         2460	EXIST::FUNCTION:
+BIO_next                                2461	EXIST::FUNCTION:
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -11,7 +11,6 @@ SSL_CTX_get_verify_callback             10	EXIST::FUNCTION:
 SSL_CTX_get_verify_mode                 11	EXIST::FUNCTION:
 SSL_CTX_new                             12	EXIST::FUNCTION:
 SSL_CTX_remove_session                  13	EXIST::FUNCTION:
-SSL_CTX_set_cert_verify_cb              14	NOEXIST::FUNCTION:
 SSL_CTX_set_cipher_list                 15	EXIST::FUNCTION:
 SSL_CTX_set_client_CA_list              16	EXIST::FUNCTION:
 SSL_CTX_set_default_passwd_cb           17	EXIST::FUNCTION:
@@ -127,7 +126,8 @@ SSL_SESSION_set_timeout                 137	EXIST::FUNCTION:
 SSL_CTX_get_ex_data                     138	EXIST::FUNCTION:
 SSL_CTX_get_quiet_shutdown              140	EXIST::FUNCTION:
 SSL_CTX_load_verify_locations           141	EXIST::FUNCTION:
-SSL_CTX_set_default_verify_paths        142	EXIST::FUNCTION:
+SSL_CTX_set_default_verify_paths        142	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_verify_paths            142	EXIST:VMS:FUNCTION:
 SSL_CTX_set_ex_data                     143	EXIST::FUNCTION:
 SSL_CTX_set_quiet_shutdown              145	EXIST::FUNCTION:
 SSL_SESSION_get_ex_data                 146	EXIST::FUNCTION:
@@ -154,7 +154,8 @@ TLSv1_server_method                     171	EXIST::FUNCTION:
 TLSv1_client_method                     172	EXIST::FUNCTION:
 BIO_new_buffer_ssl_connect              173	EXIST::FUNCTION:
 BIO_new_ssl_connect                     174	EXIST::FUNCTION:
-SSL_get_ex_data_X509_STORE_CTX_idx      175	EXIST::FUNCTION:
+SSL_get_ex_data_X509_STORE_CTX_idx      175	EXIST:!VMS:FUNCTION:
+SSL_get_ex_d_X509_STORE_CTX_idx         175	EXIST:VMS:FUNCTION:
 SSL_CTX_set_tmp_dh_callback             176	EXIST::FUNCTION:DH
 SSL_CTX_set_tmp_rsa_callback            177	EXIST::FUNCTION:RSA
 SSL_CTX_set_timeout                     178	EXIST::FUNCTION:
@@ -164,19 +165,24 @@ SSL_CTX_set_cert_store                  181	EXIST::FUNCTION:
 SSL_want                                182	EXIST::FUNCTION:
 SSL_library_init                        183	EXIST::FUNCTION:
 SSL_COMP_add_compression_method         184	EXIST::FUNCTION:
-SSL_add_file_cert_subjects_to_stack     185	EXIST::FUNCTION:
+SSL_add_file_cert_subjects_to_stack     185	EXIST:!VMS:FUNCTION:
+SSL_add_file_cert_subjs_to_stk          185	EXIST:VMS:FUNCTION:
 SSL_set_tmp_rsa_callback                186	EXIST::FUNCTION:RSA
 SSL_set_tmp_dh_callback                 187	EXIST::FUNCTION:DH
 SSL_add_dir_cert_subjects_to_stack      188	NOEXIST::FUNCTION:
+SSL_add_dir_cert_subjs_to_stk           188	EXIST:VMS:FUNCTION:
 SSL_set_session_id_context              189	EXIST::FUNCTION:
-SSL_CTX_use_certificate_chain_file      222	EXIST::FUNCTION:
+SSL_CTX_use_certificate_chain_file      222	EXIST:!VMS:FUNCTION:
+SSL_CTX_use_cert_chain_file             222	EXIST:VMS:FUNCTION:
 SSL_CTX_set_verify_depth                225	EXIST::FUNCTION:
 SSL_set_verify_depth                    226	EXIST::FUNCTION:
 SSL_CTX_get_verify_depth                228	EXIST::FUNCTION:
 SSL_get_verify_depth                    229	EXIST::FUNCTION:
 SSL_CTX_set_session_id_context          231	EXIST::FUNCTION:
-SSL_CTX_set_cert_verify_callback        232	EXIST::FUNCTION:
-SSL_CTX_set_default_passwd_cb_userdata  235	EXIST::FUNCTION:
+SSL_CTX_set_cert_verify_callback        232	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_cert_verify_cb              232	EXIST:VMS:FUNCTION:
+SSL_CTX_set_default_passwd_cb_userdata  235	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_passwd_cb_ud            235	EXIST:VMS:FUNCTION:
 SSL_set_purpose                         236	EXIST::FUNCTION:
 SSL_CTX_set_trust                       237	EXIST::FUNCTION:
 SSL_CTX_set_purpose                     238	EXIST::FUNCTION: