Add security patch and create release.

Tags will be OpenSSL_0_9_6b and OpenSSL-engine-0_9_6b

CHANGES

@@ -2,7 +2,437 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
+ Changes between 0.9.6a and 0.9.6b  [9 Jul 2001]
+
+  *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
+     to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
+     Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
+     PRNG state recovery was possible based on the output of
+     one PRNG request appropriately sized to gain knowledge on
+     'md' followed by enough consecutive 1-byte PRNG requests
+     to traverse all of 'state'.
+
+     1. When updating 'md_local' (the current thread's copy of 'md')
+        during PRNG output generation, hash all of the previous
+        'md_local' value, not just the half used for PRNG output.
+
+     2. Make the number of bytes from 'state' included into the hash
+        independent from the number of PRNG bytes requested.
+
+     The first measure alone would be sufficient to avoid
+     Markku-Juhani's attack.  (Actually it had never occurred
+     to me that the half of 'md_local' used for chaining was the
+     half from which PRNG output bytes were taken -- I had always
+     assumed that the secret half would be used.)  The second
+     measure makes sure that additional data from 'state' is never
+     mixed into 'md_local' in small portions; this heuristically
+     further strengthens the PRNG.
+     [Bodo Moeller]
+
+  *) Fix crypto/bn/asm/mips3.s.
+     [Andy Polyakov]
+
+  *) When only the key is given to "enc", the IV is undefined. Print out
+     an error message in this case.
+     [Lutz Jaenicke]
+
+  *) Handle special case when X509_NAME is empty in X509 printing routines.
+     [Steve Henson]
+
+  *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
+     positive and less than q.
+     [Bodo Moeller]
+
+  *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
+     used: it isn't thread safe and the add_lock_callback should handle
+     that itself.
+     [Paul Rose <Paul.Rose@bridge.com>]
+
+  *) Verify that incoming data obeys the block size in
+     ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
+     [Bodo Moeller]
+
+  *) Fix OAEP check.
+     [Ulf M<>ller, Bodo M<>ller]
+
+  *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
+     RSA encryption was accidentily removed in s3_srvr.c in OpenSSL 0.9.5
+     when fixing the server behaviour for backwards-compatible 'client
+     hello' messages.  (Note that the attack is impractical against
+     SSL 3.0 and TLS 1.0 anyway because length and version checking
+     means that the probability of guessing a valid ciphertext is
+     around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
+     paper.)
+
+     Before 0.9.5, the countermeasure (hide the error by generating a
+     random 'decryption result') did not work properly because
+     ERR_clear_error() was missing, meaning that SSL_get_error() would
+     detect the supposedly ignored error.
+
+     Both problems are now fixed.
+     [Bodo Moeller]
+
+  *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
+     (previously it was 1024).
+     [Bodo Moeller]
+
+  *) Fix for compatibility mode trust settings: ignore trust settings
+     unless some valid trust or reject settings are present.
+     [Steve Henson]
+
+  *) Fix for blowfish EVP: its a variable length cipher.
+     [Steve Henson]
+
+  *) Fix various bugs related to DSA S/MIME verification. Handle missing
+     parameters in DSA public key structures and return an error in the
+     DSA routines if parameters are absent.
+     [Steve Henson]
+
+  *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
+     in the current directory if neither $RANDFILE nor $HOME was set.
+     RAND_file_name() in 0.9.6a returned NULL in this case.  This has
+     caused some confusion to Windows users who haven't defined $HOME.
+     Thus RAND_file_name() is changed again: e_os.h can define a
+     DEFAULT_HOME, which will be used if $HOME is not set.
+     For Windows, we use "C:"; on other platforms, we still require
+     environment variables.
+
+  *) Move 'if (!initialized) RAND_poll()' into regions protected by
+     CRYPTO_LOCK_RAND.  This is not strictly necessary, but avoids
+     having multiple threads call RAND_poll() concurrently.
+     [Bodo Moeller]
+
+  *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
+     combination of a flag and a thread ID variable.
+     Otherwise while one thread is in ssleay_rand_bytes (which sets the
+     flag), *other* threads can enter ssleay_add_bytes without obeying
+     the CRYPTO_LOCK_RAND lock (and may even illegaly release the lock
+     that they do not hold after the first thread unsets add_do_not_lock).
+     [Bodo Moeller]
+
+  *) Change bctest again: '-x' expressions are not available in all
+     versions of 'test'.
+     [Bodo Moeller]
+
+ Changes between 0.9.6 and 0.9.6a  [5 Apr 2001]
+
+  *) Fix a couple of memory leaks in PKCS7_dataDecode()
+     [Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]
+
+  *) Change Configure and Makefiles to provide EXE_EXT, which will contain
+     the default extension for executables, if any.  Also, make the perl
+     scripts that use symlink() to test if it really exists and use "cp"
+     if it doesn't.  All this made OpenSSL compilable and installable in
+     CygWin.
+     [Richard Levitte]
+
+  *) Fix for asn1_GetSequence() for indefinite length constructed data.
+     If SEQUENCE is length is indefinite just set c->slen to the total
+     amount of data available.
+     [Steve Henson, reported by shige@FreeBSD.org]
+     [This change does not apply to 0.9.7.]
+
+  *) Change bctest to avoid here-documents inside command substitution
+     (workaround for FreeBSD /bin/sh bug).
+     For compatibility with Ultrix, avoid shell functions (introduced
+     in the bctest version that searches along $PATH).
+     [Bodo Moeller]
+
+  *) Rename 'des_encrypt' to 'des_encrypt1'.  This avoids the clashes
+     with des_encrypt() defined on some operating systems, like Solaris
+     and UnixWare.
+     [Richard Levitte]
+
+  *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
+     On the Importance of Eliminating Errors in Cryptographic
+     Computations, J. Cryptology 14 (2001) 2, 101-119,
+     http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
+     [Ulf Moeller]
+  
+  *) MIPS assembler BIGNUM division bug fix. 
+     [Andy Polyakov]
+
+  *) Disabled incorrect Alpha assembler code.
+     [Richard Levitte]
+
+  *) Fix PKCS#7 decode routines so they correctly update the length
+     after reading an EOC for the EXPLICIT tag.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Fix bug in PKCS#12 key generation routines. This was triggered
+     if a 3DES key was generated with a 0 initial byte. Include
+     PKCS12_BROKEN_KEYGEN compilation option to retain the old
+     (but broken) behaviour.
+     [Steve Henson]
+
+  *) Enhance bctest to search for a working bc along $PATH and print
+     it when found.
+     [Tim Rice <tim@multitalents.net> via Richard Levitte]
+
+  *) Fix memory leaks in err.c: free err_data string if necessary;
+     don't write to the wrong index in ERR_set_error_data.
+     [Bodo Moeller]
+
+  *) Implement ssl23_peek (analogous to ssl23_read), which previously
+     did not exist.
+     [Bodo Moeller]
+
+  *) Replace rdtsc with _emit statements for VC++ version 5.
+     [Jeremy Cooper <jeremy@baymoo.org>]
+
+  *) Make it possible to reuse SSLv2 sessions.
+     [Richard Levitte]
+
+  *) In copy_email() check for >= 0 as a return value for
+     X509_NAME_get_index_by_NID() since 0 is a valid index.
+     [Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
+
+  *) Avoid coredump with unsupported or invalid public keys by checking if
+     X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
+     PKCS7_verify() fails with non detached data.
+     [Steve Henson]
+
+  *) Don't use getenv in library functions when run as setuid/setgid.
+     New function OPENSSL_issetugid().
+     [Ulf Moeller]
+
+  *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
+     due to incorrect handling of multi-threading:
+
+     1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
+
+     2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
+
+     3. Count how many times MemCheck_off() has been called so that
+        nested use can be treated correctly.  This also avoids 
+        inband-signalling in the previous code (which relied on the
+        assumption that thread ID 0 is impossible).
+     [Bodo Moeller]
+
+  *) Add "-rand" option also to s_client and s_server.
+     [Lutz Jaenicke]
+
+  *) Fix CPU detection on Irix 6.x.
+     [Kurt Hockenbury <khockenb@stevens-tech.edu> and
+      "Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
+
+  *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
+     was empty.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Use the cached encoding of an X509_NAME structure rather than
+     copying it. This is apparently the reason for the libsafe "errors"
+     but the code is actually correct.
+     [Steve Henson]
+
+  *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
+     Bleichenbacher's DSA attack.
+     Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
+     to be set and top=0 forces the highest bit to be set; top=-1 is new
+     and leaves the highest bit random.
+     [Ulf Moeller, Bodo Moeller]
+
+  *) In the NCONF_...-based implementations for CONF_... queries
+     (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
+     a temporary CONF structure with the data component set to NULL
+     (which gives segmentation faults in lh_retrieve).
+     Instead, use NULL for the CONF pointer in CONF_get_string and
+     CONF_get_number (which may use environment variables) and directly
+     return NULL from CONF_get_section.
+     [Bodo Moeller]
+
+  *) Fix potential buffer overrun for EBCDIC.
+     [Ulf Moeller]
+
+  *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
+     keyUsage if basicConstraints absent for a CA.
+     [Steve Henson]
+
+  *) Make SMIME_write_PKCS7() write mail header values with a format that
+     is more generally accepted (no spaces before the semicolon), since
+     some programs can't parse those values properly otherwise.  Also make
+     sure BIO's that break lines after each write do not create invalid
+     headers.
+     [Richard Levitte]
+
+  *) Make the CRL encoding routines work with empty SEQUENCE OF. The
+     macros previously used would not encode an empty SEQUENCE OF
+     and break the signature.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Zero the premaster secret after deriving the master secret in
+     DH ciphersuites.
+     [Steve Henson]
+
+  *) Add some EVP_add_digest_alias registrations (as found in
+     OpenSSL_add_all_digests()) to SSL_library_init()
+     aka OpenSSL_add_ssl_algorithms().  This provides improved
+     compatibility with peers using X.509 certificates
+     with unconventional AlgorithmIdentifier OIDs.
+     [Bodo Moeller]
+
+  *) Fix for Irix with NO_ASM.
+     ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
+
+  *) ./config script fixes.
+     [Ulf Moeller, Richard Levitte]
+
+  *) Fix 'openssl passwd -1'.
+     [Bodo Moeller]
+
+  *) Change PKCS12_key_gen_asc() so it can cope with non null
+     terminated strings whose length is passed in the passlen
+     parameter, for example from PEM callbacks. This was done
+     by adding an extra length parameter to asc2uni().
+     [Steve Henson, reported by <oddissey@samsung.co.kr>]
+
+  *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
+     call failed, free the DSA structure.
+     [Bodo Moeller]
+
+  *) Fix to uni2asc() to cope with zero length Unicode strings.
+     These are present in some PKCS#12 files.
+     [Steve Henson]
+
+  *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
+     Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
+     when writing a 32767 byte record.
+     [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
+
+  *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
+     obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
+
+     (RSA objects have a reference count access to which is protected
+     by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
+     so they are meant to be shared between threads.)
+     [Bodo Moeller, Geoff Thorpe; original patch submitted by
+     "Reddie, Steven" <Steven.Reddie@ca.com>]
+
+  *) Fix a deadlock in CRYPTO_mem_leaks().
+     [Bodo Moeller]
+
+  *) Use better test patterns in bntest.
+     [Ulf M<>ller]
+
+  *) rand_win.c fix for Borland C.
+     [Ulf M<>ller]
+ 
+  *) BN_rshift bugfix for n == 0.
+     [Bodo Moeller]
+
+  *) Add a 'bctest' script that checks for some known 'bc' bugs
+     so that 'make test' does not abort just because 'bc' is broken.
+     [Bodo Moeller]
+
+  *) Store verify_result within SSL_SESSION also for client side to
+     avoid potential security hole. (Re-used sessions on the client side
+     always resulted in verify_result==X509_V_OK, not using the original
+     result of the server certificate verification.)
+     [Lutz Jaenicke]
+
+  *) Fix ssl3_pending: If the record in s->s3->rrec is not of type
+     SSL3_RT_APPLICATION_DATA, return 0.
+     Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
+     [Bodo Moeller]
+
+  *) Fix SSL_peek:
+     Both ssl2_peek and ssl3_peek, which were totally broken in earlier
+     releases, have been re-implemented by renaming the previous
+     implementations of ssl2_read and ssl3_read to ssl2_read_internal
+     and ssl3_read_internal, respectively, and adding 'peek' parameters
+     to them.  The new ssl[23]_{read,peek} functions are calls to
+     ssl[23]_read_internal with the 'peek' flag set appropriately.
+     A 'peek' parameter has also been added to ssl3_read_bytes, which
+     does the actual work for ssl3_read_internal.
+     [Bodo Moeller]
+
+  *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
+     the method-specific "init()" handler. Also clean up ex_data after
+     calling the method-specific "finish()" handler. Previously, this was
+     happening the other way round.
+     [Geoff Thorpe]
+
+  *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
+     The previous value, 12, was not always sufficient for BN_mod_exp().
+     [Bodo Moeller]
+
+  *) Make sure that shared libraries get the internal name engine with
+     the full version number and not just 0.  This should mark the
+     shared libraries as not backward compatible.  Of course, this should
+     be changed again when we can guarantee backward binary compatibility.
+     [Richard Levitte]
+
+  *) Fix typo in get_cert_by_subject() in by_dir.c
+     [Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
+
+  *) Rework the system to generate shared libraries:
+
+     - Make note of the expected extension for the shared libraries and
+       if there is a need for symbolic links from for example libcrypto.so.0
+       to libcrypto.so.0.9.7.  There is extended info in Configure for
+       that.
+
+     - Make as few rebuilds of the shared libraries as possible.
+
+     - Still avoid linking the OpenSSL programs with the shared libraries.
+
+     - When installing, install the shared libraries separately from the
+       static ones.
+     [Richard Levitte]
+
+  *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
+
+     Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
+     and not in SSL_clear because the latter is also used by the
+     accept/connect functions; previously, the settings made by
+     SSL_set_read_ahead would be lost during the handshake.
+     [Bodo Moeller; problems reported by Anders Gertz <gertz@epact.se>]     
+
+  *) Correct util/mkdef.pl to be selective about disabled algorithms.
+     Previously, it would create entries for disableed algorithms no
+     matter what.
+     [Richard Levitte]
+
+  *) Added several new manual pages for SSL_* function.
+     [Lutz Jaenicke]
+
+ Changes between 0.9.5a and 0.9.6  [24 Sep 2000]
+
+  *) In ssl23_get_client_hello, generate an error message when faced
+     with an initial SSL 3.0/TLS record that is too small to contain the
+     first two bytes of the ClientHello message, i.e. client_version.
+     (Note that this is a pathologic case that probably has never happened
+     in real life.)  The previous approach was to use the version number
+     from the record header as a substitute; but our protocol choice
+     should not depend on that one because it is not authenticated
+     by the Finished messages.
+     [Bodo Moeller]
+
+  *) More robust randomness gathering functions for Windows.
+     [Jeffrey Altman <jaltman@columbia.edu>]
+
+  *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
+     not set then we don't setup the error code for issuer check errors
+     to avoid possibly overwriting other errors which the callback does
+     handle. If an application does set the flag then we assume it knows
+     what it is doing and can handle the new informational codes
+     appropriately.
+     [Steve Henson]
+
+  *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
+     a general "ANY" type, as such it should be able to decode anything
+     including tagged types. However it didn't check the class so it would
+     wrongly interpret tagged types in the same way as their universal
+     counterpart and unknown types were just rejected. Changed so that the
+     tagged and unknown types are handled in the same way as a SEQUENCE:
+     that is the encoding is stored intact. There is also a new type
+     "V_ASN1_OTHER" which is used when the class is not universal, in this
+     case we have no idea what the actual type is so we just lump them all
+     together.
+     [Steve Henson]
 
   *) On VMS, stdout may very well lead to a file that is written to
      in a record-oriented fashion.  That means that every write() will
@@ -33,6 +463,7 @@
 
   *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
      BIO_ctrl (for BIO pairs).
+     [Bodo M<>ller]
 
   *) Add DSO method for VMS.
      [Richard Levitte]
@@ -266,7 +697,7 @@
      [Steve Henson]
 
   *) Changes needed for Tandem NSK.
-     [Scott Uroff scott@xypro.com]
+     [Scott Uroff <scott@xypro.com>]
 
   *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
      RSA_padding_check_SSLv23(), special padding was never detected
@@ -2044,7 +2475,7 @@
                                      copied!)
      [Bodo Moeller]
 
-  *) Bugfix: SSL_set_mode ignored its parameter, only SSL_CTX_set_mode
+  *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
      worked.
 
   *) Fix problems with no-hmac etc.

Configure

@@ -98,6 +98,11 @@ my $x86_elf_asm="asm/bn86-elf.o asm/co86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm
 my $x86_out_asm="asm/bn86-out.o asm/co86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
 my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
 
+my $mips3_irix_asm="asm/mips3.o::::::::";
+# There seems to be boundary faults in asm/alpha.s.
+#my $alpha_asm="asm/alpha.o::::::::";
+my $alpha_asm="::::::::";
+
 # -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
 # So the md5_locl.h file has an undef B_ENDIAN if sun is defined
 
@@ -136,32 +141,35 @@ my %table=(
 # surrounds it with #APP #NO_APP comment pair which (at least Solaris
 # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
 # error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:solaris-shared:-fPIC",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}:dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### Solaris x86 with Sun C setups
+"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Solaris with GNU C setups
-"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
-"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC",
+"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
 # but keep the assembler modules.
-"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC",
+"solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:solaris-shared:-fPIC",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mcpu=ultrasparc -Wall -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::::::::dlfcn:gnu-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Solaris with Sun C setups
 # DO NOT use /xO[34] on sparc with SC3.0.  It is broken, and will not pass the tests
-"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
+"solaris-sparc-sc3","cc:-fast -O -Xa -DB_ENDIAN::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
 # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
 # SC5.0 note: Compiler common patch 107357-01 or later is required!
-"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC",
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
 ####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC::-D_REENTRANT:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### SPARC Linux setups
 "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
@@ -187,11 +195,11 @@ my %table=(
 # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
 # './Configure irix-[g]cc' manually.
 # -mips4 flag is added by ./config when appropriate.
-"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
-"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:asm/mips3.o::",
+"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}",
+"irix-mips3-cc", "cc:-n32 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}",
 # N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:asm/mips3.o::",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}",
 
 #### Unified HP-UX ANSI C configs.
 # Special notes:
@@ -271,10 +279,10 @@ my %table=(
 # Dec Alpha, OSF/1 - the alpha164-cc is the flags for a 21164A with
 # the new compiler
 # For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
-"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:asm/alpha.o:::::::::dlfcn:true64-shared",
-"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
-"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/alpha.o:::::::::dlfcn:true64-shared",
-"FreeBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2:::",
+"alpha-gcc","gcc:-O3::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:tru64-shared::.so",
+"alpha-cc", "cc:-std1 -tune host -O4 -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared::.so",
+"alpha164-cc", "cc:-std1 -tune host -fast -readonly_strings::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:tru64-shared::.so",
+"FreeBSD-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
@@ -289,31 +297,32 @@ my %table=(
 #
 #					<appro@fy.chalmers.se>
 #
-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/alpha.o::",
-"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",
-"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:asm/alpha.o::",
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
 
 # assembler versions -- currently defunct:
-##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}",
 
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "linux-mips",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
 "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
 "linux-m68k",   "gcc:-DB_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
+"linux-s390",	"gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
 "linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::",
-"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 "nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 # NCR MP-RAS UNIX ver 02.03.01
@@ -323,18 +332,27 @@ my %table=(
 "qnx4",	"cc:-DL_ENDIAN -DTERMIO::(unknown)::${x86_gcc_des} ${x86_gcc_opts}:",
 
 # Linux on ARM
-"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC",
+"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::::::::::dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
-# UnixWare 2.0
-"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
-"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread::(unknown):-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+# UnixWare 2.0x fails destest with -O
+"unixware-2.0","cc:-DFILIO_H::-Kthread:-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-2.0-pentium","cc:-DFILIO_H -Kpentium::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+
+# UnixWare 2.1
+"unixware-2.1","cc:-O -DFILIO_H::-Kthread:-lsocket -lnsl -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-2.1-pentium","cc:-O -DFILIO_H -Kpentium::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+"unixware-2.1-p6","cc:-O -DFILIO_H -Kp6::-Kthread:-lsocket -lnsl -lx:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
 
 # UnixWare 7
-"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+"unixware-7-pentium","cc:-O -DFILIO_H -Kalloca -Kpentium::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
+"unixware-7-pentium_pro","cc:-O -DFILIO_H -Kalloca -Kpentium_pro::-Kthread:-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
 
 # IBM's AIX.
 "aix-cc",   "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR:::",
 "aix-gcc",  "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR:::",
+"aix43-cc",   "cc:-O -DAIX -DB_ENDIAN -qmaxmem=16384::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
+"aix43-gcc",  "gcc:-O3 -DAIX -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR::::::::::dlfcn:",
 
 #
 # Cray T90 (SDSC)
@@ -361,12 +379,16 @@ my %table=(
 
 # DGUX, 88100.
 "dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown)::RC4_INDEX DES_UNROLL:::",
-"dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
 "dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 
+# SCO 3 - Tim Rice <tim@multitalents.net>
+"sco3-gcc",  "gcc:-O3 -fomit-frame-pointer -Dssize_t=int -DNO_SYS_UN_H::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
+
 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
 # SCO cc.
 "sco5-cc",  "cc:::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
+"sco5-cc-pentium",  "cc:-Kpentium::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
 "sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
 
 # Sinix/ReliantUNIX RM400
@@ -406,10 +428,10 @@ my %table=(
 ##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown)::::::",
 
 # Some OpenBSD from Bob Beck <beck@obtuse.com>
-"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
-"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn",
-"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
-"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
+"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 ##### MacOS X (a.k.a. Rhapsody) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -424,6 +446,7 @@ my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32
 
 my $prefix="";
 my $openssldir="";
+my $exe_ext="";
 my $install_prefix="";
 my $no_threads=0;
 my $no_shared=1;
@@ -451,10 +474,10 @@ my $md5_obj="";
 my $sha1_obj="";
 my $rmd160_obj="";
 my $processor="";
-my $ranlib;
+my $default_ranlib;
 my $perl;
 
-$ranlib=&which("ranlib") or $ranlib="true";
+$default_ranlib= &which("ranlib") or $default_ranlib="true";
 $perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
   or $perl="perl";
 
@@ -640,6 +663,7 @@ print "Configuring for $target\n";
 
 my $IsWindows=scalar grep /^$target$/,@WinTargets;
 
+$exe_ext=".exe" if ($target eq "CygWin32");
 $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
 $prefix=$openssldir if $prefix eq "";
 
@@ -653,8 +677,8 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//;
 print "IsWindows=$IsWindows\n";
 
 (my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,my $bn_obj,my $des_obj,my $bf_obj,
- $md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
-	split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
+ $md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,my $shared_extension,my $ranlib)=
+	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 $cflags="$flags$cflags" if ($flags ne "");
 
 # The DSO code currently always implements all functions so that no
@@ -729,17 +753,27 @@ if ($threads)
 	}
 
 # You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
-my $shared_mark1 = "";
-my $shared_mark2 = "";
-if ($shared_cflag ne "")
+my $shared_mark = "";
+if ($shared_target ne "")
 	{
-	$cflags = "$shared_cflag $cflags";
+	if ($shared_cflag ne "")
+		{
+		$cflags = "$shared_cflag $cflags";
+		}
 	if (!$no_shared)
 		{
-		$shared_mark1 = ".shlib-clean.";
-		$shared_mark2 = ".shlib.";
+		#$shared_mark = "\$(SHARED_LIBS)";
 		}
 	}
+else
+	{
+	$no_shared = 1;
+	}
+
+if ($ranlib eq "")
+	{
+	$ranlib = $default_ranlib;
+	}
 
 #my ($bn1)=split(/\s+/,$bn_obj);
 #$bn1 = "" unless defined $bn1;
@@ -821,6 +855,7 @@ while (<IN>)
 	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
 	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
 	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
+	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
 	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
 	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
 	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
@@ -831,6 +866,7 @@ while (<IN>)
 	s/^CFLAG=.*$/CFLAG= $cflags/;
 	s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
 	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
 	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
 	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
 	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
@@ -844,9 +880,9 @@ while (<IN>)
 	s/^RANLIB=.*/RANLIB= $ranlib/;
 	s/^PERL=.*/PERL= $perl/;
 	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
-	s/^SHLIB_MARK1=.*/SHLIB_MARK1=$shared_mark1/;
-	s/^SHLIB_MARK2=.*/SHLIB_MARK2=$shared_mark2/;
-	s/^LIBS=.*/LIBS=libcrypto\.so\* libssl\.so\*/ if (!$no_shared);
+	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
+	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
+	s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.so.\$(SHLIB_MAJOR) .so/ if ($shared_extension ne "" && $shared_extension !~ /^\.s[ol]$/);
 	print OUT $_."\n";
 	}
 close(IN);
@@ -1133,8 +1169,9 @@ sub print_table_entry
 	(my $cc,my $cflags,my $unistd,my $thread_cflag,my $lflags,my $bn_ops,
 	my $bn_obj,my $des_obj,my $bf_obj,
 	my $md5_obj,my $sha1_obj,my $cast_obj,my $rc4_obj,my $rmd160_obj,
-	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag)=
-	split(/\s*:\s*/,$table{$target} . ":" x 22 , -1);
+	my $rc5_obj,my $dso_scheme,my $shared_target,my $shared_cflag,
+	my $shared_extension,my $ranlib)=
+	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 			
 	print <<EOF
 
@@ -1157,5 +1194,7 @@ sub print_table_entry
 \$dso_scheme   = $dso_scheme
 \$shared_target= $shared_target
 \$shared_cflag = $shared_cflag
+\$shared_extension = $shared_extension
+\$ranlib       = $ranlib
 EOF
 	}

FAQ

@@ -1,20 +1,23 @@
 OpenSSL  -  Frequently Asked Questions
 --------------------------------------
 
+[MISC] Miscellaneous questions
+
 * Which is the current version of OpenSSL?
 * Where is the documentation?
 * How can I contact the OpenSSL developers?
-* Do I need patent licenses to use OpenSSL?
-* Is OpenSSL thread-safe?
-* Why do I get a "PRNG not seeded" error message?
-* Why does the linker complain about undefined symbols?
 * Where can I get a compiled version of OpenSSL?
-* I've compiled a program under Windows and it crashes: why?
-* How do I read or write a DER encoded buffer using the ASN1 functions?
-* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
-* I've called <some function> and it fails, why?
-* I just get a load of numbers for the error output, what do they mean?
-* Why do I get errors about unknown algorithms?
+* Why aren't tools like 'autoconf' and 'libtool' used?
+
+[LEGAL] Legal questions
+
+* Do I need patent licenses to use OpenSSL?
+* Can I use OpenSSL with GPL software? 
+
+[USER] Questions on using the OpenSSL applications
+
+* Why do I get a "PRNG not seeded" error message?
+* Why do I get an "unable to write 'random state'" error message?
 * How do I create certificates or certificate requests?
 * Why can't I create certificate requests?
 * Why does <SSL program> fail with a certificate verify error?
@@ -22,17 +25,39 @@ OpenSSL  -  Frequently Asked Questions
 * How can I create DSA certificates?
 * Why can't I make an SSL connection using a DSA certificate?
 * How can I remove the passphrase on a private key?
-* Why can't the OpenSSH configure script detect OpenSSL?
+* Why can't I use OpenSSL certificates with SSL client authentication?
+* Why does my browser give a warning about a mismatched hostname?
+
+[BUILD] Questions about building and testing OpenSSL
+
+* Why does the linker complain about undefined symbols?
 * Why does the OpenSSL test fail with "bc: command not found"?
 * Why does the OpenSSL test fail with "bc: 1 no implemented"?
 * Why does the OpenSSL compilation fail on Alpha True64 Unix?
 * Why does the OpenSSL compilation fail with "ar: command not found"?
+* Why does the OpenSSL compilation fail on Win32 with VC++?
 
+[PROG] Questions about programming with OpenSSL
+
+* Is OpenSSL thread-safe?
+* I've compiled a program under Windows and it crashes: why?
+* How do I read or write a DER encoded buffer using the ASN1 functions?
+* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
+* I've called <some function> and it fails, why?
+* I just get a load of numbers for the error output, what do they mean?
+* Why do I get errors about unknown algorithms?
+* Why can't the OpenSSH configure script detect OpenSSL?
+* Can I use OpenSSL's SSL library with non-blocking I/O?
+* Why doesn't my server application receive a client certificate?
+
+===============================================================================
+
+[MISC] ========================================================================
 
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.5a was released on April 1st, 2000.
+OpenSSL 0.9.6b was released on July 9th, 2001.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -78,6 +103,27 @@ OpenSSL.  Information on the OpenSSL mailing lists is available from
 <URL: http://www.openssl.org>.
 
 
+* Where can I get a compiled version of OpenSSL?
+
+Some applications that use OpenSSL are distributed in binary form.
+When using such an application, you don't need to install OpenSSL
+yourself; the application will include the required parts (e.g. DLLs).
+
+If you want to install OpenSSL on a Windows system and you don't have
+a C compiler, read the "Mingw32" section of INSTALL.W32 for information
+on how to obtain and install the free GNU C compiler.
+
+A number of Linux and *BSD distributions include OpenSSL.
+
+
+* Why aren't tools like 'autoconf' and 'libtool' used?
+
+autoconf will probably be used in future OpenSSL versions. If it was
+less Unix-centric, it might have been used much earlier.
+
+
+[LEGAL] =======================================================================
+
 * Do I need patent licenses to use OpenSSL?
 
 The patents section of the README file lists patents that may apply to
@@ -89,17 +135,25 @@ You can configure OpenSSL so as not to use RC5 and IDEA by using
  ./config no-rc5 no-idea
 
 
-* Is OpenSSL thread-safe?
+* Can I use OpenSSL with GPL software?
 
-Yes (with limitations: an SSL connection may not concurrently be used
-by multiple threads).  On Windows and many Unix systems, OpenSSL
-automatically uses the multi-threaded versions of the standard
-libraries.  If your platform is not one of these, consult the INSTALL
-file.
+On many systems including the major Linux and BSD distributions, yes (the
+GPL does not place restrictions on using libraries that are part of the
+normal operating system distribution).
 
-Multi-threaded applications must provide two callback functions to
-OpenSSL.  This is described in the threads(3) manpage.
+On other systems, the situation is less clear. Some GPL software copyright
+holders claim that you infringe on their rights if you use OpenSSL with
+their software on operating systems that don't normally include OpenSSL.
 
+If you develop open source software that uses OpenSSL, you may find it
+useful to choose an other license than the GPL, or state explicitely that
+"This program is released under the GPL with the additional exemption that
+compiling, linking, and/or using OpenSSL is allowed."  If you are using
+GPL software developed by others, you may want to ask the copyright holder
+for permission to use their software with OpenSSL.
+
+
+[USER] ========================================================================
 
 * Why do I get a "PRNG not seeded" error message?
 
@@ -108,6 +162,7 @@ correctly.  Many open source operating systems provide a "randomness
 device" that serves this purpose.  On other systems, applications have
 to call the RAND_add() or RAND_seed() function with appropriate data
 before generating keys or performing public key encryption.
+(These functions initialize the pseudo-random number generator, PRNG.)
 
 Some broken applications do not do this.  As of version 0.9.5, the
 OpenSSL functions that need randomness report an error if the random
@@ -117,18 +172,36 @@ application you are using.  It is likely that it never worked
 correctly.  OpenSSL 0.9.5 and later make the error visible by refusing
 to perform potentially insecure encryption.
 
-On systems without /dev/urandom, it is a good idea to use the Entropy
-Gathering Demon; see the RAND_egd() manpage for details.
+On systems without /dev/urandom and /dev/random, it is a good idea to
+use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for
+details.  Starting with version 0.9.7, OpenSSL will automatically look
+for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and
+/etc/entropy.
 
-Most components of the openssl command line tool try to use the
-file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
-for seeding the PRNG.  If this file does not exist or is too short,
-the "PRNG not seeded" error message may occur.
+Most components of the openssl command line utility automatically try
+to seed the random number generator from a file.  The name of the
+default seeding file is determined as follows: If environment variable
+RANDFILE is set, then it names the seeding file.  Otherwise if
+environment variable HOME is set, then the seeding file is $HOME/.rnd.
+If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will
+use file .rnd in the current directory while OpenSSL 0.9.6a uses no
+default seeding file at all.  OpenSSL 0.9.6b and later will behave
+similarly to 0.9.6a, but will use a default of "C:" for HOME on
+Windows systems if the environment variable has not been set.
 
-[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in version
-0.9.5 does not do this and will fail on systems without /dev/urandom
-when trying to password-encrypt an RSA key!  This is a bug in the
-library; try a later version instead.]
+If the default seeding file does not exist or is too short, the "PRNG
+not seeded" error message may occur.
+
+The openssl command line utility will write back a new state to the
+default seeding file (and create this file if necessary) unless
+there was no sufficient seeding.
+
+Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work.
+Use the "-rand" option of the OpenSSL command line tools instead.
+The $RANDFILE environment variable and $HOME/.rnd are only used by the
+OpenSSL command line tools. Applications using the OpenSSL library
+provide their own configuration options to specify the entropy source,
+please check out the documentation coming the with application.
 
 For Solaris 2.6, Tim Nibbe <tnibbe@sprint.net> and others have suggested
 installing the SUNski package from Sun patch 105710-01 (Sparc) which
@@ -138,6 +211,113 @@ versions.  However, be warned that /dev/random is usually a blocking
 device, which may have some effects on OpenSSL.
 
 
+* Why do I get an "unable to write 'random state'" error message?
+
+
+Sometimes the openssl command line utility does not abort with
+a "PRNG not seeded" error message, but complains that it is
+"unable to write 'random state'".  This message refers to the
+default seeding file (see previous answer).  A possible reason
+is that no default filename is known because neither RANDFILE
+nor HOME is set.  (Versions up to 0.9.6 used file ".rnd" in the
+current directory in this case, but this has changed with 0.9.6a.)
+
+
+* How do I create certificates or certificate requests?
+
+Check out the CA.pl(1) manual page. This provides a simple wrapper round
+the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
+out the manual pages for the individual utilities and the certificate
+extensions documentation (currently in doc/openssl.txt).
+
+
+* Why can't I create certificate requests?
+
+You typically get the error:
+
+	unable to find 'distinguished_name' in config
+	problems making Certificate Request
+
+This is because it can't find the configuration file. Check out the
+DIAGNOSTICS section of req(1) for more information.
+
+
+* Why does <SSL program> fail with a certificate verify error?
+
+This problem is usually indicated by log messages saying something like
+"unable to get local issuer certificate" or "self signed certificate".
+When a certificate is verified its root CA must be "trusted" by OpenSSL
+this typically means that the CA certificate must be placed in a directory
+or file and the relevant program configured to read it. The OpenSSL program
+'verify' behaves in a similar way and issues similar error messages: check
+the verify(1) program manual page for more information.
+
+
+* Why can I only use weak ciphers when I connect to a server using OpenSSL?
+
+This is almost certainly because you are using an old "export grade" browser
+which only supports weak encryption. Upgrade your browser to support 128 bit
+ciphers.
+
+
+* How can I create DSA certificates?
+
+Check the CA.pl(1) manual page for a DSA certificate example.
+
+
+* Why can't I make an SSL connection to a server using a DSA certificate?
+
+Typically you'll see a message saying there are no shared ciphers when
+the same setup works fine with an RSA certificate. There are two possible
+causes. The client may not support connections to DSA servers most web
+browsers (including Netscape and MSIE) only support connections to servers
+supporting RSA cipher suites. The other cause is that a set of DH parameters
+has not been supplied to the server. DH parameters can be created with the
+dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
+check the source to s_server in apps/s_server.c for an example.
+
+
+* How can I remove the passphrase on a private key?
+
+Firstly you should be really *really* sure you want to do this. Leaving
+a private key unencrypted is a major security risk. If you decide that
+you do have to do this check the EXAMPLES sections of the rsa(1) and
+dsa(1) manual pages.
+
+
+* Why can't I use OpenSSL certificates with SSL client authentication?
+
+What will typically happen is that when a server requests authentication
+it will either not include your certificate or tell you that you have
+no client certificates (Netscape) or present you with an empty list box
+(MSIE). The reason for this is that when a server requests a client
+certificate it includes a list of CAs names which it will accept. Browsers
+will only let you select certificates from the list on the grounds that
+there is little point presenting a certificate which the server will
+reject.
+
+The solution is to add the relevant CA certificate to your servers "trusted
+CA list". How you do this depends on the server sofware in uses. You can
+print out the servers list of acceptable CAs using the OpenSSL s_client tool:
+
+openssl s_client -connect www.some.host:443 -prexit
+
+If your server only requests certificates on certain URLs then you may need
+to manually issue an HTTP GET command to get the list when s_client connects:
+
+GET /some/page/needing/a/certificate.html
+
+If your CA does not appear in the list then this confirms the problem.
+
+
+* Why does my browser give a warning about a mismatched hostname?
+
+Browsers expect the server's hostname to match the value in the commonName
+(CN) field of the certificate. If it does not then you get a warning.
+
+
+[BUILD] =======================================================================
+
 * Why does the linker complain about undefined symbols?
 
 Maybe the compilation was interrupted, and make doesn't notice that
@@ -162,17 +342,99 @@ If none of these helps, you may want to try using the current snapshot.
 If the problem persists, please submit a bug report.
 
 
-* Where can I get a compiled version of OpenSSL?
+* Why does the OpenSSL test fail with "bc: command not found"?
 
-Some applications that use OpenSSL are distributed in binary form.
-When using such an application, you don't need to install OpenSSL
-yourself; the application will include the required parts (e.g. DLLs).
+You didn't install "bc", the Unix calculator.  If you want to run the
+tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
 
-If you want to install OpenSSL on a Windows system and you don't have
-a C compiler, read the "Mingw32" section of INSTALL.W32 for information
-on how to obtain and install the free GNU C compiler.
 
-A number of Linux and *BSD distributions include OpenSSL.
+* Why does the OpenSSL test fail with "bc: 1 no implemented"?
+
+On some SCO installations or versions, bc has a bug that gets triggered
+when you run the test suite (using "make test").  The message returned is
+"bc: 1 not implemented".
+
+The best way to deal with this is to find another implementation of bc
+and compile/install it.  GNU bc (see http://www.gnu.org/software/software.html
+for download instructions) can be safely used, for example.
+
+
+* Why does the OpenSSL compilation fail on Alpha True64 Unix?
+
+On some Alpha installations running True64 Unix and Compaq C, the compilation
+of crypto/sha/sha_dgst.c fails with the message 'Fatal:  Insufficient virtual
+memory to continue compilation.'  As far as the tests have shown, this may be
+a compiler bug.  What happens is that it eats up a lot of resident memory
+to build something, probably a table.  The problem is clearly in the
+optimization code, because if one eliminates optimization completely (-O0),
+the compilation goes through (and the compiler consumes about 2MB of resident
+memory instead of 240MB or whatever one's limit is currently).
+
+There are three options to solve this problem:
+
+1. set your current data segment size soft limit higher.  Experience shows
+that about 241000 kbytes seems to be enough on an AlphaServer DS10.  You do
+this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
+kbytes to set the limit to.
+
+2. If you have a hard limit that is lower than what you need and you can't
+get it changed, you can compile all of OpenSSL with -O0 as optimization
+level.  This is however not a very nice thing to do for those who expect to
+get the best result from OpenSSL.  A bit more complicated solution is the
+following:
+
+----- snip:start -----
+  make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
+       sed -e 's/ -O[0-9] / -O0 /'`"
+  rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
+  make
+----- snip:end -----
+
+This will only compile sha_dgst.c with -O0, the rest with the optimization
+level chosen by the configuration process.  When the above is done, do the
+test and installation and you're set.
+
+
+* Why does the OpenSSL compilation fail with "ar: command not found"?
+
+Getting this message is quite usual on Solaris 2, because Sun has hidden
+away 'ar' and other development commands in directories that aren't in
+$PATH by default.  One of those directories is '/usr/ccs/bin'.  The
+quickest way to fix this is to do the following (it assumes you use sh
+or any sh-compatible shell):
+
+----- snip:start -----
+  PATH=${PATH}:/usr/ccs/bin; export PATH
+----- snip:end -----
+
+and then redo the compilation.  What you should really do is make sure
+'/usr/ccs/bin' is permanently in your $PATH, for example through your
+'.profile' (again, assuming you use a sh-compatible shell).
+
+
+* Why does the OpenSSL compilation fail on Win32 with VC++?
+
+Sometimes, you may get reports from VC++ command line (cl) that it
+can't find standard include files like stdio.h and other weirdnesses.
+One possible cause is that the environment isn't correctly set up.
+To solve that problem, one should run VCVARS32.BAT which is found in
+the 'bin' subdirectory of the VC++ installation directory (somewhere
+under 'Program Files').  This needs to be done prior to running NMAKE,
+and the changes are only valid for the current DOS session.
+
+
+[PROG] ========================================================================
+
+* Is OpenSSL thread-safe?
+
+Yes (with limitations: an SSL connection may not concurrently be used
+by multiple threads).  On Windows and many Unix systems, OpenSSL
+automatically uses the multi-threaded versions of the standard
+libraries.  If your platform is not one of these, consult the INSTALL
+file.
+
+Multi-threaded applications must provide two callback functions to
+OpenSSL.  This is described in the threads(3) manpage.
 
 
 * I've compiled a program under Windows and it crashes: why?
@@ -259,68 +521,6 @@ is forgetting to load OpenSSL's table of algorithms with
 OpenSSL_add_all_algorithms(). See the manual page for more information.
 
 
-* How do I create certificates or certificate requests?
-
-Check out the CA.pl(1) manual page. This provides a simple wrapper round
-the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
-out the manual pages for the individual utilities and the certificate
-extensions documentation (currently in doc/openssl.txt).
-
-
-* Why can't I create certificate requests?
-
-You typically get the error:
-
-	unable to find 'distinguished_name' in config
-	problems making Certificate Request
-
-This is because it can't find the configuration file. Check out the
-DIAGNOSTICS section of req(1) for more information.
-
-
-* Why does <SSL program> fail with a certificate verify error?
-
-This problem is usually indicated by log messages saying something like
-"unable to get local issuer certificate" or "self signed certificate".
-When a certificate is verified its root CA must be "trusted" by OpenSSL
-this typically means that the CA certificate must be placed in a directory
-or file and the relevant program configured to read it. The OpenSSL program
-'verify' behaves in a similar way and issues similar error messages: check
-the verify(1) program manual page for more information.
-
-
-* Why can I only use weak ciphers when I connect to a server using OpenSSL?
-
-This is almost certainly because you are using an old "export grade" browser
-which only supports weak encryption. Upgrade your browser to support 128 bit
-ciphers.
-
-
-* How can I create DSA certificates?
-
-Check the CA.pl(1) manual page for a DSA certificate example.
-
-
-* Why can't I make an SSL connection to a server using a DSA certificate?
-
-Typically you'll see a message saying there are no shared ciphers when
-the same setup works fine with an RSA certificate. There are two possible
-causes. The client may not support connections to DSA servers most web
-browsers (including Netscape and MSIE) only support connections to servers
-supporting RSA cipher suites. The other cause is that a set of DH parameters
-has not been supplied to the server. DH parameters can be created with the
-dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
-check the source to s_server in apps/s_server.c for an example.
-
-
-* How can I remove the passphrase on a private key?
-
-Firstly you should be really *really* sure you want to do this. Leaving
-a private key unencrypted is a major security risk. If you decide that
-you do have to do this check the EXAMPLES sections of the rsa(1) and
-dsa(1) manual pages.
-
-
 * Why can't the OpenSSH configure script detect OpenSSL?
 
 There is a problem with OpenSSH 1.2.2p1, in that the configure script
@@ -362,71 +562,26 @@ applied to the OpenSSH distribution:
 ----- snip:end -----
 
 
-* Why does the OpenSSL test fail with "bc: command not found"?
+* Can I use OpenSSL's SSL library with non-blocking I/O?
 
-You didn't install "bc", the Unix calculator.  If you want to run the
-tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
+Yes; make sure to read the SSL_get_error(3) manual page!
+
+A pitfall to avoid: Don't assume that SSL_read() will just read from
+the underlying transport or that SSL_write() will just write to it --
+it is also possible that SSL_write() cannot do any useful work until
+there is data to read, or that SSL_read() cannot do anything until it
+is possible to send data.  One reason for this is that the peer may
+request a new TLS/SSL handshake at any time during the protocol,
+requiring a bi-directional message exchange; both SSL_read() and
+SSL_write() will try to continue any pending handshake.
 
 
-* Why does the OpenSSL test fail with "bc: 1 no implemented"?
+* Why doesn't my server application receive a client certificate?
 
-On some SCO installations or versions, bc has a bug that gets triggered when
-you run the test suite (using "make test").  The message returned is "bc:
-1 not implemented".  The best way to deal with this is to find another
-implementation of bc and compile/install it.  For example, GNU bc (see
-http://www.gnu.org/software/software.html for download instructions) can
-be safely used.
+Due to the TLS protocol definition, a client will only send a certificate,
+if explicitely asked by the server. Use the SSL_VERIFY_PEER flag of the
+SSL_CTX_set_verify() function to enable the use of client certificates.
 
 
-* Why does the OpenSSL compilation fail on Alpha True64 Unix?
-
-On some Alpha installations running True64 Unix and Compaq C, the compilation
-of crypto/sha/sha_dgst.c fails with the message 'Fatal:  Insufficient virtual
-memory to continue compilation.'  As far as the tests have shown, this may be
-a compiler bug.  What happens is that it eats up a lot of resident memory
-to build something, probably a table.  The problem is clearly in the
-optimization code, because if one eliminates optimization completely (-O0),
-the compilation goes through (and the compiler consumes about 2MB of resident
-memory instead of 240MB or whatever one's limit is currently).
-
-There are three options to solve this problem:
-
-1. set your current data segment size soft limit higher.  Experience shows
-that about 241000 kbytes seems to be enough on an AlphaServer DS10.  You do
-this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
-kbytes to set the limit to.
-
-2. If you have a hard limit that is lower than what you need and you can't
-get it changed, you can compile all of OpenSSL with -O0 as optimization
-level.  This is however not a very nice thing to do for those who expect to
-get the best result from OpenSSL.  A bit more complicated solution is the
-following:
-
------ snip:start -----
-  make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
-       sed -e 's/ -O[0-9] / -O0 /'`"
-  rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
-  make
------ snip:end -----
-
-This will only compile sha_dgst.c with -O0, the rest with the optimization
-level chosen by the configuration process.  When the above is done, do the
-test and installation and you're set.
-
-
-* Why does the OpenSSL compilation fail with "ar: command not found"?
-
-Getting this message is quite usual on Solaris 2, because Sun has hidden
-away 'ar' and other development commands in directories that aren't in
-$PATH by default.  One of those directories is '/usr/ccs/bin'.  The
-quickest way to fix this is to do the following (it assumes you use sh
-or any sh-compatible shell):
-
------ snip:start -----
-  PATH=${PATH}:/usr/ccs/bin; export PATH
------ snip:end -----
-
-and then redo the compilation.  What you should really do is make sure
-'/usr/ccs/bin' is permanently in your $PATH, for example through your
-'.profile' (again, assuming you use a sh-compatible shell).
+===============================================================================
 

INSTALL

@@ -7,8 +7,11 @@
 
  To install OpenSSL, you will need:
 
+  * make
   * Perl 5
   * an ANSI C compiler
+  * a development environment in form of development libraries and C
+    header files
   * a supported Unix operating system
 
  Quick Start
@@ -43,9 +46,6 @@
   --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
                 the library files and binaries are also installed there.
 
-  rsaref        Build with RSADSI's RSAREF toolkit (this assumes that
-                librsaref.a is in the library search path).
-
   no-threads    Don't try to build with support for multi-threaded
                 applications.
 
@@ -128,7 +128,7 @@
      directory, and the binary will be in the "apps" directory.
 
      If "make" fails, look at the output.  There may be reasons for
-     the failure that isn't a problem in OpenSSL itself (like missing
+     the failure that aren't problems in OpenSSL itself (like missing
      standard headers).  If it is a problem with OpenSSL itself, please
      report the problem to <openssl-bugs@openssl.org> (note that your
      message will be forwarded to a public mailing list).  Include the

INSTALL.VMS

@@ -8,6 +8,7 @@ Intro:
 
 This file is divided in the following parts:
 
+  Requirements			- Mandatory reading.
   Checking the distribution	- Mandatory reading.
   Compilation			- Mandatory reading.
   Logical names			- Mandatory reading.
@@ -19,6 +20,15 @@ This file is divided in the following parts:
   TODO				- Things that are to come.
 
 
+Requirements:
+=============
+
+To build and install OpenSSL, you will need:
+
+ * DEC C or some other ANSI C compiler.  VAX C is *not* supported.
+   [Note: OpenSSL has only been tested with DEC C.  Compiling with 
+    a different ANSI C compiler may require some work]
+
 Checking the distribution:
 ==========================
 

INSTALL.W32

@@ -108,8 +108,8 @@
 
  * Compiler installation:
 
-   Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/
-   mingw32/egcs-1.1.2/egcs-1.1.2-mingw32.zip>. GNU make is at
+   Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/
+   gnu-win32/mingw32/gcc-2.95.2/gcc-2.95.2-msvcrt.exe>. GNU make is at
    <ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
    make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
    C:\egcs-1.1.2\mingw32.bat to set the PATH.

LICENSE

@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions

Makefile.org

@@ -9,6 +9,7 @@ SHLIB_VERSION_NUMBER=
 SHLIB_VERSION_HISTORY=
 SHLIB_MAJOR=
 SHLIB_MINOR=
+SHLIB_EXT=
 PLATFORM=dist
 OPTIONS=
 CONFIGURE_ARGS=
@@ -56,8 +57,9 @@ CC= gcc
 #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
 CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
 DEPFLAG= 
-PEX_LIBS= -L. -L.. -L../.. -L../../..
+PEX_LIBS= 
 EX_LIBS= 
+EXE_EXT= 
 AR=ar r
 RANLIB= ranlib
 PERL= perl
@@ -149,14 +151,11 @@ RMD160_ASM_OBJ= asm/rm86-out.o
 #RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
 #RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
 
-# To do special treatment, use "directory names" starting with a period.
 # When we're prepared to use shared libraries in the programs we link here
-# we might have SHLIB_MARK1 get the value ".shlib." and SHLIB_MARK2 be empty,
-# or have that configurable.
-SHLIB_MARK1=.shlib-clean.
-SHLIB_MARK2=.shlib.
+# we might set SHLIB_MARK to '$(SHARED_LIBS)'.
+SHLIB_MARK=
 
-DIRS=   crypto ssl rsaref $(SHLIB_MARK1) apps test tools $(SHLIB_MARK2)
+DIRS=   crypto ssl rsaref $(SHLIB_MARK) apps test tools
 SHLIBDIRS= crypto ssl
 
 # dirs in crypto to build
@@ -180,7 +179,10 @@ ONEDIRS=out tmp
 EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
 WDIRS=  windows
 LIBS=   libcrypto.a libssl.a
-SHARED_LIBS=libcrypto.so libssl.so
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=
 
 GENERAL=        Makefile
 BASENAME=       openssl
@@ -190,108 +192,93 @@ WTARFILE=       $(NAME)-win.tar
 EXHEADER=       e_os.h e_os2.h
 HEADER=         e_os.h
 
-all: Makefile.ssl
-	@need_shlib=true; \
-	for i in $(DIRS) ;\
-	do \
-	if [ "$$i" = ".shlib-clean." ]; then \
-		if [ "$(SHLIB_TARGET)" != "" ]; then \
-			$(MAKE) clean-shared; \
-		fi; \
-	elif [ "$$i" = ".shlib." ]; then \
-		if [ "$(SHLIB_TARGET)" != "" ]; then \
-			$(MAKE) $(SHARED_LIBS); \
-		fi; \
-		need_shlib=false; \
-	else \
-		(cd $$i && echo "making all in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
-	fi; \
-	done; \
-	if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
-		$(MAKE) $(SHARED_LIBS); \
-	fi
+# When we're prepared to use shared libraries in the programs we link here
+# we might remove 'clean-shared' from the targets to perform at this stage
+
+all: clean-shared Makefile.ssl sub_all
 
 sub_all:
-	@need_shlib=true; \
-	for i in $(DIRS) ;\
+	@for i in $(DIRS); \
 	do \
-	if [ "$$i" = ".shlib-clean." ]; then \
-		if [ "$(SHLIB_TARGET)" != "" ]; then \
-			$(MAKE) clean-shared; \
-		fi; \
-	elif [ "$$i" = ".shlib." ]; then \
-		if [ "$(SHLIB_TARGET)" != "" ]; then \
-			$(MAKE) $(SHARED_LIBS); \
-		fi; \
-		need_shlib=false; \
-	else \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making all in $$i..." && \
-		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
+		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' all ) || exit 1; \
+	else \
+		$(MAKE) $$i; \
 	fi; \
 	done; \
-	if $$need_shlib && [ "$(SHLIB_MARK1)" != "" -o "$(SHLIB_MARK1)" != "" ]; then \
+	if echo "$(DIRS)" | \
+	    egrep '(^| )(crypto|ssl)( |$$)' > /dev/null 2>&1 && \
+	   [ -n "$(SHARED_LIBS)" ]; then \
 		$(MAKE) $(SHARED_LIBS); \
 	fi
 
-libcrypto.so: libcrypto.a
+libcrypto$(SHLIB_EXT): libcrypto.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=crypto $(SHLIB_TARGET); \
+		$(MAKE) SHLIBDIRS=crypto build-shared; \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 	fi
-libssl.so: libcrypto.so libssl.a
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-L. -lcrypto' $(SHLIB_TARGET); \
+		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 	fi
 
 clean-shared:
-	for i in ${SHLIBDIRS}; do \
-	rm -f lib$$i.so \
-		lib$$i.so.${SHLIB_MAJOR} \
-		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	@for i in $(SHLIBDIRS); do \
+		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+			for j in $${tmp:-x}; do \
+				( set -x; rm -f lib$$i$$j ); \
+			done; \
+		fi; \
+		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
 	done
 
-linux-shared:
-	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	rm -f lib$$i.so \
-		lib$$i.so.${SHLIB_MAJOR} \
-		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+link-shared:
+	@for i in $(SHLIBDIRS); do \
+		prev=lib$$i$(SHLIB_EXT); \
+		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+			for j in $${tmp:-x}; do \
+				( set -x; ln -f -s $$prev lib$$i$$j ); \
+				prev=lib$$i$$j; \
+			done; \
+		fi; \
+	done
+
+build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
+
+do_bsd-gcc-shared: do_gnu-shared
+do_linux-shared: do_gnu-shared
+do_gnu-shared:
+	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
 	( set -x; ${CC}  -shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR} \
+		-Wl,-S,-soname=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
 		-Wl,--whole-archive lib$$i.a \
 		-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="$$libs -L. -l$$i"; \
-	( set -x; \
-		ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-			lib$$i.so.${SHLIB_MAJOR}; \
-		ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so ); \
+	libs="$$libs -l$$i"; \
 	done
 
 # This assumes that GNU utilities are *not* used
-true64-shared:
-	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
+do_tru64-shared:
+	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
 	( set -x; ${CC}  -shared -no_archive -o lib$$i.so \
 		-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}" \
 		-all lib$$i.a -none $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="$$libs -L. -l$$i"; \
+	libs="$$libs -l$$i"; \
 	done
 
 # This assumes that GNU utilities are *not* used
-solaris-shared:
-	libs='${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
-	rm -f lib$$i.so \
-		lib$$i.so.${SHLIB_MAJOR} \
-		lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
-	( set -x; ${CC}  -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		-h lib$$i.so.${SHLIB_MAJOR} \
+do_solaris-shared:
+	libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
+	( PATH=/usr/ccs/bin:$$PATH ; export PATH; \
+	  set -x; ${CC}  -G -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
+		-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
 		-z allextract lib$$i.a $$libs ${EX_LIBS} -lc ) || exit 1; \
-	libs="$$libs -L. -l$$i"; \
-	ln -s lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		lib$$i.so.${SHLIB_MAJOR}; \
-	ln -s lib$$i.so.${SHLIB_MAJOR} lib$$i.so; \
+	libs="$$libs -l$$i"; \
 	done
 
 Makefile.ssl: Makefile.org
@@ -306,7 +293,7 @@ clean:
 	rm -f shlib/*.o *.o core a.out fluff *.map rehash.time testlog make.log cctest cctest.c
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making clean in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
 		rm -f $(LIBS); \
@@ -327,7 +314,7 @@ files:
 	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making 'files' in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
 	fi; \
@@ -338,7 +325,7 @@ links:
 	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
 	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
 	@for i in $(DIRS); do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making links in $$i..." && \
 		$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \
 	fi; \
@@ -348,7 +335,7 @@ dclean:
 	rm -f *.bak
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making dclean in $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
 	fi; \
@@ -363,7 +350,7 @@ test:   tests
 
 tests: rehash
 	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' EXE_EXT='${EXE_EXT}' tests );
 	@apps/openssl version -a
 
 report:
@@ -372,7 +359,7 @@ report:
 depend:
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making dependencies $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' depend ) || exit 1; \
 	fi; \
@@ -381,7 +368,7 @@ depend:
 lint:
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making lint $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
 	fi; \
@@ -390,7 +377,7 @@ lint:
 tags:
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making tags $$i..." && \
 		$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
 	fi; \
@@ -452,9 +439,9 @@ install: all install_docs
 	done;
 	@for i in $(DIRS) ;\
 	do \
-	if echo "$$i" | grep -v '^\.'; then \
+	if [ -d "$$i" ]; then \
 		(cd $$i; echo "installing $$i..."; \
-		$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' install ); \
+		$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' RANLIB='${RANLIB}' EXE_EXT='${EXE_EXT}' install ); \
 	fi; \
 	done
 	@for i in $(LIBS) ;\
@@ -466,6 +453,20 @@ install: all install_docs
 			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
 		fi \
 	done
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		tmp="$(SHARED_LIBS)"; \
+		for i in $${tmp:-x}; \
+		do \
+			if [ -f "$$i" ]; then \
+			(       echo installing $$i; \
+				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
+				chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
+			fi \
+		done; \
+		(	here="`pwd`"; \
+			cd $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
+			make -f $$here/Makefile link-shared ); \
+	fi
 
 install_docs:
 	@$(PERL) $(TOP)/util/mkdir-p.pl \
@@ -473,30 +474,23 @@ install_docs:
 		$(INSTALL_PREFIX)$(MANDIR)/man3 \
 		$(INSTALL_PREFIX)$(MANDIR)/man5 \
 		$(INSTALL_PREFIX)$(MANDIR)/man7
-	@echo installing man 1 and man 5
 	@for i in doc/apps/*.pod; do \
 		fn=`basename $$i .pod`; \
-		sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
+		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
+		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			 --release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
-	@echo installing man 3 and man 7
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
 		fn=`basename $$i .pod`; \
-		sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
+		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
+		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
 		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
 
-shlib: all
-	if [ ! -d shlib_dir ] ; then mkdir shlib_dir ; else rm -f shlib_dir/* ; fi
-	cd shlib_dir ; ar -x ../libcrypto.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libcrypto.so.0.9 \
-            -o ./libcrypto.so.0.9.4 && rm *.o
-	cd shlib_dir ; ar -x ../libssl.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libssl.so.0.9 \
-            -o ./libssl.so.0.9.4 && rm *.o
-
 # DO NOT DELETE THIS LINE -- make depend depends on it.

NEWS

@@ -5,6 +5,48 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
+
+      o Security fix: PRNG improvements.
+      o Security fix: RSA OAEP check.
+      o Security fix: Reinsert and fix countermeasure to Bleichbacher's
+        attack.
+      o MIPS bug fix in BIGNUM.
+      o Bug fix in "openssl enc".
+      o Bug fix in X.509 printing routine.
+      o Bug fix in DSA verification routine and DSA S/MIME verification.
+      o Bug fix to make PRNG thread-safe.
+      o Bug fix in RAND_file_name().
+      o Bug fix in compatibility mode trust settings.
+      o Bug fix in blowfish EVP.
+      o Increase default size for BIO buffering filter.
+      o Compatibility fixes in some scripts.
+
+  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
+
+      o Security fix: change behavior of OpenSSL to avoid using
+        environment variables when running as root.
+      o Security fix: check the result of RSA-CRT to reduce the
+        possibility of deducing the private key from an incorrectly
+        calculated signature.
+      o Security fix: prevent Bleichenbacher's DSA attack.
+      o Security fix: Zero the premaster secret after deriving the
+        master secret in DH ciphersuites.
+      o Reimplement SSL_peek(), which had various problems.
+      o Compatibility fix: the function des_encrypt() renamed to
+        des_encrypt1() to avoid clashes with some Unixen libc.
+      o Bug fixes for Win32, HP/UX and Irix.
+      o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
+        memory checking routines.
+      o Bug fixes for RSA operations in threaded enviroments.
+      o Bug fixes in misc. openssl applications.
+      o Remove a few potential memory leaks.
+      o Add tighter checks of BIGNUM routines.
+      o Shared library support has been reworked for generality.
+      o More documentation.
+      o New function BN_rand_range().
+      o Add "-rand" option to openssl s_client and s_server.
+
   Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
 
       o Some documentation for BIO and SSL libraries.
@@ -14,7 +56,8 @@
       o New 'rsautl' application, low level RSA utility.
       o MD4 now included.
       o Bugfix for SSL rollback padding check.
-      o Support for external crypto device[1].
+      o Support for external crypto devices [1].
+      o Enhanced EVP interface.
 
     [1] The support for external crypto devices is currently a separate
         distribution.  See the file README.ENGINE.

README

@@ -1,7 +1,7 @@
 
- OpenSSL 0.9.6-beta3 [engine] (Final beta) 21 Sep 2000
+ OpenSSL 0.9.6b [engine]  9 Jul 2001
 
- Copyright (c) 1998-2000 The OpenSSL Project
+ Copyright (c) 1998-2001 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 

README.ENGINE

@@ -52,3 +52,12 @@
   device, or the built-in crypto routines will be used, just as in the
   default OpenSSL distribution.
 
+
+  PROBLEMS
+  ========
+
+  It seems like the ENGINE part doesn't work too well with Cryptoswift on
+  Win32.  A quick test done right before the release showed that trying
+  "openssl speed -engine cswift" generated errors.  If the DSO gets enabled,
+  an attempt is made to write at memory address 0x00000002.
+

STATUS

@@ -1,109 +1,30 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/09/20 16:40:09 $
+  ______________                           $Date: 2001/04/05 17:48:02 $
 
   DEVELOPMENT STATE
 
-    o  OpenSSL 0.9.6:  Under development (in release cycle)...
-                       Proposed release date September 24, 2000
-                       0.9.6-beta1 is available:
-			OpenBSD-x86 2.7			- failed
-				ftime not supported [FIXED]
-			hpux-parisc-cc 10.20		- passed
-			hpux-parisc-gcc 10.20		- passed
-			hpux-parisc-gcc 11.00		- passed
-			hpux-gcc			- passed
-			hpux-brokengcc			- failed
-				BN_sqr fails in test
-			linux-elf			- passed
-			linux-sparcv7			- passed
-			linux-ppc			- passed
-			Solaris [engine]		- failed
-				speed cswift gives odd errors [FIXED]
-			solaris-sparcv8-gcc		- passed
-			solaris-sparcv9-gcc		- passed
-			solaris-sparcv9-cc		- passed
-			solaris64-sparcv9-cc		- passed
-			sco5-gcc			- passed
-			sco5-cc				- passed
-			FreeBSD				- passed
-			Win32 VC++			- failed
-				PCURSORINFO not defined unless Win2000 [FIXED]
-				RAND_poll() problem on Win2000 [FIXED]
-				DSO method always DSO_METHOD_null [FIXED]
-			CygWin32			- test failed
-			MingW32				- failed
-				thelp32.h
-			aix-gcc (AIX 4.3.2)		- passed
-			VMS/Alpha			- failed
-				Some things were missing [FIXED]
-                       0.9.6-beta2 is available:
-			linux/openbsd (all platforms?)		- mod_exp bug
-			sunos-gcc				- passed
-			aix-gcc					- passed
-			Win32 w/ VC6 or Mingw32			- failed
-				RAND_poll(), a few uninitialised vars [FIXED]
-				RAND_poll() should used LoadLibrary instead of
-					GetModuleHandle [FIXED]
-				Major compilation problem with VC6 on NT.
-					[FIXED]
-				Mingw32 says "175: parse error before `DWORD'"
-					[FIXED?]
-			Win32 w/ CygWin				- success?
-			VMS/Alpha 7.1 (CPQ C 5.6-003, TCP/IP 5.0) - success
-				Just a small warning in dso_vms.c [FIXED]
-			VMS/Alpha 7.2-1 (CPQ 5.6-003, TCP/IP 5.0A) - success
-			VMS/VAX 7.2-1 (CPQ 5.2-003, TCP/IP 5.0) - success
-			hpux-parisc-cc (HP-UX B.11.00)		- success
-			hpux-parisc2-cc	(11.00)			- success
-			hpux64-parisc2-cc (11.00)		- success
-			hpux-parisc1_1-cc (11.00)		- success
-			hpux-parisc-cc (10.20 w/ -ldld)		- success
-			hpux-parisc-gcc (10.20 w/ -ldld)	- success
-			hpux-parisc-cc [engine] (10.20 w/ -ldld)- success
-			hpux-parisc-gcc [endine] (10.20 w/ -ldld)- success
-				All hpux 10.20 targets succeeded provided -ldl
-					has been changed to -ldld.
-			solaris-sparcv9-gcc (2.6/ultra5)	- success
-			[ solaris-sparcv9-cc (SunOS 5.7 SC3.0)	- failed      ]
-			[	Complaints about a number of -x parameters to ]
-			[		the compiler and failed to compile an ]
-			[		assembler file.  Maybe a too old      ]
-			[		compiler? (Yes, apparently:)          ]
-			solaris-sparcv9-cc (SunOS 5.6 SC4.2)	- success
-			FreeBSD (2.2.5-RELEASE)			- success
-			alpha-cc [engine] (OSF1 5.0A)		- success
-			irix-mips3-cc [engine] (Irix 6.2)	- success
-				One has to do the same as for OpenBSD in
-					speed.c [FIXED]
-			aix-cc (3.2.5, cc 1.3.0.44)		- success
-			aix-gcc (3.2.5, gcc 2.8.1)		- success
-				Both first failed to compiled due to ftime().
-					[FIXED]
-			alpha-cc (V4.0E)			- success
-			alpha-gcc (V4.0E, gcc 2.8.1)		- success
-			ultrix-cc (V4.5)			- success
-			ultrix-gcc (V4.5, gcc 2.8.1)		- success
-    o  OpenSSL 0.9.5a: Released on April     1st, 2000
-    o  OpenSSL 0.9.5:  Released on February 28th, 2000
-    o  OpenSSL 0.9.4:  Released on August   09th, 1999
-    o  OpenSSL 0.9.3a: Released on May      29th, 1999
-    o  OpenSSL 0.9.3:  Released on May      25th, 1999
-    o  OpenSSL 0.9.2b: Released on March    22th, 1999
-    o  OpenSSL 0.9.1c: Released on December 23th, 1998
+    o  OpenSSL 0.9.6a: Released on April      5th, 2001
+    o  OpenSSL 0.9.6:  Released on September 24th, 2000
+    o  OpenSSL 0.9.5a: Released on April      1st, 2000
+    o  OpenSSL 0.9.5:  Released on February  28th, 2000
+    o  OpenSSL 0.9.4:  Released on August    09th, 1999
+    o  OpenSSL 0.9.3a: Released on May       29th, 1999
+    o  OpenSSL 0.9.3:  Released on May       25th, 1999
+    o  OpenSSL 0.9.2b: Released on March     22th, 1999
+    o  OpenSSL 0.9.1c: Released on December  23th, 1998
 
   RELEASE SHOWSTOPPERS
 
   AVAILABLE PATCHES
 
-    o CA.pl patch (Damien Miller)
-
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.
+        OCSP
         EVP cipher enhancement.
-        Proper (or at least usable) certificate chain verification.
+        Enhanced certificate chain verification.
 	Private key, certificate and CRL API and implementation.
 	Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
@@ -112,19 +33,29 @@
     o Richard is currently working on:
 	UTIL (a new set of library functions to support some higher level
 	      functionality that is currently missing).
-	Dynamic thread-lock support.
 	Shared library support for VMS.
+	OCSP
+	Kerberos 5 authentication
+	Constification
 
   NEEDS PATCH
 
-    o  non-blocking socket on AIX
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+
+    o  OpenSSL_0_9_6-stable:
+       #include <openssl/e_os.h> in exported header files is illegal since
+       e_os.h is suitable only for library-internal use.
+
+    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
+       or an error is reported
 
   OPEN ISSUES
 
-    o internal_verify doesn't know about X509.v3 (basicConstraints
-      CA flag ...)
+    o  crypto/ex_data.c is not really thread-safe and so must be used
+       with care (e.g., extra locking where necessary, or don't call
+       CRYPTO_get_ex_new_index once multiple threads exist).
+       The current API is not suitable for everything that it pretends
+       to offer.
 
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 

apps/Makefile.ssl

@@ -18,6 +18,7 @@ RM=		rm -f
 
 PEX_LIBS=
 EX_LIBS= 
+EXE_EXT= 
 
 CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
 
@@ -32,7 +33,7 @@ PROGRAM= openssl
 
 SCRIPTS=CA.sh CA.pl der_chop
 
-EXE= $(PROGRAM)
+EXE= $(PROGRAM)$(EXE_EXT)
 
 E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
 	ca crl rsa rsautl dsa dsaparam \
@@ -77,7 +78,7 @@ top:
 
 all:	exe
 
-exe:	$(EXE)
+exe:	$(PROGRAM)
 
 req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
 	$(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(RAND_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)

apps/app_rand.c

@@ -177,8 +177,10 @@ long app_RAND_load_files(char *name)
 		if (*n == '\0') break;
 
 		egd=RAND_egd(n);
-		if (egd > 0) tot+=egd;
-		tot+=RAND_load_file(n,-1);
+		if (egd > 0)
+			tot+=egd;
+		else
+			tot+=RAND_load_file(n,-1);
 		if (last) break;
 		}
 	if (tot > 512)

apps/ca-cert.srl

@@ -1 +1 @@
-05
+07

apps/ca.c

@@ -1247,7 +1247,11 @@ bad:
 			X509_free(revcert);
 
 			strncpy(buf[0],dbfile,BSIZE-4);
+#ifndef VMS
 			strcat(buf[0],".new");
+#else
+			strcat(buf[0],"-new");
+#endif
 			if (BIO_write_filename(out,buf[0]) <= 0)
 				{
 				perror(dbfile);
@@ -1257,7 +1261,11 @@ bad:
 			j=TXT_DB_write(out,db);
 			if (j <= 0) goto err;
 			strncpy(buf[1],dbfile,BSIZE-4);
+#ifndef VMS
 			strcat(buf[1],".old");
+#else
+			strcat(buf[1],"-old");
+#endif
 			if (rename(dbfile,buf[1]) < 0)
 				{
 				BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);

apps/dgst.c

@@ -74,7 +74,7 @@
 #undef PROG
 #define PROG	dgst_main
 
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		EVP_PKEY *key, unsigned char *sigin, int siglen);
 
 int MAIN(int, char **);
@@ -95,7 +95,7 @@ int MAIN(int argc, char **argv)
 	int debug=0;
 	const char *outfile = NULL, *keyfile = NULL;
 	const char *sigfile = NULL, *randfile = NULL;
-	char out_bin = -1, want_pub = 0, do_verify = 0;
+	int out_bin = -1, want_pub = 0, do_verify = 0;
 	EVP_PKEY *sigkey = NULL;
 	unsigned char *sigbuf = NULL;
 	int siglen = 0;
@@ -365,7 +365,7 @@ end:
 	EXIT(err);
 	}
 
-void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, char binout,
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			EVP_PKEY *key, unsigned char *sigin, int siglen)
 	{
 	int len;

apps/dsaparam.c

@@ -313,7 +313,7 @@ bad:
 		printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
 			bits_p,bits_p);
 		printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
+		printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
 		printf("\treturn(dsa);\n\t}\n");
 		}
 

apps/enc.c

@@ -542,6 +542,14 @@ bad:
 			BIO_printf(bio_err,"invalid hex iv value\n");
 			goto end;
 			}
+		if ((hiv == NULL) && (str == NULL))
+			{
+			/* No IV was explicitly set and no IV was generated
+			 * during EVP_BytesToKey. Hence the IV is undefined,
+			 * making correct decryption impossible. */
+			BIO_printf(bio_err, "iv undefined\n");
+			goto end;
+			}
 		if ((hkey != NULL) && !set_hex(hkey,key,24))
 			{
 			BIO_printf(bio_err,"invalid hex key value\n");

apps/passwd.c

@@ -272,6 +272,7 @@ int MAIN(int argc, char **argv)
 			}
 		while (!done);
 		}
+	ret = 0;
 
 err:
 	ERR_print_errors(bio_err);
@@ -315,7 +316,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	strncat(out_buf, "$", 1);
 	strncat(out_buf, salt, 8);
 	assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
-	salt_out = out_buf + 6;
+	salt_out = out_buf + 2 + strlen(magic);
 	salt_len = strlen(salt_out);
 	assert(salt_len <= 8);
 	

apps/pca-cert.srl

@@ -1 +1 @@
-01
+07

apps/req.c

@@ -725,16 +725,15 @@ loop:
 
 	if (newreq || x509)
 		{
-#ifndef NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
-			digest=EVP_dss1();
-#endif
-
 		if (pkey == NULL)
 			{
 			BIO_printf(bio_err,"you need to specify a private key\n");
 			goto end;
 			}
+#ifndef NO_DSA
+		if (pkey->type == EVP_PKEY_DSA)
+			digest=EVP_dss1();
+#endif
 		if (req == NULL)
 			{
 			req=X509_REQ_new();

apps/rsautl.c

@@ -55,6 +55,9 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
+
+#ifndef NO_RSA
+
 #include "apps.h"
 #include <string.h>
 #include <openssl/err.h>
@@ -313,3 +316,4 @@ static void usage()
 	BIO_printf(bio_err, "-hexdump        hex dump output\n");
 }
 
+#endif

apps/s_client.c

@@ -79,6 +79,7 @@ typedef unsigned int u_int;
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
+#include <openssl/rand.h>
 #include <openssl/engine.h>
 #include "s_apps.h"
 
@@ -153,8 +154,8 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
 	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
 	BIO_printf(bio_err,"                 command to see what is available\n");
+	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
-
 	}
 
 int MAIN(int, char **);
@@ -181,6 +182,7 @@ int MAIN(int argc, char **argv)
 	int prexit = 0;
 	SSL_METHOD *meth=NULL;
 	BIO *sbio;
+	char *inrand=NULL;
 	char *engine_id=NULL;
 	ENGINE *e=NULL;
 #ifdef WINDOWS
@@ -320,6 +322,11 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-nbio") == 0)
 			{ c_nbio=1; }
 #endif
+		else if (strcmp(*argv,"-rand") == 0)
+			{
+			if (--argc < 1) goto bad;
+			inrand= *(++argv);
+			}
 		else if	(strcmp(*argv,"-engine") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -341,7 +348,14 @@ bad:
 		goto end;
 		}
 
-	app_RAND_load_file(NULL, bio_err, 0);
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+		&& !RAND_status())
+		{
+		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+		}
+	if (inrand != NULL)
+		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+			app_RAND_load_files(inrand));
 
 	if (bio_c_out == NULL)
 		{

apps/s_server.c

@@ -83,6 +83,7 @@ typedef unsigned int u_int;
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
+#include <openssl/rand.h>
 #include <openssl/engine.h>
 #include "s_apps.h"
 
@@ -245,6 +246,7 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatibility\n");
 	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
 	BIO_printf(bio_err," -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 	}
 
@@ -415,6 +417,8 @@ int MAIN(int argc, char *argv[])
 	int no_tmp_rsa=0,no_dhe=0,nocert=0;
 	int state=0;
 	SSL_METHOD *meth=NULL;
+	char *inrand=NULL;
+	char *engine_id=NULL;
 	ENGINE *e=NULL;
 #ifndef NO_DH
 	DH *dh=NULL;
@@ -570,6 +574,11 @@ int MAIN(int argc, char *argv[])
 		else if	(strcmp(*argv,"-tls1") == 0)
 			{ meth=TLSv1_server_method(); }
 #endif
+		else if (strcmp(*argv,"-rand") == 0)
+			{
+			if (--argc < 1) goto bad;
+			inrand= *(++argv);
+			}
 		else if (strcmp(*argv,"-engine") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -591,7 +600,14 @@ bad:
 		goto end;
 		}
 
-	app_RAND_load_file(NULL, bio_err, 0);
+	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+		&& !RAND_status())
+		{
+		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+		}
+	if (inrand != NULL)
+		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+			app_RAND_load_files(inrand));
 
 	if (bio_s_out == NULL)
 		{
@@ -709,7 +725,8 @@ bad:
 
 #ifndef NO_RSA
 #if 1
-	SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
+	if (!no_tmp_rsa)
+		SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
 #else
 	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
 		{
@@ -1369,15 +1386,29 @@ static int www_body(char *hostname, int s, unsigned char *context)
 
 			/* skip the '/' */
 			p= &(buf[5]);
-			dot=0;
+
+			dot = 1;
 			for (e=p; *e != '\0'; e++)
 				{
-				if (e[0] == ' ') break;
-				if (	(e[0] == '.') &&
-					(strncmp(&(e[-1]),"/../",4) == 0))
-					dot=1;
+				if (e[0] == ' ')
+					break;
+
+				switch (dot)
+					{
+				case 1:
+					dot = (e[0] == '.') ? 2 : 0;
+					break;
+				case 2:
+					dot = (e[0] == '.') ? 3 : 0;
+					break;
+				case 3:
+					dot = (e[0] == '/') ? -1 : 0;
+					break;
+					}
+				if (dot == 0)
+					dot = (e[0] == '/') ? 1 : 0;
 				}
-			
+			dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
 
 			if (*e == '\0')
 				{
@@ -1401,9 +1432,11 @@ static int www_body(char *hostname, int s, unsigned char *context)
 				break;
 				}
 
+#if 0
 			/* append if a directory lookup */
 			if (e[-1] == '/')
 				strcat(p,"index.html");
+#endif
 
 			/* if a directory, do the index thang */
 			if (stat(p,&st_buf) < 0)
@@ -1415,7 +1448,13 @@ static int www_body(char *hostname, int s, unsigned char *context)
 				}
 			if (S_ISDIR(st_buf.st_mode))
 				{
+#if 0 /* must check buffer size */
 				strcat(p,"/index.html");
+#else
+				BIO_puts(io,text);
+				BIO_printf(io,"'%s' is a directory\r\n",p);
+				break;
+#endif
 				}
 
 			if ((file=BIO_new_file(p,"r")) == NULL)

apps/server.pem

@@ -1,17 +1,17 @@
 issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
-subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+subject= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
 BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
-MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0
+MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
 A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
 cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
 Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
-JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
-IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
-FUGcPZf9ND22Etc+AQ==
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4
+GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM
+k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz
+itAE+OjGF+PFKbwX8Q==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD

apps/smime.c

@@ -299,6 +299,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
 		BIO_printf (bio_err, "-engine e      use engine e, possibly a hardware device.\n");
+		BIO_printf (bio_err, "-passin arg    input file pass phrase source\n");
 		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");

apps/speed.c

@@ -83,12 +83,12 @@
 #include <openssl/err.h>
 #include <openssl/engine.h>
 
-#if defined(__FreeBSD__)
+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
 # define USE_TOD
 #elif !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
 # define TIMES
 #endif
-#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE)
+#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(MPE) && !defined(__NetBSD__)
 # define TIMEB
 #endif
 
@@ -116,7 +116,7 @@
 #include <sys/timeb.h>
 #endif
 
-#if !defined(TIMES) && !defined(TIMEB)
+#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD)
 #error "It seems neither struct tms nor struct timeb is supported in this platform!"
 #endif
 
@@ -865,6 +865,7 @@ int MAIN(int argc, char **argv)
 		}
 #endif
 
+#ifndef NO_DSA
 	dsa_c[R_DSA_512][0]=count/1000;
 	dsa_c[R_DSA_512][1]=count/1000/2;
 	for (i=1; i<DSA_NUM; i++)
@@ -882,6 +883,7 @@ int MAIN(int argc, char **argv)
 				}
 			}				
 		}
+#endif
 
 #define COND(d)	(count < (d))
 #define COUNT(d) (d)
@@ -1207,7 +1209,7 @@ int MAIN(int argc, char **argv)
 			{
 			BIO_printf(bio_err,"RSA verify failure.  No RSA verify will be done.\n");
 			ERR_print_errors(bio_err);
-			dsa_doit[j] = 0;
+			rsa_doit[j] = 0;
 			}
 		else
 			{

apps/x509.c

@@ -894,8 +894,10 @@ bad:
 
 				BIO_printf(bio_err,"Generating certificate request\n");
 
+#ifndef NO_DSA
 		                if (pk->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
+#endif
 
 				rq=X509_to_X509_REQ(x,pk,digest);
 				EVP_PKEY_free(pk);

config

@@ -49,10 +49,18 @@ if [ "x$XREL" != "x" ]; then
 		echo "whatever-whatever-sco5"; exit 0
 		;;
 	    4.2MP)
-		if [ "x$VERSION" = "x2.1.1" ]; then
+		if [ "x$VERSION" = "x2.01" ]; then
+		    echo "${MACHINE}-whatever-unixware201"; exit 0
+		elif [ "x$VERSION" = "x2.02" ]; then
+		    echo "${MACHINE}-whatever-unixware202"; exit 0
+		elif [ "x$VERSION" = "x2.03" ]; then
+		    echo "${MACHINE}-whatever-unixware203"; exit 0
+		elif [ "x$VERSION" = "x2.1.1" ]; then
 		    echo "${MACHINE}-whatever-unixware211"; exit 0
 		elif [ "x$VERSION" = "x2.1.2" ]; then
 		    echo "${MACHINE}-whatever-unixware212"; exit 0
+		elif [ "x$VERSION" = "x2.1.3" ]; then
+		    echo "${MACHINE}-whatever-unixware213"; exit 0
 		else
 		    echo "${MACHINE}-whatever-unixware2"; exit 0
 		fi
@@ -79,6 +87,14 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
 	echo "m68k-apple-aux3"; exit 0
 	;;
 
+    AIX:[3456789]:4:*)
+	echo "${MACHINE}-ibm-aix43"; exit 0
+	;;
+
+    AIX:*:[56789]:*)
+	echo "${MACHINE}-ibm-aix43"; exit 0
+	;;
+
     AIX:*)
 	echo "${MACHINE}-ibm-aix"; exit 0
 	;;
@@ -168,7 +184,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
         ;;
 
     NetBSD:*:*:*386*)
-        echo "`/usr/sbin/sysctl -n hw.model | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
+        echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
 	;;
 
     NetBSD:*)
@@ -393,10 +409,16 @@ case "$GUESSOS" in
 	;;
   mips4-sgi-irix64)
 	echo "WARNING! If you wish to build 64-bit library, then you have to"
-	echo "         invoke './Configre irix64-mips4-$CC' *manually*."
-	echo "         Type Ctrl-C if you don't want to continue."
+	echo "         invoke './Configure irix64-mips4-$CC' *manually*."
+	echo "         Type return if you want to continue, Ctrl-C to abort."
 	read waste < /dev/tty
-	options="$options -mips4"
+        CPU=`(hinv -t cpu) 2>/dev/null | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+        CPU=${CPU:-0}
+        if [ $CPU -ge 5000 ]; then
+                options="$options -mips4"
+        else
+                options="$options -mips3"
+        fi
 	OUT="irix-mips3-$CC"
 	;;
   alpha-*-linux2)
@@ -423,11 +445,11 @@ case "$GUESSOS" in
 	#till 64-bit glibc for SPARC is operational:-(
 	#echo "WARNING! If you wish to build 64-bit library, then you have to"
 	#echo "         invoke './Configure linux64-sparcv9' *manually*."
-	#echo "         Type Ctrl-C if you don't want to continue."
+	#echo "         Type return if you want to continue, Ctrl-C to abort."
 	#read waste < /dev/tty
 	OUT="linux-sparcv9" ;;
   sparc-*-linux2)
-	KARCH=`awk '/type/{print$3}' /proc/cpuinfo`
+	KARCH=`awk '/^type/{print$3}' /proc/cpuinfo`
 	case ${KARCH:-sun4} in
 	sun4u*)	OUT="linux-sparcv9" ;;
 	sun4m)	OUT="linux-sparcv8" ;;
@@ -435,6 +457,7 @@ case "$GUESSOS" in
 	*)	OUT="linux-sparcv7" ;;
 	esac ;;
   arm*-*-linux2) OUT="linux-elf-arm" ;;
+  s390-*-linux2) OUT="linux-s390" ;;
   *-*-linux2) OUT="linux-elf" ;;
   *-*-linux1) OUT="linux-aout" ;;
   sun4u*-*-solaris2)
@@ -442,7 +465,7 @@ case "$GUESSOS" in
 	if [ "$ISA64" != "" -a "$CC" = "cc" -a $CCVER -ge 50 ]; then
 		echo "WARNING! If you wish to build 64-bit library, then you have to"
 		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
-		echo "         Type Ctrl-C if you don't want to continue."
+		echo "         Type return if you want to continue, Ctrl-C to abort."
 		read waste < /dev/tty
 	fi
 	OUT="solaris-sparcv9-$CC" ;;
@@ -466,9 +489,12 @@ case "$GUESSOS" in
   *-*-unixware7) OUT="unixware-7" ;;
   *-*-UnixWare7) OUT="unixware-7" ;;
   *-*-Unixware7) OUT="unixware-7" ;;
-  *-*-unixware[1-2]*) OUT="unixware-2.0" ;;
-  *-*-UnixWare[1-2]*) OUT="unixware-2.0" ;;
-  *-*-Unixware[1-2]*) OUT="unixware-2.0" ;;
+  *-*-unixware20*) OUT="unixware-2.0" ;;
+  *-*-unixware21*) OUT="unixware-2.1" ;;
+  *-*-UnixWare20*) OUT="unixware-2.0" ;;
+  *-*-UnixWare21*) OUT="unixware-2.1" ;;
+  *-*-Unixware20*) OUT="unixware-2.0" ;;
+  *-*-Unixware21*) OUT="unixware-2.1" ;;
   BS2000-siemens-sysv4) OUT="BS2000-OSD" ;;
   RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
   *-siemens-sysv4) OUT="SINIX" ;;
@@ -573,7 +599,7 @@ OUT="$PREFIX$OUT"
 
 $PERL ./Configure LIST | grep "$OUT" > /dev/null
 if [ $? = "0" ]; then
-  #echo Configuring for $OUT
+  echo Configuring for $OUT
 
   if [ "$TEST" = "true" ]; then
     echo $PERL ./Configure $OUT $options

crypto/Makefile.ssl

@@ -34,8 +34,8 @@ SDIRS=	md2 md5 sha mdc2 hmac ripemd \
 GENERAL=Makefile README crypto-lib.com install.com
 
 LIB= $(TOP)/libcrypto.a
-LIBSRC=	cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c
-LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o
+LIBSRC=	cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o
 
 SRC= $(LIBSRC)
 
@@ -90,7 +90,8 @@ links:
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 libs:
@@ -197,3 +198,6 @@ tmdiff.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
 tmdiff.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
 tmdiff.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
 tmdiff.o: ../include/openssl/tmdiff.h cryptlib.h
+uid.o: ../include/openssl/crypto.h ../include/openssl/opensslv.h
+uid.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+uid.o: ../include/openssl/symhacks.h

crypto/asn1/Makefile.ssl

@@ -75,7 +75,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/asn1/a_strnid.c

@@ -133,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
 	if(tbl) {
 		mask = tbl->mask;
 		if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
-		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask,
+		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
 					tbl->minsize, tbl->maxsize);
 	} else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
 	if(ret <= 0) return NULL;

crypto/asn1/a_type.c

@@ -123,6 +123,8 @@ int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
 		break;
 	case V_ASN1_SET:
 	case V_ASN1_SEQUENCE:
+	case V_ASN1_OTHER:
+	default:
 		if (a->value.set == NULL)
 			r=0;
 		else
@@ -159,6 +161,8 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
 
 	inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
 	if (inf & 0x80) goto err;
+	/* If not universal tag we've no idea what it is */
+	if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
 	
 	ASN1_TYPE_component_free(ret);
 
@@ -245,6 +249,8 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
 		break;
 	case V_ASN1_SET:
 	case V_ASN1_SEQUENCE:
+	case V_ASN1_OTHER:
+	default:
 		/* Sets and sequences are left complete */
 		if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
 		ret->value.set->type=tag;
@@ -252,9 +258,6 @@ ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
 		if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
 		p+=len;
 		break;
-	default:
-		ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
-		goto err;
 		}
 
 	ret->type=tag;
@@ -312,6 +315,8 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
 		case V_ASN1_OBJECT:
 			ASN1_OBJECT_free(a->value.object);
 			break;
+		case V_ASN1_NULL:
+			break;
 		case V_ASN1_INTEGER:
 		case V_ASN1_NEG_INTEGER:
 		case V_ASN1_ENUMERATED:
@@ -333,10 +338,9 @@ static void ASN1_TYPE_component_free(ASN1_TYPE *a)
 		case V_ASN1_UNIVERSALSTRING:
 		case V_ASN1_BMPSTRING:
 		case V_ASN1_UTF8STRING:
-			ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
-			break;
+		case V_ASN1_OTHER:
 		default:
-			/* MEMORY LEAK */
+			ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
 			break;
 			}
 		a->type=0;

crypto/asn1/asn1.h

@@ -83,6 +83,7 @@ extern "C" {
 #define V_ASN1_PRIMATIVE_TAG		0x1f
 
 #define V_ASN1_APP_CHOOSE		-2	/* let the recipient choose */
+#define V_ASN1_OTHER			-3	/* used in ASN1_TYPE */
 
 #define V_ASN1_NEG			0x100	/* negative flag */
 

crypto/asn1/asn1_lib.c

@@ -301,7 +301,7 @@ int asn1_GetSequence(ASN1_CTX *c, long *length)
 		return(0);
 		}
 	if (c->inf == (1|V_ASN1_CONSTRUCTED))
-		c->slen= *length+ *(c->pp)-c->p;
+		c->slen= *length;
 	c->eos=0;
 	return(1);
 	}

crypto/asn1/asn1_mac.h

@@ -196,6 +196,9 @@ err:\
 	if ((a != NULL) && (sk_##type##_num(a) != 0)) \
 		M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
 
+#define M_ASN1_I2D_put_SEQUENCE_opt_ex_type(type,a,f) \
+	if (a) M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
+
 #define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
 	if ((c.slen != 0) && \
 		(M_ASN1_next == \
@@ -389,6 +392,9 @@ err:\
 		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
 			M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
 
+#define M_ASN1_I2D_len_SEQUENCE_opt_ex_type(type,a,f) \
+		if (a) M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
+
 #define M_ASN1_I2D_len_IMP_SET(a,f,x) \
 		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
 
@@ -452,6 +458,15 @@ err:\
 			ret+=ASN1_object_size(1,v,mtag); \
 			}
 
+#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
+		if (a)\
+			{ \
+			v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
+						 V_ASN1_UNIVERSAL, \
+						 IS_SEQUENCE); \
+			ret+=ASN1_object_size(1,v,mtag); \
+			}
+
 /* Put Macros */
 #define M_ASN1_I2D_put(a,f)	f(a,&p)
 
@@ -536,6 +551,14 @@ err:\
 					       IS_SEQUENCE); \
 			}
 
+#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(type,a,f,mtag,tag,v) \
+		if (a) \
+			{ \
+			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+			i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
+					       IS_SEQUENCE); \
+			}
+
 #define M_ASN1_I2D_seq_total() \
 		r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
 		if (pp == NULL) return(r); \

crypto/asn1/p7_lib.c

@@ -307,12 +307,14 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
 			}
 		if (Tinf == (1|V_ASN1_CONSTRUCTED))
 			{
+			c.q=c.p;
 			if (!ASN1_check_infinite_end(&c.p,c.slen))
 				{
 				c.error=ERR_R_MISSING_ASN1_EOS;
 				c.line=__LINE__;
 				goto err;
 				}
+			c.slen-=(c.p-c.q);
 			}
 		}
 	else

crypto/asn1/t_x509.c

@@ -349,6 +349,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 	ll=80-2-obase;
 
 	s=X509_NAME_oneline(name,buf,256);
+	if (!*s)
+		return 1;
 	s++; /* skip the first slash */
 
 	l=ll;

crypto/asn1/x_crl.c

@@ -71,14 +71,14 @@ int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
 
 	M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
 	M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
-	M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+	M_ASN1_I2D_len_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
 					 i2d_X509_EXTENSION);
 
 	M_ASN1_I2D_seq_total();
 
 	M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
 	M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
-	M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+	M_ASN1_I2D_put_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
 					 i2d_X509_EXTENSION);
 
 	M_ASN1_I2D_finish();
@@ -121,7 +121,7 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
 		{ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
 	M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
 					 i2d_X509_REVOKED);
-	M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+	M_ASN1_I2D_len_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
 					     i2d_X509_EXTENSION,0,
 					     V_ASN1_SEQUENCE,v1);
 
@@ -138,7 +138,7 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
 		{ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
 	M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
 					 i2d_X509_REVOKED);
-	M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
+	M_ASN1_I2D_put_EXP_SEQUENCE_opt_ex_type(X509_EXTENSION,a->extensions,
 					     i2d_X509_EXTENSION,0,
 					     V_ASN1_SEQUENCE,v1);
 
@@ -260,7 +260,7 @@ X509_CRL_INFO *X509_CRL_INFO_new(void)
 	M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
 	ret->nextUpdate=NULL;
 	M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
-	M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null);
+	ret->extensions = NULL;
 	sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
 	return(ret);
 	M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);

crypto/asn1/x_name.c

@@ -141,10 +141,12 @@ static int i2d_X509_NAME_entries(X509_NAME *a)
 			}
 		size+=i2d_X509_NAME_ENTRY(ne,NULL);
 		}
-
-	ret+=ASN1_object_size(1,size,V_ASN1_SET);
 	if (fe != NULL)
+		{
+		/* SET OF needed only if entries is non empty */
+		ret+=ASN1_object_size(1,size,V_ASN1_SET);
 		fe->size=size;
+		}
 
 	r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
 

crypto/asn1/x_pubkey.c

@@ -234,7 +234,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	a=key->algor;
 	if (ret->type == EVP_PKEY_DSA)
 		{
-		if (a->parameter->type == V_ASN1_SEQUENCE)
+		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 			{
 			ret->pkey.dsa->write_params=0;
 			p=a->parameter->value.sequence->data;

crypto/bf/Makefile.ssl

@@ -44,7 +44,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 # elf

crypto/bio/Makefile.ssl

@@ -49,7 +49,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:
@@ -95,13 +96,13 @@ b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 b_dump.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 b_dump.o: ../cryptlib.h
-b_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-b_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-b_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-b_print.o: ../cryptlib.h
+b_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_print.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+b_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+b_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h
 b_sock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 b_sock.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
 b_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

crypto/bio/b_print.c

@@ -69,6 +69,7 @@
 #ifndef NO_SYS_TYPES_H
 #include <sys/types.h>
 #endif
+#include <openssl/bn.h>         /* To get BN_LLONG properly defined */
 #include <openssl/bio.h>
 
 #ifdef BN_LLONG
@@ -108,7 +109,11 @@
 #endif
 
 #if HAVE_LONG_LONG
-#define LLONG long long
+# if defined(WIN32) && !defined(__GNUC__)
+# define LLONG _int64
+# else
+# define LLONG long long
+# endif
 #else
 #define LLONG long
 #endif
@@ -151,7 +156,7 @@ static void _dopr(char **sbuffer, char **buffer,
 
 /* some handy macros */
 #define char_to_int(p) (p - '0')
-#define MAX(p,q) ((p >= q) ? p : q)
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
 
 static void
 _dopr(
@@ -502,13 +507,13 @@ fmtint(
     convert[place] = 0;
 
     zpadlen = max - place;
-    spadlen = min - MAX(max, place) - (signvalue ? 1 : 0);
+    spadlen = min - OSSL_MAX(max, place) - (signvalue ? 1 : 0);
     if (zpadlen < 0)
         zpadlen = 0;
     if (spadlen < 0)
         spadlen = 0;
     if (flags & DP_F_ZERO) {
-        zpadlen = MAX(zpadlen, spadlen);
+        zpadlen = OSSL_MAX(zpadlen, spadlen);
         spadlen = 0;
     }
     if (flags & DP_F_MINUS)
@@ -640,7 +645,7 @@ fmtfp(
             (caps ? "0123456789ABCDEF"
               : "0123456789abcdef")[fracpart % 10];
         fracpart = (fracpart / 10);
-    } while (fracpart && (fplace < 20));
+    } while (fplace < max);
     if (fplace == 20)
         fplace--;
     fconvert[fplace] = 0;

crypto/bio/b_sock.c

@@ -113,8 +113,8 @@ int BIO_get_host_ip(const char *str, unsigned char *ip)
 
 	/* At this point, we have something that is most probably correct
 	   in some way, so let's init the socket. */
-	if (!BIO_sock_init())
-		return(0); /* don't generate another error code here */
+	if (BIO_sock_init() != 1)
+		return 0; /* don't generate another error code here */
 
 	/* If the string actually contained an IP address, we need not do
 	   anything more */
@@ -519,15 +519,15 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 	{
 	int ret=0;
 	struct sockaddr_in server,client;
-	int s= -1,cs;
+	int s=INVALID_SOCKET,cs;
 	unsigned char ip[4];
 	unsigned short port;
-	char *str,*e;
+	char *str=NULL,*e;
 	const char *h,*p;
 	unsigned long l;
 	int err_num;
 
-	if (!BIO_sock_init()) return(INVALID_SOCKET);
+	if (BIO_sock_init() != 1) return(INVALID_SOCKET);
 
 	if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
 
@@ -553,7 +553,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 		h="*";
 		}
 
-	if (!BIO_get_port(p,&port)) return(INVALID_SOCKET);
+	if (!BIO_get_port(p,&port)) goto err;
 
 	memset((char *)&server,0,sizeof(server));
 	server.sin_family=AF_INET;
@@ -563,7 +563,7 @@ int BIO_get_accept_socket(char *host, int bind_mode)
 		server.sin_addr.s_addr=INADDR_ANY;
 	else
 		{
-		if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET);
+                if (!BIO_get_host_ip(h,&(ip[0]))) goto err;
 		l=(unsigned long)
 			((unsigned long)ip[0]<<24L)|
 			((unsigned long)ip[1]<<16L)|

crypto/bio/bf_buff.c

@@ -70,7 +70,7 @@ static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
 static int buffer_new(BIO *h);
 static int buffer_free(BIO *data);
 static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define DEFAULT_BUFFER_SIZE	1024
+#define DEFAULT_BUFFER_SIZE	4096
 
 static BIO_METHOD methods_buffer=
 	{

crypto/bn/Makefile.ssl

@@ -68,7 +68,8 @@ bnbug: bnbug.c ../../libcrypto.a top
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 # elf

crypto/bn/asm/mips3.s

@@ -1,5 +1,5 @@
 .rdata
-.asciiz "mips3.s, Version 1.0"
+.asciiz	"mips3.s, Version 1.1"
 .asciiz	"MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
 
 /*
@@ -586,13 +586,13 @@ LEAF(bn_div_3_words)
 	ld	a0,(a3)
 	move	ta2,a1
 	ld	a1,-8(a3)
-	move	ta3,ra
-	move	v1,zero
+	bne	a0,a2,.L_bn_div_3_words_proceed
 	li	v0,-1
-	beq	a0,a2,.L_bn_div_3_words_skip_div
+	jr	ra
+.L_bn_div_3_words_proceed:
+	move	ta3,ra
 	bal	bn_div_words
 	move	ra,ta3
-.L_bn_div_3_words_skip_div:
 	dmultu	ta2,v0
 	ld	t2,-16(a3)
 	move	ta0,zero
@@ -849,6 +849,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
 	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -856,7 +857,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -884,6 +886,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
 	dmultu	a_3,b_1		/* mul_add_c(a[3],b[1],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -891,7 +894,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -928,6 +932,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
 	dmultu	a_1,b_4		/* mul_add_c(a[1],b[4],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -935,7 +940,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_2,b_3		/* mul_add_c(a[2],b[3],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -981,6 +987,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
 	dmultu	a_5,b_1		/* mul_add_c(a[5],b[1],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -988,7 +995,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_4,b_2		/* mul_add_c(a[4],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1043,6 +1051,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
 	dmultu	a_1,b_6		/* mul_add_c(a[1],b[6],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1050,7 +1059,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_2,b_5		/* mul_add_c(a[2],b[5],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1114,6 +1124,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
 	dmultu	a_6,b_2		/* mul_add_c(a[6],b[2],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1121,7 +1132,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_5,b_3		/* mul_add_c(a[5],b[3],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1176,6 +1188,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
 	dmultu	a_3,b_6		/* mul_add_c(a[3],b[6],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1183,7 +1196,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_4,b_5		/* mul_add_c(a[4],b[5],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1229,6 +1243,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
 	dmultu	a_6,b_4		/* mul_add_c(a[6],b[4],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1236,7 +1251,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_5,b_5		/* mul_add_c(a[5],b[5],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1273,6 +1289,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
 	dmultu	a_5,b_6		/* mul_add_c(a[5],b[6],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1280,7 +1297,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_6,b_5		/* mul_add_c(a[6],b[5],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1308,6 +1326,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
 	dmultu	a_6,b_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1315,7 +1334,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_5,b_7		/* mul_add_c(a[5],b[7],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1334,6 +1354,7 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
 	dmultu	a_7,b_6		/* mul_add_c(a[7],b[6],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1341,7 +1362,8 @@ LEAF(bn_mul_comba8)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	sd	c_2,104(a0)	/* r[13]=c2; */
 
 	dmultu	a_7,b_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
@@ -1430,6 +1452,7 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
 	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1437,7 +1460,8 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1465,6 +1489,7 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
 	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1472,7 +1497,8 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_1,b_3		/* mul_add_c(a[1],b[3],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -1491,6 +1517,7 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
 	dmultu	a_3,b_2		/* mul_add_c(a[3],b[2],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1498,7 +1525,8 @@ LEAF(bn_mul_comba4)
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	sd	c_3,40(a0)
 
 	dmultu	a_3,b_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
@@ -1543,28 +1571,30 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	c_3,t_2,AT
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
 	sd	c_2,8(a0)
 
 	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -1579,24 +1609,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_1,a_2		/* mul_add_c2(a[1],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -1608,24 +1640,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_4,a_0		/* mul_add_c2(a[4],b[0],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
-	sltu	AT,c_3,a2
+	slt	AT,t_2,zero
 	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
@@ -1646,24 +1680,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_0,a_5		/* mul_add_c2(a[0],b[5],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_1,a_4		/* mul_add_c2(a[1],b[4],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
-	sltu	AT,c_1,a2
+	slt	AT,t_2,zero
 	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
@@ -1673,12 +1709,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
-	sltu	AT,c_1,a2
+	slt	AT,t_2,zero
 	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
@@ -1690,24 +1726,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_6,a_0		/* mul_add_c2(a[6],b[0],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_5,a_1		/* mul_add_c2(a[5],b[1],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -1717,12 +1755,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_4,a_2		/* mul_add_c2(a[4],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -1743,24 +1781,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_0,a_7		/* mul_add_c2(a[0],b[7],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_1,a_6		/* mul_add_c2(a[1],b[6],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
-	sltu	AT,c_3,a2
+	slt	AT,t_2,zero
 	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
@@ -1770,12 +1810,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_2,a_5		/* mul_add_c2(a[2],b[5],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
-	sltu	AT,c_3,a2
+	slt	AT,t_2,zero
 	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
@@ -1785,12 +1825,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_3,a_4		/* mul_add_c2(a[3],b[4],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
-	sltu	AT,c_3,a2
+	slt	AT,t_2,zero
 	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
@@ -1802,24 +1842,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_7,a_1		/* mul_add_c2(a[7],b[1],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_6,a_2		/* mul_add_c2(a[6],b[2],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
-	sltu	AT,c_1,a2
+	slt	AT,t_2,zero
 	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
@@ -1829,12 +1871,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_5,a_3		/* mul_add_c2(a[5],b[3],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
-	sltu	AT,c_1,a2
+	slt	AT,t_2,zero
 	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
@@ -1855,24 +1897,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_2,a_7		/* mul_add_c2(a[2],b[7],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_3,a_6		/* mul_add_c2(a[3],b[6],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -1882,12 +1926,12 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_4,a_5		/* mul_add_c2(a[4],b[5],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -1899,24 +1943,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_7,a_3		/* mul_add_c2(a[7],b[3],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_6,a_4		/* mul_add_c2(a[6],b[4],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
-	sltu	AT,c_3,a2
+	slt	AT,t_2,zero
 	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
@@ -1937,24 +1983,26 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_4,a_7		/* mul_add_c2(a[4],b[7],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_5,a_6		/* mul_add_c2(a[5],b[6],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
-	sltu	AT,c_1,a2
+	slt	AT,t_2,zero
 	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
@@ -1966,15 +2014,17 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_7,a_5		/* mul_add_c2(a[7],b[5],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_6,a_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
@@ -1989,15 +2039,17 @@ LEAF(bn_sqr_comba8)
 	dmultu	a_6,a_7		/* mul_add_c2(a[6],b[7],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	sd	c_2,104(a0)
 
 	dmultu	a_7,a_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
@@ -2028,28 +2080,30 @@ LEAF(bn_sqr_comba4)
 	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	c_3,t_2,AT
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	t_2,AT
-	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
 	sd	c_2,8(a0)
 
 	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
@@ -2064,24 +2118,26 @@ LEAF(bn_sqr_comba4)
 	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
 	daddu	c_2,t_2
-	sltu	c_3,c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
 	dmultu	a_1,a_2		/* mul_add_c(a2[1],b[2],c1,c2,c3); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_1,t_1
-	sltu	AT,c_1,t_1
-	daddu	a2,t_2,AT
-	daddu	c_2,a2
-	sltu	AT,c_2,a2
+	slt	AT,t_2,zero
 	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_1,t_1
 	sltu	AT,c_1,t_1
 	daddu	t_2,AT
@@ -2093,15 +2149,17 @@ LEAF(bn_sqr_comba4)
 	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_2,t_1
-	sltu	AT,c_2,t_1
-	daddu	a2,t_2,AT
-	daddu	c_3,a2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_2,t_1
 	sltu	AT,c_2,t_1
 	daddu	t_2,AT
 	daddu	c_3,t_2
-	sltu	c_1,c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
 	dmultu	a_2,a_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
 	mflo	t_1
 	mfhi	t_2
@@ -2116,15 +2174,17 @@ LEAF(bn_sqr_comba4)
 	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
 	mflo	t_1
 	mfhi	t_2
-	daddu	c_3,t_1
-	sltu	AT,c_3,t_1
-	daddu	a2,t_2,AT
-	daddu	c_1,a2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
 	daddu	c_3,t_1
 	sltu	AT,c_3,t_1
 	daddu	t_2,AT
 	daddu	c_1,t_2
-	sltu	c_2,c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
 	sd	c_3,40(a0)
 
 	dmultu	a_3,a_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */

crypto/bn/asm/pa-risc2.s

@@ -1611,7 +1611,7 @@ bn_mul_comba4
 	.IMPORT	$global$,DATA
 	.SPACE	$TEXT$
 	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16
+	.SUBSPA	$LIT$,ACCESS=0x2c
 C$7
 	.ALIGN	8
 	.STRINGZ	"Division would overflow (%d)\n"

crypto/bn/asm/pa-risc2W.s

@@ -1598,7 +1598,7 @@ bn_mul_comba4
 	.IMPORT	$global$,DATA
 	.SPACE	$TEXT$
 	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16
+	.SUBSPA	$LIT$,ACCESS=0x2c
 C$4
 	.ALIGN	8
 	.STRINGZ	"Division would overflow (%d)\n"

crypto/bn/bn.h

@@ -239,7 +239,7 @@ typedef struct bignum_st
 	} BIGNUM;
 
 /* Used for temp variables */
-#define BN_CTX_NUM	12
+#define BN_CTX_NUM	16
 #define BN_CTX_NUM_POS	12
 typedef struct bignum_ctx
 	{
@@ -328,6 +328,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx);
 void	BN_CTX_end(BN_CTX *ctx);
 int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
 int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int	BN_rand_range(BIGNUM *rnd, BIGNUM *range);
 int	BN_num_bits(const BIGNUM *a);
 int	BN_num_bits_word(BN_ULONG);
 BIGNUM *BN_new(void);
@@ -467,6 +468,8 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
 # define bn_dump(a,b)
 #endif
 
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -493,16 +496,19 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num);
 #define BN_F_BN_MPI2BN					 112
 #define BN_F_BN_NEW					 113
 #define BN_F_BN_RAND					 114
+#define BN_F_BN_RAND_RANGE				 122
 #define BN_F_BN_USUB					 115
 
 /* Reason codes. */
 #define BN_R_ARG2_LT_ARG3				 100
 #define BN_R_BAD_RECIPROCAL				 101
+#define BN_R_BIGNUM_TOO_LONG				 114
 #define BN_R_CALLED_WITH_EVEN_MODULUS			 102
 #define BN_R_DIV_BY_ZERO				 103
 #define BN_R_ENCODING_ERROR				 104
 #define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA		 105
 #define BN_R_INVALID_LENGTH				 106
+#define BN_R_INVALID_RANGE				 115
 #define BN_R_NOT_INITIALIZED				 107
 #define BN_R_NO_INVERSE					 108
 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES		 109

crypto/bn/bn_div.c

@@ -180,13 +180,13 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 
 	BN_CTX_start(ctx);
 	tmp=BN_CTX_get(ctx);
-	tmp->neg=0;
 	snum=BN_CTX_get(ctx);
 	sdiv=BN_CTX_get(ctx);
 	if (dv == NULL)
 		res=BN_CTX_get(ctx);
 	else	res=dv;
-	if (res == NULL) goto err;
+	if (sdiv==NULL || res == NULL) goto err;
+	tmp->neg=0;
 
 	/* First we normalise the numbers */
 	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
@@ -237,7 +237,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	for (i=0; i<loop-1; i++)
 		{
 		BN_ULONG q,l0;
-#ifdef BN_DIV3W
+#if defined(BN_DIV3W) && !defined(NO_ASM)
+		BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
 		q=bn_div_3_words(wnump,d1,d0);
 #else
 		BN_ULONG n0,n1,rem=0;

crypto/bn/bn_err.c

@@ -84,6 +84,7 @@ static ERR_STRING_DATA BN_str_functs[]=
 {ERR_PACK(0,BN_F_BN_MPI2BN,0),	"BN_mpi2bn"},
 {ERR_PACK(0,BN_F_BN_NEW,0),	"BN_new"},
 {ERR_PACK(0,BN_F_BN_RAND,0),	"BN_rand"},
+{ERR_PACK(0,BN_F_BN_RAND_RANGE,0),	"BN_rand_range"},
 {ERR_PACK(0,BN_F_BN_USUB,0),	"BN_usub"},
 {0,NULL}
 	};
@@ -92,11 +93,13 @@ static ERR_STRING_DATA BN_str_reasons[]=
 	{
 {BN_R_ARG2_LT_ARG3                       ,"arg2 lt arg3"},
 {BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
+{BN_R_BIGNUM_TOO_LONG                    ,"bignum too long"},
 {BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
 {BN_R_DIV_BY_ZERO                        ,"div by zero"},
 {BN_R_ENCODING_ERROR                     ,"encoding error"},
 {BN_R_EXPAND_ON_STATIC_BIGNUM_DATA       ,"expand on static bignum data"},
 {BN_R_INVALID_LENGTH                     ,"invalid length"},
+{BN_R_INVALID_RANGE                      ,"invalid range"},
 {BN_R_NOT_INITIALIZED                    ,"not initialized"},
 {BN_R_NO_INVERSE                         ,"no inverse"},
 {BN_R_TOO_MANY_TEMPORARY_VARIABLES       ,"too many temporary variables"},

crypto/bn/bn_lib.c

@@ -62,6 +62,7 @@
 #endif
 
 #include <assert.h>
+#include <limits.h>
 #include <stdio.h>
 #include "cryptlib.h"
 #include "bn_lcl.h"
@@ -319,6 +320,12 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
 
 	if (words > b->dmax)
 		{
+		if (words > (INT_MAX/(4*BN_BITS2)))
+			{
+			BNerr(BN_F_BN_EXPAND2,BN_R_BIGNUM_TOO_LONG);
+			return NULL;
+			}
+			
 		bn_check_top(b);	
 		if (BN_get_flags(b,BN_FLG_STATIC_DATA))
 			{

crypto/bn/bn_rand.c

@@ -76,7 +76,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 
 	bytes=(bits+7)/8;
 	bit=(bits-1)%8;
-	mask=0xff<<bit;
+	mask=0xff<<(bit+1);
 
 	buf=(unsigned char *)OPENSSL_malloc(bytes);
 	if (buf == NULL)
@@ -100,25 +100,48 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 			goto err;
 		}
 
-	if (top)
+#if 1
+	if (pseudorand == 2)
 		{
-		if (bit == 0)
+		/* generate patterns that are more likely to trigger BN
+		   library bugs */
+		int i;
+		unsigned char c;
+
+		for (i = 0; i < bytes; i++)
 			{
-			buf[0]=1;
-			buf[1]|=0x80;
+			RAND_pseudo_bytes(&c, 1);
+			if (c >= 128 && i > 0)
+				buf[i] = buf[i-1];
+			else if (c < 42)
+				buf[i] = 0;
+			else if (c < 84)
+				buf[i] = 255;
+			}
+		}
+#endif
+
+	if (top != -1)
+		{
+		if (top)
+			{
+			if (bit == 0)
+				{
+				buf[0]=1;
+				buf[1]|=0x80;
+				}
+			else
+				{
+				buf[0]|=(3<<(bit-1));
+				}
 			}
 		else
 			{
-			buf[0]|=(3<<(bit-1));
-			buf[0]&= ~(mask<<1);
+			buf[0]|=(1<<bit);
 			}
 		}
-	else
-		{
-		buf[0]|=(1<<bit);
-		buf[0]&= ~(mask<<1);
-		}
-	if (bottom) /* set bottom bits to whatever odd is */
+	buf[0] &= ~mask;
+	if (bottom) /* set bottom bit if requested */
 		buf[bytes-1]|=1;
 	if (!BN_bin2bn(buf,bytes,rnd)) goto err;
 	ret=1;
@@ -140,3 +163,61 @@ int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
 	{
 	return bnrand(1, rnd, bits, top, bottom);
 	}
+
+#if 1
+int     BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
+	{
+	return bnrand(2, rnd, bits, top, bottom);
+	}
+#endif
+
+/* random number r:  0 <= r < range */
+int	BN_rand_range(BIGNUM *r, BIGNUM *range)
+	{
+	int n;
+
+	if (range->neg || BN_is_zero(range))
+		{
+		BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
+		return 0;
+		}
+
+	n = BN_num_bits(range); /* n > 0 */
+
+	if (n == 1)
+		{
+		if (!BN_zero(r)) return 0;
+		}
+	else if (BN_is_bit_set(range, n - 2))
+		{
+		do
+			{
+			/* range = 11..._2, so each iteration succeeds with probability >= .75 */
+			if (!BN_rand(r, n, -1, 0)) return 0;
+			}
+		while (BN_cmp(r, range) >= 0);
+		}
+	else
+		{
+		/* range = 10..._2,
+		 * so  3*range (= 11..._2)  is exactly one bit longer than  range */
+		do
+			{
+			if (!BN_rand(r, n + 1, -1, 0)) return 0;
+			/* If  r < 3*range,  use  r := r MOD range
+			 * (which is either  r, r - range,  or  r - 2*range).
+			 * Otherwise, iterate once more.
+			 * Since  3*range = 11..._2, each iteration succeeds with
+			 * probability >= .75. */
+			if (BN_cmp(r ,range) >= 0)
+				{
+				if (!BN_sub(r, r, range)) return 0;
+				if (BN_cmp(r, range) >= 0)
+					if (!BN_sub(r, r, range)) return 0;
+				}
+			}
+		while (BN_cmp(r, range) >= 0);
+		}
+
+	return 1;
+	}

crypto/bn/bn_shift.c

@@ -172,6 +172,11 @@ int BN_rshift(BIGNUM *r, BIGNUM *a, int n)
 		r->neg=a->neg;
 		if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
 		}
+	else
+		{
+		if (n == 0)
+			return 1; /* or the copying loop will go berserk */
+		}
 
 	f= &(a->d[nw]);
 	t=r->d;

crypto/bn/bntest.c

@@ -107,11 +107,9 @@ static const char rnd_seed[] = "string to make the random number generator think
 static void message(BIO *out, char *m)
 	{
 	fprintf(stderr, "test %s\n", m);
-#if defined(linux) || defined(__FreeBSD__) /* can we use GNU bc features? */
 	BIO_puts(out, "print \"test ");
 	BIO_puts(out, m);
 	BIO_puts(out, "\\n\"\n");
-#endif
 	}
 
 int main(int argc, char *argv[])
@@ -122,9 +120,7 @@ int main(int argc, char *argv[])
 
 	results = 0;
 
-	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
-	                                       * even check its return value
-	                                       * (which we should) */
+	RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
 
 	argc--;
 	argv++;
@@ -253,10 +249,10 @@ int test_add(BIO *bp)
 	BN_init(&b);
 	BN_init(&c);
 
-	BN_rand(&a,512,0,0);
+	BN_bntest_rand(&a,512,0,0);
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&b,450+i,0,0);
+		BN_bntest_rand(&b,450+i,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -305,14 +301,14 @@ int test_sub(BIO *bp)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,512,0,0);
+			BN_bntest_rand(&a,512,0,0);
 			BN_copy(&b,&a);
 			if (BN_set_bit(&a,i)==0) return(0);
 			BN_add_word(&b,i);
 			}
 		else
 			{
-			BN_rand(&b,400+i-num1,0,0);
+			BN_bntest_rand(&b,400+i-num1,0,0);
 			a.neg=rand_neg();
 			b.neg=rand_neg();
 			}
@@ -362,13 +358,13 @@ int test_div(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -432,13 +428,13 @@ int test_div_recp(BIO *bp, BN_CTX *ctx)
 		{
 		if (i < num1)
 			{
-			BN_rand(&a,400,0,0);
+			BN_bntest_rand(&a,400,0,0);
 			BN_copy(&b,&a);
 			BN_lshift(&a,&a,i);
 			BN_add_word(&a,i);
 			}
 		else
-			BN_rand(&b,50+3*(i-num1),0,0);
+			BN_bntest_rand(&b,50+3*(i-num1),0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		BN_RECP_CTX_set(&recp,&b,ctx);
@@ -509,11 +505,11 @@ int test_mul(BIO *bp)
 		{
 		if (i <= num1)
 			{
-			BN_rand(&a,100,0,0);
-			BN_rand(&b,100,0,0);
+			BN_bntest_rand(&a,100,0,0);
+			BN_bntest_rand(&b,100,0,0);
 			}
 		else
-			BN_rand(&b,i-num1,0,0);
+			BN_bntest_rand(&b,i-num1,0,0);
 		a.neg=rand_neg();
 		b.neg=rand_neg();
 		if (bp == NULL)
@@ -562,7 +558,7 @@ int test_sqr(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(&a,40+i*10,0,0);
+		BN_bntest_rand(&a,40+i*10,0,0);
 		a.neg=rand_neg();
 		if (bp == NULL)
 			for (j=0; j<100; j++)
@@ -613,15 +609,15 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 
 	mont=BN_MONT_CTX_new();
 
-	BN_rand(&a,100,0,0); /**/
-	BN_rand(&b,100,0,0); /**/
+	BN_bntest_rand(&a,100,0,0); /**/
+	BN_bntest_rand(&b,100,0,0); /**/
 	for (i=0; i<num2; i++)
 		{
 		int bits = (200*(i+1))/num2;
 
 		if (bits == 0)
 			continue;
-		BN_rand(&n,bits,0,1);
+		BN_bntest_rand(&n,bits,0,1);
 		BN_MONT_CTX_set(mont,&n,ctx);
 
 		BN_to_montgomery(&A,&a,mont,ctx);
@@ -683,10 +679,10 @@ int test_mod(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(a,1024,0,0); /**/
+	BN_bntest_rand(a,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(b,450+i*10,0,0); /**/
+		BN_bntest_rand(b,450+i*10,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
 		if (bp == NULL)
@@ -732,11 +728,11 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,1024,0,0); /**/
+	BN_bntest_rand(c,1024,0,0); /**/
 	for (i=0; i<num0; i++)
 		{
-		BN_rand(a,475+i*10,0,0); /**/
-		BN_rand(b,425+i*11,0,0); /**/
+		BN_bntest_rand(a,475+i*10,0,0); /**/
+		BN_bntest_rand(b,425+i*11,0,0); /**/
 		a->neg=rand_neg();
 		b->neg=rand_neg();
 	/*	if (bp == NULL)
@@ -794,11 +790,11 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
 	d=BN_new();
 	e=BN_new();
 
-	BN_rand(c,30,0,1); /* must be odd for montgomery */
+	BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_mod_exp(d,a,b,c,ctx))
 			return(00);
@@ -848,8 +844,8 @@ int test_exp(BIO *bp, BN_CTX *ctx)
 
 	for (i=0; i<num2; i++)
 		{
-		BN_rand(a,20+i*5,0,0); /**/
-		BN_rand(b,2+i,0,0); /**/
+		BN_bntest_rand(a,20+i*5,0,0); /**/
+		BN_bntest_rand(b,2+i,0,0); /**/
 
 		if (!BN_exp(d,a,b,ctx))
 			return(00);
@@ -899,7 +895,7 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
 	else
 	    {
 	    a=BN_new();
-	    BN_rand(a,200,0,0); /**/
+	    BN_bntest_rand(a,200,0,0); /**/
 	    a->neg=rand_neg();
 	    }
 	for (i=0; i<num0; i++)
@@ -951,7 +947,7 @@ int test_lshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -995,7 +991,7 @@ int test_rshift(BIO *bp,BN_CTX *ctx)
 	e=BN_new();
 	BN_one(c);
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{
@@ -1038,7 +1034,7 @@ int test_rshift1(BIO *bp)
 	b=BN_new();
 	c=BN_new();
 
-	BN_rand(a,200,0,0); /**/
+	BN_bntest_rand(a,200,0,0); /**/
 	a->neg=rand_neg();
 	for (i=0; i<num0; i++)
 		{

crypto/buffer/Makefile.ssl

@@ -39,7 +39,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/cast/Makefile.ssl

@@ -47,7 +47,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 # elf

crypto/comp/Makefile.ssl

@@ -42,7 +42,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/conf/Makefile.ssl

@@ -40,7 +40,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/conf/conf.h

@@ -167,6 +167,8 @@ int NCONF_dump_bio(CONF *conf, BIO *out);
 #define CONF_R_MISSING_EQUAL_SIGN			 101
 #define CONF_R_NO_CLOSE_BRACE				 102
 #define CONF_R_NO_CONF					 105
+#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE		 106
+#define CONF_R_NO_SECTION				 107
 #define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
 #define CONF_R_VARIABLE_HAS_NO_VALUE			 104
 

crypto/conf/conf_err.c

@@ -87,6 +87,8 @@ static ERR_STRING_DATA CONF_str_reasons[]=
 {CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
 {CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
 {CONF_R_NO_CONF                          ,"no conf"},
+{CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE  ,"no conf or environment variable"},
+{CONF_R_NO_SECTION                       ,"no section"},
 {CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
 {CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
 {0,NULL}

crypto/conf/conf_lib.c

@@ -131,38 +131,59 @@ LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
 
 STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section)
 	{
-	CONF ctmp;
+	if (conf == NULL)
+		{
+		return NULL;
+		}
+	else
+		{
+		CONF ctmp;
 
-	if (default_CONF_method == NULL)
-		default_CONF_method = NCONF_default();
+		if (default_CONF_method == NULL)
+			default_CONF_method = NCONF_default();
 
-	default_CONF_method->init(&ctmp);
-	ctmp.data = conf;
-	return NCONF_get_section(&ctmp, section);
+		default_CONF_method->init(&ctmp);
+		ctmp.data = conf;
+		return NCONF_get_section(&ctmp, section);
+		}
 	}
 
 char *CONF_get_string(LHASH *conf,char *group,char *name)
 	{
-	CONF ctmp;
+	if (conf == NULL)
+		{
+		return NCONF_get_string(NULL, group, name);
+		}
+	else
+		{
+		CONF ctmp;
 
-	if (default_CONF_method == NULL)
-		default_CONF_method = NCONF_default();
+		if (default_CONF_method == NULL)
+			default_CONF_method = NCONF_default();
 
-	default_CONF_method->init(&ctmp);
-	ctmp.data = conf;
-	return NCONF_get_string(&ctmp, group, name);
+		default_CONF_method->init(&ctmp);
+		ctmp.data = conf;
+		return NCONF_get_string(&ctmp, group, name);
+		}
 	}
 
 long CONF_get_number(LHASH *conf,char *group,char *name)
 	{
-	CONF ctmp;
+	if (conf == NULL)
+		{
+		return NCONF_get_number(NULL, group, name);
+		}
+	else
+		{
+		CONF ctmp;
 
-	if (default_CONF_method == NULL)
-		default_CONF_method = NCONF_default();
+		if (default_CONF_method == NULL)
+			default_CONF_method = NCONF_default();
 
-	default_CONF_method->init(&ctmp);
-	ctmp.data = conf;
-	return NCONF_get_number(&ctmp, group, name);
+		default_CONF_method->init(&ctmp);
+		ctmp.data = conf;
+		return NCONF_get_number(&ctmp, group, name);
+		}
 	}
 
 void CONF_free(LHASH *conf)
@@ -299,27 +320,46 @@ STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section)
 		return NULL;
 		}
 
+	if (section == NULL)
+		{
+		CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
+		return NULL;
+		}
+
 	return _CONF_get_section_values(conf, section);
 	}
 
 char *NCONF_get_string(CONF *conf,char *group,char *name)
 	{
+	char *s = _CONF_get_string(conf, group, name);
+
+        /* Since we may get a value from an environment variable even
+           if conf is NULL, let's check the value first */
+        if (s) return s;
+
 	if (conf == NULL)
 		{
-		CONFerr(CONF_F_NCONF_GET_STRING,CONF_R_NO_CONF);
+		CONFerr(CONF_F_NCONF_GET_STRING,
+                        CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
 		return NULL;
 		}
-
-	return _CONF_get_string(conf, group, name);
+	return NULL;
 	}
 
 long NCONF_get_number(CONF *conf,char *group,char *name)
 	{
+#if 0 /* As with _CONF_get_string(), we rely on the possibility of finding
+         an environment variable with a suitable name.  Unfortunately, there's
+         no way with the current API to see if we found one or not...
+         The meaning of this is that if a number is not found anywhere, it
+         will always default to 0. */
 	if (conf == NULL)
 		{
-		CONFerr(CONF_F_NCONF_GET_NUMBER,CONF_R_NO_CONF);
+		CONFerr(CONF_F_NCONF_GET_NUMBER,
+                        CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
 		return 0;
 		}
+#endif
 	
 	return _CONF_get_number(conf, group, name);
 	}

crypto/cryptlib.c

@@ -241,7 +241,7 @@ void CRYPTO_destroy_dynlockid(int i)
 			}
 		else
 #endif
-			if (--(pointer->references) <= 0)
+			if (pointer->references <= 0)
 				{
 				sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
 				}
@@ -396,16 +396,15 @@ void CRYPTO_lock(int mode, int type, const char *file, int line)
 #endif
 	if (type < 0)
 		{
-		int i = -type - 1;
 		struct CRYPTO_dynlock_value *pointer
-			= CRYPTO_get_dynlock_value(i);
+			= CRYPTO_get_dynlock_value(type);
 
-		if (pointer)
+		if (pointer && dynlock_lock_callback)
 			{
 			dynlock_lock_callback(mode, pointer, file, line);
 			}
 
-		CRYPTO_destroy_dynlockid(i);
+		CRYPTO_destroy_dynlockid(type);
 		}
 	else
 		if (locking_callback != NULL)
@@ -431,7 +430,6 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
 			CRYPTO_get_lock_name(type),
 			file,line);
 #endif
-		*pointer=ret;
 		}
 	else
 		{

crypto/crypto-lib.com

@@ -174,7 +174,7 @@ $!
 $ APPS_DES = "DES/DES,CBC3_ENC"
 $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
 $
-$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err"
+$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid"
 $ LIB_MD2 = "md2_dgst,md2_one"
 $ LIB_MD4 = "md4_dgst,md4_one"
 $ LIB_MD5 = "md5_dgst,md5_one"

crypto/crypto.h

@@ -278,6 +278,8 @@ int CRYPTO_is_mem_check_on(void);
 const char *SSLeay_version(int type);
 unsigned long SSLeay(void);
 
+int OPENSSL_issetugid(void);
+
 int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp,
 	     CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);

crypto/des/Makefile.ssl

@@ -57,7 +57,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 des: des.o cbc3_enc.o lib

crypto/des/asm/des-586.pl

@@ -20,11 +20,11 @@ $L="edi";
 $R="esi";
 
 &external_label("des_SPtrans");
-&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt1",1);
 &des_encrypt("des_encrypt2",0);
 &des_encrypt3("des_encrypt3",1);
 &des_encrypt3("des_decrypt3",0);
-&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ncbc_encrypt","des_encrypt1","des_encrypt1",0,4,5,3,5,-1);
 &cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
 
 &asm_finish();

crypto/des/asm/des686.pl

@@ -46,7 +46,7 @@ EOF
 $L="edi";
 $R="esi";
 
-&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt1",1);
 &des_encrypt("des_encrypt2",0);
 
 &des_encrypt3("des_encrypt3",1);

crypto/des/asm/readme

@@ -8,7 +8,7 @@ assembler for the inner DES routines in libdes :-).
 
 The file to implement in assembler is des_enc.c.  Replace the following
 4 functions
-des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
 des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
 des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
 des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);

crypto/des/cbc_cksm.c

@@ -82,7 +82,7 @@ DES_LONG des_cbc_cksum(const unsigned char *in, des_cblock *output,
 			
 		tin0^=tout0; tin[0]=tin0;
 		tin1^=tout1; tin[1]=tin1;
-		des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+		des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
 		/* fix 15/10/91 eay - thanks to keithr@sco.COM */
 		tout0=tin[0];
 		tout1=tin[1];

crypto/des/cfb64enc.c

@@ -82,7 +82,7 @@ void des_cfb64_encrypt(const unsigned char *in, unsigned char *out,
 				{
 				c2l(iv,v0); ti[0]=v0;
 				c2l(iv,v1); ti[1]=v1;
-				des_encrypt(ti,schedule,DES_ENCRYPT);
+				des_encrypt1(ti,schedule,DES_ENCRYPT);
 				iv = &(*ivec)[0];
 				v0=ti[0]; l2c(v0,iv);
 				v0=ti[1]; l2c(v0,iv);
@@ -102,7 +102,7 @@ void des_cfb64_encrypt(const unsigned char *in, unsigned char *out,
 				{
 				c2l(iv,v0); ti[0]=v0;
 				c2l(iv,v1); ti[1]=v1;
-				des_encrypt(ti,schedule,DES_ENCRYPT);
+				des_encrypt1(ti,schedule,DES_ENCRYPT);
 				iv = &(*ivec)[0];
 				v0=ti[0]; l2c(v0,iv);
 				v0=ti[1]; l2c(v0,iv);

crypto/des/cfb_enc.c

@@ -100,7 +100,7 @@ void des_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 			l-=n;
 			ti[0]=v0;
 			ti[1]=v1;
-			des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+			des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
 			c2ln(in,d0,d1,n);
 			in+=n;
 			d0=(d0^ti[0])&mask0;
@@ -132,7 +132,7 @@ void des_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 			l-=n;
 			ti[0]=v0;
 			ti[1]=v1;
-			des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+			des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
 			c2ln(in,d0,d1,n);
 			in+=n;
 			/* 30-08-94 - eay - changed because l>>32 and

crypto/des/des.h

@@ -147,14 +147,14 @@ void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
 	Data is a pointer to 2 unsigned long's and ks is the
 	des_key_schedule to use.  enc, is non zero specifies encryption,
 	zero if decryption. */
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt1(DES_LONG *data,des_key_schedule ks, int enc);
 
-/* 	This functions is the same as des_encrypt() except that the DES
+/* 	This functions is the same as des_encrypt1() except that the DES
 	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for des_encrypt(), you should not use this function.
+	out.  As for des_encrypt1(), you should not use this function.
 	It is used by the routines in the library that implement triple DES.
 	IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
-	as des_encrypt() des_encrypt() des_encrypt() except faster :-). */
+	as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
 void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
 
 void des_encrypt3(DES_LONG *data, des_key_schedule ks1,

crypto/des/des_enc.c

@@ -58,7 +58,7 @@
 
 #include "des_locl.h"
 
-void des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
+void des_encrypt1(DES_LONG *data, des_key_schedule ks, int enc)
 	{
 	register DES_LONG l,r,t,u;
 #ifdef DES_PTR

crypto/des/des_opts.c

@@ -118,7 +118,7 @@ extern void exit();
 #undef DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#define des_encrypt  des_encrypt_u4_cisc_idx
+#define des_encrypt1 des_encrypt_u4_cisc_idx
 #define des_encrypt2 des_encrypt2_u4_cisc_idx
 #define des_encrypt3 des_encrypt3_u4_cisc_idx
 #define des_decrypt3 des_decrypt3_u4_cisc_idx
@@ -130,11 +130,11 @@ extern void exit();
 #undef DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_cisc_idx
+#define des_encrypt1 des_encrypt_u16_cisc_idx
 #define des_encrypt2 des_encrypt2_u16_cisc_idx
 #define des_encrypt3 des_encrypt3_u16_cisc_idx
 #define des_decrypt3 des_decrypt3_u16_cisc_idx
@@ -146,11 +146,11 @@ extern void exit();
 #undef DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u4_risc1_idx
+#define des_encrypt1 des_encrypt_u4_risc1_idx
 #define des_encrypt2 des_encrypt2_u4_risc1_idx
 #define des_encrypt3 des_encrypt3_u4_risc1_idx
 #define des_decrypt3 des_decrypt3_u4_risc1_idx
@@ -166,11 +166,11 @@ extern void exit();
 #define DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u4_risc2_idx
+#define des_encrypt1 des_encrypt_u4_risc2_idx
 #define des_encrypt2 des_encrypt2_u4_risc2_idx
 #define des_encrypt3 des_encrypt3_u4_risc2_idx
 #define des_decrypt3 des_decrypt3_u4_risc2_idx
@@ -182,11 +182,11 @@ extern void exit();
 #undef DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_risc1_idx
+#define des_encrypt1 des_encrypt_u16_risc1_idx
 #define des_encrypt2 des_encrypt2_u16_risc1_idx
 #define des_encrypt3 des_encrypt3_u16_risc1_idx
 #define des_decrypt3 des_decrypt3_u16_risc1_idx
@@ -198,11 +198,11 @@ extern void exit();
 #define DES_RISC2
 #undef DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_risc2_idx
+#define des_encrypt1 des_encrypt_u16_risc2_idx
 #define des_encrypt2 des_encrypt2_u16_risc2_idx
 #define des_encrypt3 des_encrypt3_u16_risc2_idx
 #define des_decrypt3 des_decrypt3_u16_risc2_idx
@@ -218,11 +218,11 @@ extern void exit();
 #undef DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u4_cisc_ptr
+#define des_encrypt1 des_encrypt_u4_cisc_ptr
 #define des_encrypt2 des_encrypt2_u4_cisc_ptr
 #define des_encrypt3 des_encrypt3_u4_cisc_ptr
 #define des_decrypt3 des_decrypt3_u4_cisc_ptr
@@ -234,11 +234,11 @@ extern void exit();
 #undef DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_cisc_ptr
+#define des_encrypt1 des_encrypt_u16_cisc_ptr
 #define des_encrypt2 des_encrypt2_u16_cisc_ptr
 #define des_encrypt3 des_encrypt3_u16_cisc_ptr
 #define des_decrypt3 des_decrypt3_u16_cisc_ptr
@@ -250,11 +250,11 @@ extern void exit();
 #undef DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u4_risc1_ptr
+#define des_encrypt1 des_encrypt_u4_risc1_ptr
 #define des_encrypt2 des_encrypt2_u4_risc1_ptr
 #define des_encrypt3 des_encrypt3_u4_risc1_ptr
 #define des_decrypt3 des_decrypt3_u4_risc1_ptr
@@ -270,11 +270,11 @@ extern void exit();
 #define DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u4_risc2_ptr
+#define des_encrypt1 des_encrypt_u4_risc2_ptr
 #define des_encrypt2 des_encrypt2_u4_risc2_ptr
 #define des_encrypt3 des_encrypt3_u4_risc2_ptr
 #define des_decrypt3 des_decrypt3_u4_risc2_ptr
@@ -286,11 +286,11 @@ extern void exit();
 #undef DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_risc1_ptr
+#define des_encrypt1 des_encrypt_u16_risc1_ptr
 #define des_encrypt2 des_encrypt2_u16_risc1_ptr
 #define des_encrypt3 des_encrypt3_u16_risc1_ptr
 #define des_decrypt3 des_decrypt3_u16_risc1_ptr
@@ -302,11 +302,11 @@ extern void exit();
 #define DES_RISC2
 #define DES_PTR
 #undef D_ENCRYPT
-#undef des_encrypt
+#undef des_encrypt1
 #undef des_encrypt2
 #undef des_encrypt3
 #undef des_decrypt3
-#define des_encrypt  des_encrypt_u16_risc2_ptr
+#define des_encrypt1 des_encrypt_u16_risc2_ptr
 #define des_encrypt2 des_encrypt2_u16_risc2_ptr
 #define des_encrypt3 des_encrypt3_u16_risc2_ptr
 #define des_decrypt3 des_decrypt3_u16_risc2_ptr
@@ -453,7 +453,7 @@ int main(int argc, char **argv)
 		count*=2;
 		Time_F(START);
 		for (i=count; i; i--)
-			des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+			des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
 		d=Time_F(STOP);
 		} while (d < 3.0);
 	ca=count;

crypto/des/dess.cpp

@@ -45,19 +45,19 @@ void main(int argc,char *argv[])
 		{
 		for (i=0; i<1000; i++) /**/
 			{
-			des_encrypt(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
 			GetTSC(s1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
 			GetTSC(e1);
 			GetTSC(s2);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
-			des_encrypt(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
 			GetTSC(e2);
-			des_encrypt(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
 			}
 
 		printf("des %d %d (%d)\n",

crypto/des/ecb_enc.c

@@ -114,7 +114,7 @@ void des_ecb_encrypt(const_des_cblock *input, des_cblock *output,
 
 	c2l(in,l); ll[0]=l;
 	c2l(in,l); ll[1]=l;
-	des_encrypt(ll,ks,enc);
+	des_encrypt1(ll,ks,enc);
 	l=ll[0]; l2c(l,out);
 	l=ll[1]; l2c(l,out);
 	l=ll[0]=ll[1]=0;

crypto/des/ede_cbcm_enc.c

@@ -95,7 +95,7 @@ void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
 	    {
 	    tin[0]=m0;
 	    tin[1]=m1;
-	    des_encrypt(tin,ks3,1);
+	    des_encrypt1(tin,ks3,1);
 	    m0=tin[0];
 	    m1=tin[1];
 
@@ -113,13 +113,13 @@ void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
 
 	    tin[0]=tin0;
 	    tin[1]=tin1;
-	    des_encrypt(tin,ks1,1);
+	    des_encrypt1(tin,ks1,1);
 	    tin[0]^=m0;
 	    tin[1]^=m1;
-	    des_encrypt(tin,ks2,0);
+	    des_encrypt1(tin,ks2,0);
 	    tin[0]^=m0;
 	    tin[1]^=m1;
-	    des_encrypt(tin,ks1,1);
+	    des_encrypt1(tin,ks1,1);
 	    tout0=tin[0];
 	    tout1=tin[1];
 
@@ -146,7 +146,7 @@ void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
 	    {
 	    tin[0]=m0;
 	    tin[1]=m1;
-	    des_encrypt(tin,ks3,1);
+	    des_encrypt1(tin,ks3,1);
 	    m0=tin[0];
 	    m1=tin[1];
 
@@ -158,13 +158,13 @@ void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
 
 	    tin[0]=tin0;
 	    tin[1]=tin1;
-	    des_encrypt(tin,ks1,0);
+	    des_encrypt1(tin,ks1,0);
 	    tin[0]^=m0;
 	    tin[1]^=m1;
-	    des_encrypt(tin,ks2,1);
+	    des_encrypt1(tin,ks2,1);
 	    tin[0]^=m0;
 	    tin[1]^=m1;
-	    des_encrypt(tin,ks1,0);
+	    des_encrypt1(tin,ks1,0);
 	    tout0=tin[0];
 	    tout1=tin[1];
 

crypto/des/ncbc_enc.c

@@ -89,7 +89,7 @@ void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 			c2l(in,tin1);
 			tin0^=tout0; tin[0]=tin0;
 			tin1^=tout1; tin[1]=tin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
 			tout0=tin[0]; l2c(tout0,out);
 			tout1=tin[1]; l2c(tout1,out);
 			}
@@ -98,7 +98,7 @@ void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 			c2ln(in,tin0,tin1,l+8);
 			tin0^=tout0; tin[0]=tin0;
 			tin1^=tout1; tin[1]=tin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
 			tout0=tin[0]; l2c(tout0,out);
 			tout1=tin[1]; l2c(tout1,out);
 			}
@@ -116,7 +116,7 @@ void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 			{
 			c2l(in,tin0); tin[0]=tin0;
 			c2l(in,tin1); tin[1]=tin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2c(tout0,out);
@@ -128,7 +128,7 @@ void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 			{
 			c2l(in,tin0); tin[0]=tin0;
 			c2l(in,tin1); tin[1]=tin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			l2cn(tout0,tout1,out,l+8);

crypto/des/ofb64enc.c

@@ -87,7 +87,7 @@ void des_ofb64_encrypt(register const unsigned char *in,
 		{
 		if (n == 0)
 			{
-			des_encrypt(ti,schedule,DES_ENCRYPT);
+			des_encrypt1(ti,schedule,DES_ENCRYPT);
 			dp=d;
 			t=ti[0]; l2c(t,dp);
 			t=ti[1]; l2c(t,dp);

crypto/des/ofb_enc.c

@@ -101,7 +101,7 @@ void des_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
 		{
 		ti[0]=v0;
 		ti[1]=v1;
-		des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+		des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
 		vv0=ti[0];
 		vv1=ti[1];
 		c2ln(in,d0,d1,n);

crypto/des/pcbc_enc.c

@@ -85,7 +85,7 @@ void des_pcbc_encrypt(const unsigned char *input, unsigned char *output,
 				c2ln(in,sin0,sin1,length);
 			tin[0]=sin0^xor0;
 			tin[1]=sin1^xor1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
 			tout0=tin[0];
 			tout1=tin[1];
 			xor0=sin0^tout0;
@@ -103,7 +103,7 @@ void des_pcbc_encrypt(const unsigned char *input, unsigned char *output,
 			c2l(in,sin1);
 			tin[0]=sin0;
 			tin[1]=sin1;
-			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
 			tout0=tin[0]^xor0;
 			tout1=tin[1]^xor1;
 			if (length >= 8)

crypto/des/speed.c

@@ -204,7 +204,7 @@ int main(int argc, char **argv)
 		count*=2;
 		Time_F(START);
 		for (i=count; i; i--)
-			des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+			des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
 		d=Time_F(STOP);
 		} while (d < 3.0);
 	ca=count;
@@ -241,7 +241,7 @@ int main(int argc, char **argv)
 		{
 		DES_LONG data[2];
 
-		des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+		des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
 		}
 	d=Time_F(STOP);
 	printf("%ld des_encrypt's in %.2f second\n",count,d);

crypto/des/xcbc_enc.c

@@ -138,7 +138,7 @@ void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
 			c2l(in,tin1);
 			tin0^=tout0^inW0; tin[0]=tin0;
 			tin1^=tout1^inW1; tin[1]=tin1;
-			des_encrypt(tin,schedule,DES_ENCRYPT);
+			des_encrypt1(tin,schedule,DES_ENCRYPT);
 			tout0=tin[0]^outW0; l2c(tout0,out);
 			tout1=tin[1]^outW1; l2c(tout1,out);
 			}
@@ -147,7 +147,7 @@ void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
 			c2ln(in,tin0,tin1,l+8);
 			tin0^=tout0^inW0; tin[0]=tin0;
 			tin1^=tout1^inW1; tin[1]=tin1;
-			des_encrypt(tin,schedule,DES_ENCRYPT);
+			des_encrypt1(tin,schedule,DES_ENCRYPT);
 			tout0=tin[0]^outW0; l2c(tout0,out);
 			tout1=tin[1]^outW1; l2c(tout1,out);
 			}
@@ -163,7 +163,7 @@ void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
 			{
 			c2l(in,tin0); tin[0]=tin0^outW0;
 			c2l(in,tin1); tin[1]=tin1^outW1;
-			des_encrypt(tin,schedule,DES_DECRYPT);
+			des_encrypt1(tin,schedule,DES_DECRYPT);
 			tout0=tin[0]^xor0^inW0;
 			tout1=tin[1]^xor1^inW1;
 			l2c(tout0,out);
@@ -175,7 +175,7 @@ void des_xcbc_encrypt(const unsigned char *in, unsigned char *out,
 			{
 			c2l(in,tin0); tin[0]=tin0^outW0;
 			c2l(in,tin1); tin[1]=tin1^outW1;
-			des_encrypt(tin,schedule,DES_DECRYPT);
+			des_encrypt1(tin,schedule,DES_DECRYPT);
 			tout0=tin[0]^xor0^inW0;
 			tout1=tin[1]^xor1^inW1;
 			l2cn(tout0,tout1,out,l+8);

crypto/dh/Makefile.ssl

@@ -39,7 +39,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/dh/dh_key.c

@@ -100,7 +100,6 @@ DH_METHOD *DH_OpenSSL(void)
 static int generate_key(DH *dh)
 	{
 	int ok=0;
-	unsigned int i;
 	BN_CTX ctx;
 	BN_MONT_CTX *mont;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -109,15 +108,11 @@ static int generate_key(DH *dh)
 
 	if (dh->priv_key == NULL)
 		{
-		i=dh->length;
-		if (i == 0)
-			{
-			/* Make the number p-1 bits long */
-			i=BN_num_bits(dh->p)-1;
-			}
 		priv_key=BN_new();
 		if (priv_key == NULL) goto err;
-		if (!BN_rand(priv_key,i,0,0)) goto err;
+		do
+			if (!BN_rand_range(priv_key, dh->p)) goto err;
+		while (BN_is_zero(priv_key));
 		}
 	else
 		priv_key=dh->priv_key;

crypto/dh/dh_lib.c

@@ -168,13 +168,13 @@ DH *DH_new_method(ENGINE *engine)
 	ret->method_mont_p=NULL;
 	ret->references = 1;
 	ret->flags=meth->flags;
+	CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
 	if ((meth->init != NULL) && !meth->init(ret))
 		{
+		CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data);
 		OPENSSL_free(ret);
 		ret=NULL;
 		}
-	else
-		CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
 	return(ret);
 	}
 
@@ -196,12 +196,12 @@ void DH_free(DH *r)
 	}
 #endif
 
-	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
-
 	meth = ENGINE_get_DH(r->engine);
 	if(meth->finish) meth->finish(r);
 	ENGINE_finish(r->engine);
 
+	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
+
 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->g != NULL) BN_clear_free(r->g);
 	if (r->q != NULL) BN_clear_free(r->q);

crypto/dsa/Makefile.ssl

@@ -41,7 +41,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/dsa/dsa.h

@@ -248,6 +248,7 @@ DH *DSA_dup_DH(DSA *r);
 
 /* Reason codes. */
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+#define DSA_R_MISSING_PARAMETERS			 101
 
 #ifdef  __cplusplus
 }

crypto/dsa/dsa_err.c

@@ -85,6 +85,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
 static ERR_STRING_DATA DSA_str_reasons[]=
 	{
 {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{DSA_R_MISSING_PARAMETERS                ,"missing parameters"},
 {0,NULL}
 	};
 

crypto/dsa/dsa_key.c

@@ -68,7 +68,6 @@
 int DSA_generate_key(DSA *dsa)
 	{
 	int ok=0;
-	unsigned int i;
 	BN_CTX *ctx=NULL;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
 
@@ -81,15 +80,9 @@ int DSA_generate_key(DSA *dsa)
 	else
 		priv_key=dsa->priv_key;
 
-	i=BN_num_bits(dsa->q);
-	for (;;)
-		{
-		if (!BN_rand(priv_key,i,0,0))
-			goto err;
-		if (BN_cmp(priv_key,dsa->q) >= 0)
-			BN_sub(priv_key,priv_key,dsa->q);
-		if (!BN_is_zero(priv_key)) break;
-		}
+	do
+		if (!BN_rand_range(priv_key,dsa->q)) goto err;
+	while (BN_is_zero(priv_key));
 
 	if (dsa->pub_key == NULL)
 		{

crypto/dsa/dsa_lib.c

@@ -173,13 +173,13 @@ DSA *DSA_new_method(ENGINE *engine)
 
 	ret->references=1;
 	ret->flags=meth->flags;
+	CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
 	if ((meth->init != NULL) && !meth->init(ret))
 		{
+		CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data);
 		OPENSSL_free(ret);
 		ret=NULL;
 		}
-	else
-		CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data);
 	
 	return(ret);
 	}
@@ -204,12 +204,12 @@ void DSA_free(DSA *r)
 		}
 #endif
 
-	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
-
 	meth = ENGINE_get_DSA(r->engine);
 	if(meth->finish) meth->finish(r);
 	ENGINE_finish(r->engine);
 
+	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);
+
 	if (r->p != NULL) BN_clear_free(r->p);
 	if (r->q != NULL) BN_clear_free(r->q);
 	if (r->g != NULL) BN_clear_free(r->g);

crypto/dsa/dsa_ossl.c

@@ -106,6 +106,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	int i,reason=ERR_R_BN_LIB;
 	DSA_SIG *ret=NULL;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		reason=DSA_R_MISSING_PARAMETERS;
+		goto err;
+		}
 	BN_init(&m);
 	BN_init(&xr);
 	s=BN_new();
@@ -168,6 +173,11 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	BIGNUM k,*kinv=NULL,*r=NULL;
 	int ret=0;
 
+	if (!dsa->p || !dsa->q || !dsa->g)
+		{
+		DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
+		return 0;
+		}
 	if (ctx_in == NULL)
 		{
 		if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -180,13 +190,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	kinv=NULL;
 
 	/* Get random k */
-	for (;;)
-		{
-		if (!BN_rand(&k, BN_num_bits(dsa->q), 0, 0)) goto err;
-		if (BN_cmp(&k,dsa->q) >= 0)
-			BN_sub(&k,&k,dsa->q);
-		if (!BN_is_zero(&k)) break;
-		}
+	do
+		if (!BN_rand_range(&k, dsa->q)) goto err;
+	while (BN_is_zero(&k));
 
 	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
 		{
@@ -235,6 +241,17 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	BN_init(&u2);
 	BN_init(&t1);
 
+	if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+		{
+		ret = 0;
+		goto err;
+		}
+	if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+		{
+		ret = 0;
+		goto err;
+		}
+
 	/* Calculate W = inv(S) mod Q
 	 * save W in u2 */
 	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;

crypto/dso/Makefile.ssl

@@ -41,7 +41,8 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
+	@echo You may get an error following this line.  Please ignore.
+	- $(RANLIB) $(LIB)
 	@touch lib
 
 files:

crypto/dso/dso_dl.c

@@ -82,7 +82,7 @@ static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
 static int dl_init(DSO *dso);
 static int dl_finish(DSO *dso);
 #endif
-static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
+static long dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
 
 static DSO_METHOD dso_meth_dl = {
 	"OpenSSL 'dl' shared library method",
@@ -111,6 +111,11 @@ DSO_METHOD *DSO_METHOD_dl(void)
  * type so the cast is safe.
  */
 
+#if defined(__hpux)
+static const char extension[] = ".sl";
+#else
+static const char extension[] = ".so";
+#endif
 static int dl_load(DSO *dso, const char *filename)
 	{
 	shl_t ptr;
@@ -118,12 +123,12 @@ static int dl_load(DSO *dso, const char *filename)
 	int len;
 
 	/* The same comment as in dlfcn_load applies here. bleurgh. */
-	len = strlen(filename);
+	len = strlen(filename) + strlen(extension);
 	if((dso->flags & DSO_FLAG_NAME_TRANSLATION) &&
-			(len + 6 < DSO_MAX_TRANSLATED_SIZE) &&
+			(len + 3 < DSO_MAX_TRANSLATED_SIZE) &&
 			(strstr(filename, "/") == NULL))
 		{
-		sprintf(translated, "lib%s.so", filename);
+		sprintf(translated, "lib%s%s", filename, extension);
 		ptr = shl_load(translated, BIND_IMMEDIATE, NULL);
 		}
 	else
@@ -187,7 +192,7 @@ static void *dl_bind_var(DSO *dso, const char *symname)
 		DSOerr(DSO_F_DL_BIND_VAR,DSO_R_NULL_HANDLE);
 		return(NULL);
 		}
-	if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0)
+	if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0)
 		{
 		DSOerr(DSO_F_DL_BIND_VAR,DSO_R_SYM_FAILURE);
 		return(NULL);
@@ -216,7 +221,7 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
 		DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_NULL_HANDLE);
 		return(NULL);
 		}
-	if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0)
+	if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0)
 		{
 		DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_SYM_FAILURE);
 		return(NULL);
@@ -224,7 +229,7 @@ static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
 	return((DSO_FUNC_TYPE)sym);
 	}
 
-static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg)
+static long dl_ctrl(DSO *dso, int cmd, long larg, void *parg)
 	{
 	if(dso == NULL)
 		{
@@ -236,10 +241,10 @@ static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg)
 	case DSO_CTRL_GET_FLAGS:
 		return dso->flags;
 	case DSO_CTRL_SET_FLAGS:
-		dso->flags = (int)larg;
+		dso->flags = larg;
 		return(0);
 	case DSO_CTRL_OR_FLAGS:
-		dso->flags |= (int)larg;
+		dso->flags |= larg;
 		return(0);
 	default:
 		break;