This commit was manufactured by cvs2svn to create tag 'STATE_before_zlib'.

Forgot one.
Add a few items I intend to work on for 0.9.8 and on.
2002-12-07 20:03:43 +00:00 · 2002-12-07 20:03:42 +00:00 · 2002-12-07 20:02:20 +00:00 · 2002-12-06 17:18:10 +00:00 · 2002-12-06 08:50:06 +00:00 · 2002-12-06 08:43:41 +00:00
172 changed files with 1144 additions and 1043 deletions
--- a/7
+++ b/7
@@ -335,6 +335,11 @@ TODO: bug: pad  x  with leading zeros if necessary
 
 Changes between 0.9.6h and 0.9.7  [XX xxx 2002]

+  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+     octets have been read, EOF or an error occurs. Without this change
+     some truncated ASN1 structures will not produce an error.
+     [Steve Henson]
+
  *) Disable Heimdal support, since it hasn't been fully implemented.
     Still give the possibility to force the use of Heimdal, but with
     warnings and a request that patches get sent to openssl-dev.
@@ -2114,7 +2119,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  *) Clean old EAY MD5 hack from e_os.h.
     [Richard Levitte]

- Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
+ Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]

  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
     memory from it's contents.  This is done with a counter that will
--- a/6
+++ b/6
@@ -203,9 +203,8 @@ my %table=(
 # it's a real mess with -mcpu=ultrasparc option under Linux, but
 # -Wa,-Av8plus should do the trick no matter what.
 "linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# !!!Folowing can't be even tested yet!!!
-#    We have to wait till 64-bit glibc for SPARC is operational!!!
-#"linux64-sparcv9","sparc64-linux-gcc:-m64 -mcpu=v9 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:ULTRASPARC::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:",
+# GCC 3.1 is a requirement
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

 # Sunos configs, assuming sparc for the gcc one.
 ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:::",
@@ -392,6 +391,7 @@ my %table=(
 "linux-s390",	"gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-s390x",	"gcc:-DB_ENDIAN -DTERMIO -DNO_ASM -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64", "gcc:-DL_ENDIAN -DNO_ASM ::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--- a/2
+++ b/2
@@ -66,7 +66,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?

 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6g was released on August 9, 2002.
+OpenSSL 0.9.6h was released on December 5, 2002.

 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
--- a/INSTALL.DJGPP
+++ b/INSTALL.DJGPP
@@ -12,12 +12,14 @@
 latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
 requires that PERL and BC also be installed.

- All of these can be obtained from the usual DJGPP mirror sites, such as
- "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to have
- the WATT-32 networking package installed before you try to compile
- openssl. This can be obtained from "http://www.bgnett.no/~giva/". The
- Makefile assumes that the WATT-32 code is in directory "watt32" under
- /dev/env/DJDIR.
+ All of these can be obtained from the usual DJGPP mirror sites, such
+ as "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to
+ have the WATT-32 networking package installed before you try to compile
+ openssl. This can be obtained from "http://www.bgnett.no/~giva/".
+ The Makefile assumes that the WATT-32 code is in the directory
+ specified by the environment variable WATT_ROOT. If you have watt-32
+ in directory "watt32" under your main DJGPP directory, specify
+ WATT_ROOT="/dev/env/DJDIR/watt32".

 To compile openssl, start your BASH shell. Then configure for DOS by
 running "./Configure" with appropriate arguments. The basic syntax for
--- a/INSTALL.WCE
+++ b/INSTALL.WCE
@@ -11,6 +11,9 @@
 You also need Perl for Win32.  You will need ActiveState Perl, available
 from http://www.activestate.com/ActivePerl.

+ Windows CE support in OpenSSL relies on wcecompat.  All Windows CE specific
+ issues should be directed to www.essemer.com.au.
+
 The C Runtime Library implementation for Windows CE that is included with
 Microsoft eMbedded Visual C++ 3.0 is incomplete and in some places
 incorrect.  wcecompat plugs the holes and tries to bring the Windows CE
--- a/Makefile.org
+++ b/Makefile.org
@@ -361,7 +361,8 @@ rehash.time: certs
 	@(OPENSSL="`pwd`/apps/openssl"; OPENSSL_DEBUG_MEMORY=on; \
 		export OPENSSL OPENSSL_DEBUG_MEMORY; \
 		LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" != "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
+		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		$(PERL) tools/c_rehash certs)
 	touch rehash.time
@@ -372,7 +373,8 @@ tests: rehash
 	@(cd test && echo "testing..." && \
 	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
 	@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
-		if [ "$(PLATFORM)" != "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
+		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		apps/openssl version -a

@@ -534,22 +536,30 @@ install_docs:
 	for i in doc/apps/*.pod; do \
 		fn=`basename $$i .pod`; \
 		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
-		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
+		echo "installing man$$sec/$$fn.$$sec"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
 		sh -c "$$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
+		$(PERL) util/extract-names.pl < $$i | grep -v "^$$fn" | \
+			while read n; do \
+				util/point.sh $$fn.$$sec $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$n.$$sec; \
+			done; \
 	done; \
 	for i in doc/crypto/*.pod doc/ssl/*.pod; do \
 		fn=`basename $$i .pod`; \
 		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
-		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
+		echo "installing man$$sec/$$fn.$$sec"; \
 		(cd `$(PERL) util/dirname.pl $$i`; \
 		sh -c "$$pod2man \
 			--section=$$sec --center=OpenSSL \
 			--release=$(VERSION) `basename $$i`") \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$$sec; \
+		$(PERL) util/extract-names.pl < $$i | grep -v "^$$fn" | \
+			while read n; do \
+				util/point.sh $$fn.$$sec $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$n.$$sec; \
+			done; \
 	done

 # DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/4
+++ b/4
@@ -17,7 +17,8 @@
        a separate distribution.
      o New elliptic curve library section.
      o New AES (Rijndael) library section.
-      o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit
+      o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
+        Linux x86_64
      o Extended support for some platforms: VxWorks
      o Enhanced support for shared libraries.
      o Support for pkg-config.
@@ -42,6 +43,7 @@
      o SSL/TLS: allow optional cipher choice according to server's preference.
      o SSL/TLS: allow server to explicitly set new session ids.
      o SSL/TLS: support Kerberos cipher suites (RFC2712).
+	Only supports MIT Kerberos for now.
      o SSL/TLS: allow more precise control of renegotiations and sessions.
      o SSL/TLS: add callback to retrieve SSL/TLS messages.
      o SSL/TLS: support AES cipher suites (RFC3268).
--- a/16
+++ b/16
@@ -46,3 +46,19 @@ scripts use the same name for output and input files, which means different
 will interfere with each other and lead to test failure.

 The solution is simple for now: don't run parallell make when testing.
+
+
+* Bugs in gcc 3.0 triggered
+
+According to a problem report, there are bugs in gcc 3.0 that are
+triggered by some of the code in OpenSSL, more specifically in
+PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
+
+	header+=11;
+	if (*header != '4') return(0); header++;
+	if (*header != ',') return(0); header++;
+
+What happens is that gcc might optimize a little too agressively, and
+you end up with an extra incrementation when *header != '4'.
+
+We recommend that you upgrade gcc to as high a 3.x version as you can.
--- a/17
+++ b/17
@@ -1,15 +1,17 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/11/21 22:39:08 $
+  ______________                           $Date: 2002/12/07 20:03:42 $

  DEVELOPMENT STATE

    o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 0.9.7-beta5: Released on December  5th, 2002
    o  OpenSSL 0.9.7-beta4: Released on November 19th, 2002
       Debian GNU/Linux (kernel version 2.4.19, gcc 2.95.4)	- PASSED
-    o  OpenSSL 0.9.7-beta3: Released on July 30th, 2002
-    o  OpenSSL 0.9.7-beta2: Released on June 16th, 2002
-    o  OpenSSL 0.9.7-beta1: Released on June  1st, 2002
+    o  OpenSSL 0.9.7-beta3: Released on July     30th, 2002
+    o  OpenSSL 0.9.7-beta2: Released on June     16th, 2002
+    o  OpenSSL 0.9.7-beta1: Released on June      1st, 2002
+    o  OpenSSL 0.9.6h: Released on December   5th, 2002
    o  OpenSSL 0.9.6g: Released on August     9th, 2002
    o  OpenSSL 0.9.6f: Released on August     8th, 2002
    o  OpenSSL 0.9.6e: Released on July      30th, 2002
@@ -66,9 +68,12 @@
 	UTIL (a new set of library functions to support some higher level
 	      functionality that is currently missing).
 	Shared library support for VMS.
-	Kerberos 5 authentication
+	Kerberos 5 authentication (Heimdal)
 	Constification
-	OCSP
+	Compression
+	Attribute Certificate support
+	Certificate Pair support
+	Storage Engines (primarly an LDAP storage engine)

  NEEDS PATCH

--- a/50
+++ b/50
@@ -3375,6 +3375,56 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 

+*** linux-x86_64
+$cc           = gcc
+$cflags       = -DL_ENDIAN -DNO_ASM
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = 
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+
+*** linux64-sparcv9
+$cc           = gcc
+$cflags       = -m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$unistd       = 
+$thread_cflag = -D_REENTRANT
+$sys_id       = ULTRASPARC
+$lflags       = -ldl
+$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = asm/md5-sparcv9.o
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+$dso_scheme   = dlfcn
+$shared_target= linux-shared
+$shared_cflag = -fPIC
+$shared_ldflag = -m64
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$ranlib       = 
+$arflags      = 
+
 *** ncr-scde
 $cc           = cc
 $cflags       = -O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -148,7 +148,8 @@ $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
 	fi
 	-(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
 		LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \
-		if [ "$(PLATFORM)" != "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
+		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
+		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		$(PERL) tools/c_rehash certs)

--- a/apps/apps.c
+++ b/apps/apps.c
@@ -615,7 +615,7 @@ int password_callback(char *buf, int bufsiz, int verify,

 		if (buff)
 			{
-			memset(buff,0,(unsigned int)bufsiz);
+			OPENSSL_cleanse(buff,(unsigned int)bufsiz);
 			OPENSSL_free(buff);
 			}

@@ -625,13 +625,13 @@ int password_callback(char *buf, int bufsiz, int verify,
 			{
 			BIO_printf(bio_err, "User interface error\n");
 			ERR_print_errors(bio_err);
-			memset(buf,0,(unsigned int)bufsiz);
+			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
 			res = 0;
 			}
 		if (ok == -2)
 			{
 			BIO_printf(bio_err,"aborted!\n");
-			memset(buf,0,(unsigned int)bufsiz);
+			OPENSSL_cleanse(buf,(unsigned int)bufsiz);
 			res = 0;
 			}
 		UI_free(ui);
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -361,7 +361,7 @@ end:
 	if (osk != NULL) sk_free(osk);
 	OBJ_cleanup();
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -706,7 +706,7 @@ bad:
 		}
 	pkey = load_key(bio_err, keyfile, keyform, 0, key, e, 
 		"CA private key");
-	if (key) memset(key,0,strlen(key));
+	if (key) OPENSSL_cleanse(key,strlen(key));
 	if (pkey == NULL)
 		{
 		/* load_key() has already printed an appropriate message */
@@ -1652,7 +1652,7 @@ err:
 	NCONF_free(conf);
 	OBJ_cleanup();
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static void lookup_fail(char *name, char *tag)
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -203,6 +203,6 @@ end:
 	if (ssl != NULL) SSL_free(ssl);
 	if (STDout != NULL) BIO_free_all(STDout);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

--- a/apps/crl.c
+++ b/apps/crl.c
@@ -377,7 +377,7 @@ end:
 		X509_STORE_free(store);
 	}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static X509_CRL *load_crl(char *infile, int format)
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -280,7 +280,7 @@ end:
 	if (crl != NULL) X509_CRL_free(crl);

 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 /*
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -356,7 +356,7 @@ int MAIN(int argc, char **argv)
 end:
 	if (buf != NULL)
 		{
-		memset(buf,0,BUFSIZE);
+		OPENSSL_cleanse(buf,BUFSIZE);
 		OPENSSL_free(buf);
 		}
 	if (in != NULL) BIO_free(in);
@@ -365,7 +365,7 @@ end:
 	if(sigbuf) OPENSSL_free(sigbuf);
 	if (bmd != NULL) BIO_free(bmd);
 	apps_shutdown();
-	EXIT(err);
+	OPENSSL_EXIT(err);
 	}

 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -333,6 +333,6 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (dh != NULL) DH_free(dh);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
 #endif
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -519,7 +519,7 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (dh != NULL) DH_free(dh);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 /* dh_cb is identical to dsa_cb in apps/dsaparam.c */
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -314,6 +314,6 @@ end:
 	if(passin) OPENSSL_free(passin);
 	if(passout) OPENSSL_free(passout);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
 #endif
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -372,7 +372,7 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (dsa != NULL) DSA_free(dsa);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -390,6 +390,6 @@ end:
 	if (passout)
 		OPENSSL_free(passout);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 }
 #endif
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -679,7 +679,7 @@ end:
 	if (group != NULL)
 		EC_GROUP_free(group);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 }

 int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -481,9 +481,9 @@ bad:
 			 * bug picked up by
 			 * Larry J. Hughes Jr. <hughes@indiana.edu> */
 			if (str == strbuf)
-				memset(str,0,SIZE);
+				OPENSSL_cleanse(str,SIZE);
 			else
-				memset(str,0,strlen(str));
+				OPENSSL_cleanse(str,strlen(str));
 			}
 		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
 			{
@@ -586,7 +586,7 @@ end:
 	if (b64 != NULL) BIO_free(b64);
 	if(pass) OPENSSL_free(pass);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 int set_hex(char *in, unsigned char *out, int size)
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -516,5 +516,5 @@ end:
 	sk_pop_free(post_cmds, identity);
 	if (bio_out != NULL) BIO_free_all(bio_out);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -122,5 +122,5 @@ int MAIN(int argc, char **argv)
 			}
 		}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -198,7 +198,7 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (dh != NULL) DH_free(dh);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static void MS_CALLBACK dh_cb(int p, int n, void *arg)
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -246,6 +246,6 @@ end:
 	if (dsa != NULL) DSA_free(dsa);
 	if(passout) OPENSSL_free(passout);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
 #endif
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -258,7 +258,7 @@ err:
 	if (ret != 0)
 		ERR_print_errors(bio_err);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -102,7 +102,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-in file  input file\n");
 		BIO_printf (bio_err, "-out file output file\n");
 		BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
-		EXIT(1);
+		OPENSSL_EXIT(1);
 	}

 	if (infile) {
@@ -162,6 +162,6 @@ end:
 	BIO_free_all(out);
 	NETSCAPE_CERT_SEQUENCE_free(seq);

-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 }

--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -899,7 +899,7 @@ end:
 		SSL_CTX_free(ctx);
 		}

-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 }

 static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -358,7 +358,7 @@ end:
 		BIO_free(bio_err);
 		bio_err=NULL;
 		}
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 #define LIST_STANDARD_COMMANDS "list-standard-commands"
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -292,7 +292,7 @@ err:
 	if (out)
 		BIO_free_all(out);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}


@@ -505,6 +505,6 @@ err:
 int MAIN(int argc, char **argv)
 	{
 	fputs("Program not available.\n", stderr)
-	EXIT(1);
+	OPENSSL_EXIT(1);
 	}
 #endif
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -651,7 +651,7 @@ int MAIN(int argc, char **argv)
    if(passin) OPENSSL_free(passin);
    if(passout) OPENSSL_free(passout);
    apps_shutdown();
-    EXIT(ret);
+    OPENSSL_EXIT(ret);
 }

 int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -301,5 +301,5 @@ end:
 	if (in != NULL) BIO_free(in);
 	if (out != NULL) BIO_free_all(out);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -213,5 +213,5 @@ err:
 	if (out)
 		BIO_free_all(out);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/req.c
+++ b/apps/req.c
@@ -1150,7 +1150,7 @@ end:
 	if (ec_params != NULL) EC_KEY_free(ec_params);
 #endif
 	apps_shutdown();
-	EXIT(ex);
+	OPENSSL_EXIT(ex);
 	}

 static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int attribs,
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -369,7 +369,7 @@ end:
 	if(passin) OPENSSL_free(passin);
 	if(passout) OPENSSL_free(passout);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
 #else /* !OPENSSL_NO_RSA */

--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -908,16 +908,16 @@ end:
 	if (con != NULL) SSL_free(con);
 	if (con2 != NULL) SSL_free(con2);
 	if (ctx != NULL) SSL_CTX_free(ctx);
-	if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); }
-	if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); }
-	if (mbuf != NULL) { memset(mbuf,0,BUFSIZZ); OPENSSL_free(mbuf); }
+	if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
+	if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
+	if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
 	if (bio_c_out != NULL)
 		{
 		BIO_free(bio_c_out);
 		bio_c_out=NULL;
 		}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}


--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -946,7 +946,7 @@ end:
 		bio_s_out=NULL;
 		}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
@@ -1262,7 +1262,7 @@ err:
 	BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
 	if (buf != NULL)
 		{
-		memset(buf,0,bufsize);
+		OPENSSL_cleanse(buf,bufsize);
 		OPENSSL_free(buf);
 		}
 	if (ret >= 0)
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -62,14 +62,6 @@
 #include <errno.h>
 #include <signal.h>

-#ifdef FLAT_INC
-#include "e_os.h"
-#else
-#include "../e_os.h"
-#endif
-
-#ifndef OPENSSL_NO_SOCK
-
 /* With IPv6, it looks like Digital has mixed up the proper order of
   recursive header file inclusion, resulting in the compiler complaining
   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
@@ -87,6 +79,14 @@ typedef unsigned int u_int;
 #include "s_apps.h"
 #include <openssl/ssl.h>

+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif
+
+#ifndef OPENSSL_NO_SOCK
+
 static struct hostent *GetHostByName(char *name);
 #ifdef OPENSSL_SYS_WINDOWS
 static void ssl_sock_cleanup(void);
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -642,7 +642,7 @@ end:
 		tm_ctx=NULL;
 		}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 /***********************************************************************
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -273,7 +273,7 @@ end:
 	if (out != NULL) BIO_free_all(out);
 	if (x != NULL) SSL_SESSION_free(x);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static SSL_SESSION *load_sess_id(char *infile, int format)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2316,7 +2316,7 @@ end:
 #endif

 	apps_shutdown();
-	EXIT(mret);
+	OPENSSL_EXIT(mret);
 	}

 static void print_message(const char *s, long num, int length)
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -295,5 +295,5 @@ end:
 	EVP_PKEY_free(pkey);
 	if(passin) OPENSSL_free(passin);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -232,7 +232,7 @@ end:
 	sk_X509_pop_free(untrusted, X509_free);
 	sk_X509_pop_free(trusted, X509_free);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, int purpose, ENGINE *e)
--- a/apps/version.c
+++ b/apps/version.c
@@ -212,5 +212,5 @@ int MAIN(int argc, char **argv)
 	if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
 end:
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1029,7 +1029,7 @@ end:
 	sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
 	if (passin) OPENSSL_free(passin);
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}

 static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
--- a/14
+++ b/14
@@ -547,12 +547,13 @@ EOF
  ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
  i386-apple-darwin*) OUT="darwin-i386-cc" ;;
  sparc64-*-linux2)
-	#Before we can uncomment following lines we have to wait at least
-	#till 64-bit glibc for SPARC is operational:-(
-	#echo "WARNING! If you wish to build 64-bit library, then you have to"
-	#echo "         invoke './Configure linux64-sparcv9' *manually*."
-	#echo "         Type return if you want to continue, Ctrl-C to abort."
-	#read waste < /dev/tty
+	echo "WARNING! If *know* that your GNU C supports 64-bit/V9 ABI"
+	echo "         and wish to build 64-bit library, then you have to"
+	echo "         invoke './Configure linux64-sparcv9' *manually*."
+	if [ "$TEST" = "false" ]; then
+	  echo "          You have about 5 seconds to press Ctrl-C to abort."
+	  (stty -icanon min 0 time 50; read waste) < /dev/tty
+	fi
 	OUT="linux-sparcv9" ;;
  sparc-*-linux2)
 	KARCH=`awk '/^type/{print$3}' /proc/cpuinfo`
@@ -585,6 +586,7 @@ EOF
  arm*-*-linux2) OUT="linux-elf-arm" ;;
  s390-*-linux2) OUT="linux-s390" ;;
  s390x-*-linux?) OUT="linux-s390x" ;;
+  x86_64-*-linux?) OUT="linux-x86_64" ;;
  *-*-linux2) OUT="linux-elf"
 	if [ "$GCCVER" -gt 28 ]; then
          if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -149,7 +149,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 	ASN1_CTX c;
 	int want=HEADER_SIZE;
 	int eos=0;
+#if defined(__GNUC__) && defined(__ia64)
+	/* pathetic compiler bug in all known versions as of Nov. 2002 */
+	long off=0;
+#else
 	int off=0;
+#endif
 	int len=0;

 	b=BUF_MEM_new();
@@ -226,13 +231,18 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 					ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
 					goto err;
 					}
-				i=BIO_read(in,&(b->data[len]),want);
-				if (i <= 0)
+				while (want > 0)
 					{
-					ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
-					goto err;
+					i=BIO_read(in,&(b->data[len]),want);
+					if (i <= 0)
+						{
+						ASN1err(ASN1_F_ASN1_D2I_BIO,
+						    ASN1_R_NOT_ENOUGH_DATA);
+						goto err;
+						}
+					len+=i;
+					want -= i;
 					}
-				len+=i;
 				}
 			off+=(int)c.slen;
 			if (eos <= 0)
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -204,9 +204,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
 err:
 	EVP_MD_CTX_cleanup(&ctx);
 	if (buf_in != NULL)
-		{ memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
+		{ OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
 	if (buf_out != NULL)
-		{ memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
+		{ OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); }
 	return(outl);
 	}

@@ -287,8 +287,8 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
 err:
 	EVP_MD_CTX_cleanup(&ctx);
 	if (buf_in != NULL)
-		{ memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
+		{ OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
 	if (buf_out != NULL)
-		{ memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
+		{ OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); }
 	return(outl);
 	}
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -62,7 +62,7 @@

 int ASN1_TYPE_get(ASN1_TYPE *a)
 	{
-	if (a->value.ptr != NULL)
+	if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
 		return(a->type);
 	else
 		return(0);
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -103,7 +103,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
 	EVP_VerifyInit_ex(&ctx,type, NULL);
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);

-	memset(buf_in,0,(unsigned int)inl);
+	OPENSSL_cleanse(buf_in,(unsigned int)inl);
 	OPENSSL_free(buf_in);

 	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
@@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 	EVP_VerifyInit_ex(&ctx,type, NULL);
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);

-	memset(buf_in,0,(unsigned int)inl);
+	OPENSSL_cleanse(buf_in,(unsigned int)inl);
 	OPENSSL_free(buf_in);

 	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -187,7 +187,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 	i2d_NETSCAPE_PKEY(pkey,&zz);

 	/* Wipe the private key encoding */
-	memset(pkey->private_key->data, 0, rsalen);
+	OPENSSL_cleanse(pkey->private_key->data, rsalen);
 		
 	if (cb == NULL)
 		cb=EVP_read_pw_string;
@@ -206,7 +206,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
 	}

 	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-	memset(buf,0,256);
+	OPENSSL_cleanse(buf,256);

 	/* Encrypt private key in place */
 	zz = enckey->enckey->digest->data;
@@ -294,7 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
 	}
 		
 	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-	memset(buf,0,256);
+	OPENSSL_cleanse(buf,256);

 	EVP_CIPHER_CTX_init(&ctx);
 	EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -68,8 +68,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 	if(operation == ASN1_OP_FREE_PRE) {
 		PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
 		if (key->pkey->value.octet_string)
-		memset(key->pkey->value.octet_string->data,
-				 0, key->pkey->value.octet_string->length);
+		OPENSSL_cleanse(key->pkey->value.octet_string->data,
+			key->pkey->value.octet_string->length);
 	}
 	return 1;
 }
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -479,7 +479,7 @@ int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
 	unsigned char *buffer=NULL;
 	size_t	buf_len=0, i;
 	int     ret=0, reason=ERR_R_BIO_LIB;
-	BIGNUM  *pub_key=NULL;
+	BIGNUM  *pub_key=NULL, *order=NULL;
 	BN_CTX  *ctx=NULL;
 
 	if (!x || !x->group)
@@ -513,8 +513,12 @@ int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
 		{
 		if (!BIO_indent(bp, off, 128))
 			goto err;
+		if ((order = BN_new()) == NULL)
+			goto err;
+		if (!EC_GROUP_get_order(x->group, order, NULL))
+			goto err;
 		if (BIO_printf(bp, "Private-Key: (%d bit)\n", 
-			BN_num_bits(x->priv_key)) <= 0) goto err;
+			BN_num_bits(order)) <= 0) goto err;
 		}
  
 	if ((x->priv_key != NULL) && !print(bp, "priv:", x->priv_key, 
@@ -531,6 +535,8 @@ err:
 		ECerr(EC_F_EC_KEY_PRINT, reason);
 	if (pub_key) 
 		BN_free(pub_key);
+	if (order)
+		BN_free(order);
 	if (ctx)
 		BN_CTX_free(ctx);
 	if (buffer != NULL)
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -175,6 +175,6 @@ void X509_reject_clear(X509 *x)
 ASN1_SEQUENCE(X509_CERT_PAIR) = {
 	ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
 	ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
-} ASN1_SEQUENCE_END(X509_CERT_PAIR);
+} ASN1_SEQUENCE_END(X509_CERT_PAIR)

 IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
--- a/crypto/bf/bftest.c
+++ b/crypto/bf/bftest.c
@@ -63,6 +63,8 @@
 #include <string.h>
 #include <stdlib.h>

+#include "../e_os.h"
+
 #ifdef OPENSSL_NO_BF
 int main(int argc, char *argv[])
 {
@@ -275,7 +277,7 @@ int main(int argc, char *argv[])
 	else
 		ret=test();

-	exit(ret);
+	EXIT(ret);
 	return(0);
 	}

--- a/crypto/bn/asm/vms.mar
+++ b/crypto/bn/asm/vms.mar
@@ -1,4 +1,4 @@
-	.title	vax_bn_mul_add_word  unsigned multiply & add, 32*32+32+32=>64
+	.title	vax_bn_mul_add_words  unsigned multiply & add, 32*32+32+32=>64
 ;
 ; w.j.m. 15-jan-1999
 ;
@@ -59,7 +59,7 @@ w=16 ;(AP)	w	by value (input)
 	movl	r6,r0			; return c
 	ret

-	.title	vax_bn_mul_word  unsigned multiply & add, 32*32+32=>64
+	.title	vax_bn_mul_words  unsigned multiply & add, 32*32+32=>64
 ;
 ; w.j.m. 15-jan-1999
 ;
@@ -172,146 +172,148 @@ n=12 ;(AP)	n	by value (input)
 ; }
 ;
 ; Using EDIV would be very easy, if it didn't do signed calculations.
-; Therefore, som extra things have to happen around it.  The way to
-; handle that is to shift all operands right one step (basically dividing
-; them by 2) and handle the different cases depending on what the lowest
-; bit of each operand was.
+; Any time, any of the input numbers are signed, there are problems,
+; usually with integer overflow, at which point it returns useless
+; data (the quotient gets the value of l, and the remainder becomes 0).
 ;
-; To start with, let's define the following:
+; If it was just for the dividend, it would be very easy, just divide
+; it by 2 (unsigned), do the division, multiply the resulting quotient
+; and remainder by 2, add the bit that was dropped when dividing by 2
+; to the remainder, and do some adjustment so the remainder doesn't
+; end up larger than the divisor.  This method works as long as the
+; divisor is positive, so we'll keep that (with a small adjustment)
+; as the main method.
+; For some cases when the divisor is negative (from EDIV's point of
+; view, i.e. when the highest bit is set), dividing the dividend by
+; 2 isn't enough, it needs to be divided by 4.  Furthermore, the
+; divisor needs to be divided by 2 (unsigned) as well, to avoid more
+; problems with the sign.  In this case, a little extra fiddling with
+; the remainder is required.
 ;
-; a' = l & 1
-; a2 = <h,l> >> 1	# UNSIGNED shift!
-; b' = d & 1
-; b2 = d >> 1		# UNSIGNED shift!
+; So, the simplest way to handle this is always to divide the dividend
+; by 4, and to divide the divisor by 2 if it's highest bit is set.
+; After EDIV has been used, the quotient gets multiplied by 4 if the
+; original divisor was positive, otherwise 2.  The remainder, oddly
+; enough, is *always* multiplied by 4.
 ;
-; Now, use EDIV to calculate a quotient and a remainder:
+; The routine ends with comparing the resulting remainder with the
+; original divisor and if the remainder is larger, subtract the
+; original divisor from it, and increase the quotient by 1.  This is
+; done until the remainder is smaller than the divisor.
 ;
-; q'' = a2/b2
-; r'' = a2 - q''*b2
+; The complete algorithm looks like this:
 ;
-; If b' is 0, the quotient is already correct, we just need to adjust the
-; remainder:
+; d'    = d
+; l'    = l & 3
+; [h,l] = [h,l] >> 2
+; [q,r] = floor([h,l] / d)	# This is the EDIV operation
+; if (q < 0) q = -q		# I doubt this is necessary any more
 ;
-; if (b' == 0)
+; r'    = r >> 30
+; if (d' >= 0) q = q << 1
+; q     = q << 1
+; r     = (r << 2) + l'
+;
+; if (d' < 0)
 ;   {
-;     r = 2*r'' + a'
-;     q = q''
-;   }
-;
-; If b' is 1, we need to do other adjustements.  The first thought is the
-; following (note that r' will not always have the right value, but an
-; adjustement follows further down):
-;
-; if (b' == 1)
-;   {
-;     q' = q''
-;     r' = a - q'*b
-;
-; However, one can note the folowing relationship:
-;
-;                         r'' = a2 - q''*b2
-;                  =>   2*r'' = 2*a2 - 2*q''*b2
-;                             = { a = 2*a2 + a', b = 2*b2 + b' = 2*b2 + 1,
-;                                 q' = q'' }
-;                             = a - a' - q'*(b - 1)
-;                             = a - q'*b - a' + q'
-;                             = r' - a' + q'
-;                  =>     r'  = 2*r'' - q' + a'
-;
-; This enables us to use r'' instead of discarding and calculating another
-; modulo:
-;
-; if (b' == 1)
-;   {
-;     q' = q''
-;     r' = (r'' << 1) - q' + a'
-;
-; Now, all we have to do is adjust r', because it might be < 0:
-;
-;     while (r' < 0)
+;     [r',r] = [r',r] - q
+;     while ([r',r] < 0)
 ;       {
-;         r' = r' + b
-;         q' = q' - 1
+;         [r',r] = [r',r] + d
+;         q = q - 1
 ;       }
 ;   }
 ;
-; return q'
+; while ([r',r] >= d)
+;   {
+;     [r',r] = [r',r] - d
+;     q = q + 1
+;   }
+;
+; return q

 h=4 ;(AP)	h	by value (input)
 l=8 ;(AP)	l	by value (input)
 d=12 ;(AP)	d	by value (input)

-;aprim=r5
-;a2=r6
-;a20=r6
-;a21=r7
-;bprim=r8
-;b2=r9
-;qprim=r10	; initially used as q''
-;rprim=r11	; initially used as r''
+;lprim=r5
+;rprim=r6
+;dprim=r7


 	.psect	code,nowrt

-.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7>
 	movl	l(ap),r2
 	movl	h(ap),r3
 	movl	d(ap),r4

-	movl	#0,r5
-	movl	#0,r8
-	movl	#0,r0
-;	movl	#0,r1
+	bicl3	#^XFFFFFFFC,r2,r5 ; l' = l & 3
+	bicl3	#^X00000003,r2,r2

-	rotl	#-1,r2,r6	; a20 = l >> 1 (almost)
-	rotl	#-1,r3,r7	; a21 = h >> 1 (almost)
-	rotl	#-1,r4,r9	; b2 = d >> 1 (almost)
+	bicl3	#^XFFFFFFFC,r3,r6
+	bicl3	#^X00000003,r3,r3
+        
+	addl	r6,r2
+	rotl	#-2,r2,r2	; l = l >> 2
+	rotl	#-2,r3,r3	; h = h >> 2
+                
+	movl	#0,r6
+	movl	r4,r7		; d' = d

-	tstl	r6
-	bgeq	1$
-	xorl2	#^X80000000,r6	; fixup a20 so highest bit is 0
-	incl	r5		; a' = 1
-1$:
-	tstl	r7
-	bgeq	2$
-	xorl2	#^X80000000,r6	; fixup a20 so highest bit is 1,
-				; since that's what was lowest in a21
-	xorl2	#^X80000000,r7	; fixup a21 so highest bit is 1
-2$:
-	tstl	r9
+	tstl	r4
 	beql	666$		; Uh-oh, the divisor is 0...
-	bgtr	3$
-	xorl2	#^X80000000,r9	; fixup b2 so highest bit is 0
-	incl	r8		; b' = 1
-3$:
-	tstl	r9
-	bneq	4$		; if b2 is 0, we know that b' is 1
-	tstl	r3
-	bneq	666$		; if higher half isn't 0, we overflow
-	movl	r2,r10		; otherwise, we have our result
-	brb	42$		; This is a success, really.
-4$:
-	ediv	r9,r6,r10,r11
+	bgtr	1$
+	rotl	#-1,r4,r4	; If d is negative, shift it right.
+	bicl2	#^X80000000,r4	; Since d is then a large number, the
+				; lowest bit is insignificant
+				; (contradict that, and I'll fix the problem!)
+1$:     
+	ediv	r4,r2,r2,r3	; Do the actual division
+
+	tstl	r2
+	bgeq	3$
+	mnegl	r2,r2		; if q < 0, negate it
+3$:     
+	tstl	r7
+	blss	4$
+	ashl	#1,r2,r2	; q = q << 1
+4$:     
+	ashl	#1,r2,r2	; q = q << 1
+	rotl	#2,r3,r3	; r = r << 2
+	bicl3	#^XFFFFFFFC,r3,r6 ; r' gets the high bits from r
+	bicl3	#^X00000003,r3,r3
+	addl	r5,r3		; r = r + l'
+
+	tstl	r7
+	bgeq	5$
+	bitl	#1,r7
+	beql	5$		; if d < 0 && d & 1
+	subl	r2,r3		;   [r',r] = [r',r] - q
+	sbwc	#0,r6
+45$:
+	bgeq	5$		;   while r < 0
+	decl	r2		;     q = q - 1
+	addl	r7,r3		;     [r',r] = [r',r] + d
+	adwc	#0,r6
+	brb	45$

-	tstl	r8
-	bneq	5$		; If b' != 0, go to the other part
-;	addl3	r11,r11,r1
-;	addl2	r5,r1
-	brb	42$
 5$:
-	ashl	#1,r11,r11
-	subl2	r10,r11
-	addl2	r5,r11
-	bgeq	7$
+	tstl	r6
+	bneq	6$
+	cmpl	r3,r7
+	blssu	42$		; while [r',r] >= d'
 6$:
-	decl	r10
-	addl2	r4,r11
-	blss	6$
-7$:
-;	movl	r11,r1
+	subl	r7,r3		;   [r',r] = [r',r] - d
+	sbwc	#0,r6
+	incl	r2		;   q = q + 1
+	brb	5$	
 42$:
-	movl	r10,r0
+;	movl	r3,r1
+	movl	r2,r0
+	ret
 666$:
+	movl	#^XFFFFFFFF,r0
 	ret

 	.title	vax_bn_add_words  unsigned add of two arrays
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -853,7 +853,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 */
 int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const unsigned int p[], BN_CTX *ctx)
 	{
-	int ret = 0, i, count = 0;
+	int ret = 0, count = 0;
 	unsigned int j;
 	BIGNUM *a, *z, *rho, *w, *w2, *tmp;
 	
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -263,12 +263,12 @@ void BN_clear_free(BIGNUM *a)
 	if (a == NULL) return;
 	if (a->d != NULL)
 		{
-		memset(a->d,0,a->dmax*sizeof(a->d[0]));
+		OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
 		if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
 			OPENSSL_free(a->d);
 		}
 	i=BN_get_flags(a,BN_FLG_MALLOCED);
-	memset(a,0,sizeof(BIGNUM));
+	OPENSSL_cleanse(a,sizeof(BIGNUM));
 	if (i)
 		OPENSSL_free(a);
 	}
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -201,7 +201,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 err:
 	if (buf != NULL)
 		{
-		memset(buf,0,bytes);
+		OPENSSL_cleanse(buf,bytes);
 		OPENSSL_free(buf);
 		}
 	return(ret);
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -163,10 +163,10 @@ int main(int argc, char *argv[])


 	ctx=BN_CTX_new();
-	if (ctx == NULL) exit(1);
+	if (ctx == NULL) EXIT(1);

 	out=BIO_new(BIO_s_file());
-	if (out == NULL) exit(1);
+	if (out == NULL) EXIT(1);
 	if (outfile == NULL)
 		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
@@ -176,7 +176,7 @@ int main(int argc, char *argv[])
 		if (!BIO_write_filename(out,outfile))
 			{
 			perror(outfile);
-			exit(1);
+			EXIT(1);
 			}
 		}

@@ -296,14 +296,14 @@ int main(int argc, char *argv[])
 	BIO_free(out);

 /**/
-	exit(0);
+	EXIT(0);
 err:
 	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
 	                      * the failure, see test_bn in test/Makefile.ssl*/
 	BIO_flush(out);
 	ERR_load_crypto_strings();
 	ERR_print_errors_fp(stderr);
-	exit(1);
+	EXIT(1);
 	return(1);
 	}

@@ -546,7 +546,7 @@ int test_mul(BIO *bp)
 	BN_CTX *ctx;

 	ctx = BN_CTX_new();
-	if (ctx == NULL) exit(1);
+	if (ctx == NULL) EXIT(1);
 	
 	BN_init(&a);
 	BN_init(&b);
@@ -784,7 +784,7 @@ int test_mod_mul(BIO *bp, BN_CTX *ctx)
 			while ((l=ERR_get_error()))
 				fprintf(stderr,"ERROR:%s\n",
 					ERR_error_string(l,NULL));
-			exit(1);
+			EXIT(1);
 			}
 		if (bp != NULL)
 			{
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -59,6 +59,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+
+#include "../e_os.h"
+
 #include <openssl/bio.h>
 #include <openssl/bn.h>
 #include <openssl/rand.h>
@@ -86,7 +89,7 @@ int main(int argc, char *argv[])
 	ERR_load_BN_strings();

 	ctx=BN_CTX_new();
-	if (ctx == NULL) exit(1);
+	if (ctx == NULL) EXIT(1);
 	r_mont=BN_new();
 	r_recp=BN_new();
 	r_simple=BN_new();
@@ -99,7 +102,7 @@ int main(int argc, char *argv[])

 	out=BIO_new(BIO_s_file());

-	if (out == NULL) exit(1);
+	if (out == NULL) EXIT(1);
 	BIO_set_fp(out,stdout,BIO_NOCLOSE);

 	for (i=0; i<200; i++)
@@ -124,7 +127,7 @@ int main(int argc, char *argv[])
 			{
 			printf("BN_mod_exp_mont() problems\n");
 			ERR_print_errors(out);
-			exit(1);
+			EXIT(1);
 			}

 		ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
@@ -132,7 +135,7 @@ int main(int argc, char *argv[])
 			{
 			printf("BN_mod_exp_recp() problems\n");
 			ERR_print_errors(out);
-			exit(1);
+			EXIT(1);
 			}

 		ret=BN_mod_exp_simple(r_simple,a,b,m,ctx);
@@ -140,7 +143,7 @@ int main(int argc, char *argv[])
 			{
 			printf("BN_mod_exp_simple() problems\n");
 			ERR_print_errors(out);
-			exit(1);
+			EXIT(1);
 			}

 		if (BN_cmp(r_simple, r_mont) == 0
@@ -163,7 +166,7 @@ int main(int argc, char *argv[])
 			printf("\nrecp     =");	BN_print(out,r_recp);
 			printf("\nmont     ="); BN_print(out,r_mont);
 			printf("\n");
-			exit(1);
+			EXIT(1);
 			}
 		}
 	BN_free(r_mont);
@@ -177,11 +180,11 @@ int main(int argc, char *argv[])
 	CRYPTO_mem_leaks(out);
 	BIO_free(out);
 	printf(" done\n");
-	exit(0);
+	EXIT(0);
 err:
 	ERR_load_crypto_strings();
 	ERR_print_errors(out);
-	exit(1);
+	EXIT(1);
 	return(1);
 	}

--- a/crypto/cast/casttest.c
+++ b/crypto/cast/casttest.c
@@ -60,6 +60,8 @@
 #include <string.h>
 #include <stdlib.h>

+#include "../e_os.h"
+
 #ifdef OPENSSL_NO_CAST
 int main(int argc, char *argv[])
 {
@@ -224,7 +226,7 @@ int main(int argc, char *argv[])
      }
 #endif

-    exit(err);
+    EXIT(err);
    return(err);
    }
 #endif
--- a/crypto/crypto.h
+++ b/crypto/crypto.h
@@ -121,9 +121,6 @@

 #ifndef OPENSSL_NO_FP_API
 #include <stdio.h>
-#ifdef OPENSSL_SYS_WINCE
-#include <stdio_extras.h>
-#endif
 #endif

 #include <openssl/stack.h>
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -427,7 +427,7 @@ void doencryption(void)
 				k2[i-8]=k;
 			}
 		DES_set_key_unchecked(&k2,&ks2);
-		memset(k2,0,sizeof(k2));
+		OPENSSL_cleanse(k2,sizeof(k2));
 		}
 	else if (longk || flag3)
 		{
@@ -435,7 +435,7 @@ void doencryption(void)
 			{
 			DES_string_to_2keys(key,&kk,&k2);
 			DES_set_key_unchecked(&k2,&ks2);
-			memset(k2,0,sizeof(k2));
+			OPENSSL_cleanse(k2,sizeof(k2));
 			}
 		else
 			DES_string_to_key(key,&kk);
@@ -457,8 +457,8 @@ void doencryption(void)
 			}

 	DES_set_key_unchecked(&kk,&ks);
-	memset(key,0,sizeof(key));
-	memset(kk,0,sizeof(kk));
+	OPENSSL_cleanse(key,sizeof(key));
+	OPENSSL_cleanse(kk,sizeof(kk));
 	/* woops - A bug that does not showup under unix :-( */
 	memset(iv,0,sizeof(iv));
 	memset(iv2,0,sizeof(iv2));
@@ -666,18 +666,18 @@ void doencryption(void)
 		if (l) fclose(CKSUM_OUT);
 		}
 problems:
-	memset(buf,0,sizeof(buf));
-	memset(obuf,0,sizeof(obuf));
-	memset(&ks,0,sizeof(ks));
-	memset(&ks2,0,sizeof(ks2));
-	memset(iv,0,sizeof(iv));
-	memset(iv2,0,sizeof(iv2));
-	memset(kk,0,sizeof(kk));
-	memset(k2,0,sizeof(k2));
-	memset(uubuf,0,sizeof(uubuf));
-	memset(b,0,sizeof(b));
-	memset(bb,0,sizeof(bb));
-	memset(cksum,0,sizeof(cksum));
+	OPENSSL_cleanse(buf,sizeof(buf));
+	OPENSSL_cleanse(obuf,sizeof(obuf));
+	OPENSSL_cleanse(&ks,sizeof(ks));
+	OPENSSL_cleanse(&ks2,sizeof(ks2));
+	OPENSSL_cleanse(iv,sizeof(iv));
+	OPENSSL_cleanse(iv2,sizeof(iv2));
+	OPENSSL_cleanse(kk,sizeof(kk));
+	OPENSSL_cleanse(k2,sizeof(k2));
+	OPENSSL_cleanse(uubuf,sizeof(uubuf));
+	OPENSSL_cleanse(b,sizeof(b));
+	OPENSSL_cleanse(bb,sizeof(bb));
+	OPENSSL_cleanse(cksum,sizeof(cksum));
 	if (Exit) EXIT(Exit);
 	}

--- a/crypto/des/read2pwd.c
+++ b/crypto/des/read2pwd.c
@@ -112,9 +112,6 @@
 #include <string.h>
 #include <openssl/des.h>
 #include <openssl/ui.h>
-#ifdef OPENSSL_SYS_WINCE
-#include <stdio_extras.h>	/* BUFSIZ */
-#endif

 int DES_read_password(DES_cblock *key, const char *prompt, int verify)
 	{
@@ -123,8 +120,8 @@ int DES_read_password(DES_cblock *key, const char *prompt, int verify)

 	if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
 		DES_string_to_key(buf,key);
-	memset(buf,0,BUFSIZ);
-	memset(buff,0,BUFSIZ);
+	OPENSSL_cleanse(buf,BUFSIZ);
+	OPENSSL_cleanse(buff,BUFSIZ);
 	return(ok);
 	}

@@ -136,7 +133,7 @@ int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,

 	if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
 		DES_string_to_2keys(buf,key1,key2);
-	memset(buf,0,BUFSIZ);
-	memset(buff,0,BUFSIZ);
+	OPENSSL_cleanse(buf,BUFSIZ);
+	OPENSSL_cleanse(buff,BUFSIZ);
 	return(ok);
 	}
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -220,7 +220,7 @@ int des_read_pw_string(char *buf, int length, const char *prompt,
 	int ret;

 	ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
-	memset(buff,0,BUFSIZ);
+	OPENSSL_cleanse(buff,BUFSIZ);
 	return(ret);
 	}

--- a/crypto/des/str2key.c
+++ b/crypto/des/str2key.c
@@ -94,7 +94,7 @@ void DES_string_to_key(const char *str, DES_cblock *key)
 	DES_set_key_unchecked(key,&ks);
 #endif
 	DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
-	memset(&ks,0,sizeof(ks));
+	OPENSSL_cleanse(&ks,sizeof(ks));
 	DES_set_odd_parity(key);
 	}

@@ -167,7 +167,7 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
 	DES_set_key_unchecked(key2,&ks);
 #endif
 	DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2);
-	memset(&ks,0,sizeof(ks));
+	OPENSSL_cleanse(&ks,sizeof(ks));
 	DES_set_odd_parity(key1);
 	DES_set_odd_parity(key2);
 	}
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -59,6 +59,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+
+#include "../e_os.h"
+
 #ifdef OPENSSL_SYS_WINDOWS
 #include "../bio/bss_file.c" 
 #endif
@@ -111,7 +114,7 @@ int main(int argc, char *argv[])
 	RAND_seed(rnd_seed, sizeof rnd_seed);

 	out=BIO_new(BIO_s_file());
-	if (out == NULL) exit(1);
+	if (out == NULL) EXIT(1);
 	BIO_set_fp(out,stdout,BIO_NOCLOSE);

 	a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
@@ -195,7 +198,7 @@ err:
 	CRYPTO_cleanup_all_ex_data();
 	ERR_remove_state(0);
 	CRYPTO_mem_leaks_fp(stderr);
-	exit(ret);
+	EXIT(ret);
 	return(ret);
 	}

--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -224,11 +224,13 @@ int DSA_size(const DSA *r)
 	{
 	int ret,i;
 	ASN1_INTEGER bs;
-	unsigned char buf[4];
+	unsigned char buf[4];	/* 4 bytes looks really small.
+				   However, i2d_ASN1_INTEGER() will not look
+				   beyond the first byte, as long as the second
+				   parameter is NULL. */

 	i=BN_num_bits(r->q);
 	bs.length=(i+7)/8;
-	OPENSSL_assert(bs.length <= sizeof buf);
 	bs.data=buf;
 	bs.type=V_ASN1_INTEGER;
 	/* If the top bit is set the asn1 encoding is 1 larger. */
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -61,6 +61,9 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+
+#include "../e_os.h"
+
 #include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include <openssl/bio.h>
@@ -212,10 +215,16 @@ end:
 		BIO_free(bio_err);
 		bio_err = NULL;
 		}
-	exit(!ret);
+	EXIT(!ret);
 	return(0);
 	}

+static int cb_exit(int ec)
+	{
+	EXIT(ec);
+	return(0);		/* To keep some compilers quiet */
+	}
+
 static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
 	{
 	char c='*';
@@ -231,7 +240,7 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
 	if (!ok && (p == 0) && (num > 1))
 		{
 		BIO_printf((BIO *)arg,"error in dsatest\n");
-		exit(1);
+		cb_exit(1);
 		}
 	}
 #endif
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -118,7 +118,7 @@ void EC_KEY_free(EC_KEY *r)
 	if (r->meth_data && r->meth_data->finish)
 		r->meth_data->finish(r);

-	memset((void *)r, 0x0, sizeof(EC_KEY));
+	OPENSSL_cleanse((void *)r, sizeof(EC_KEY));

 	OPENSSL_free(r);
 	}
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -162,11 +162,11 @@ void EC_GROUP_clear_free(EC_GROUP *group)

 	if (group->seed)
 		{
-		memset(group->seed, 0, group->seed_len);
+		OPENSSL_cleanse(group->seed, group->seed_len);
 		OPENSSL_free(group->seed);
 		}

-	memset(group, 0, sizeof *group);
+	OPENSSL_cleanse(group, sizeof *group);
 	OPENSSL_free(group);
 	}

@@ -591,7 +591,7 @@ void EC_POINT_clear_free(EC_POINT *point)
 		point->meth->point_clear_finish(point);
 	else if (point->meth != NULL && point->meth->point_finish != 0)
 		point->meth->point_finish(point);
-	memset(point, 0, sizeof *point);
+	OPENSSL_cleanse(point, sizeof *point);
 	OPENSSL_free(point);
 	}

--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -95,7 +95,7 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 	fflush(stdout); \
 	fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
 	ERR_print_errors_fp(stderr); \
-	exit(1); \
+	EXIT(1); \
 } while (0)

 void prime_field_tests(void);
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -70,6 +70,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+
+#include "../e_os.h"
+
 #ifdef OPENSSL_SYS_WINDOWS
 #include "../bio/bss_file.c" 
 #endif
@@ -298,7 +301,7 @@ int main(int argc, char *argv[])
 	RAND_seed(rnd_seed, sizeof rnd_seed);

 	out=BIO_new(BIO_s_file());
-	if (out == NULL) exit(1);
+	if (out == NULL) EXIT(1);
 	BIO_set_fp(out,stdout,BIO_NOCLOSE);

 	if ((ctx=BN_CTX_new()) == NULL) goto err;
@@ -330,7 +333,7 @@ err:
 	CRYPTO_cleanup_all_ex_data();
 	ERR_remove_state(0);
 	CRYPTO_mem_leaks_fp(stderr);
-	exit(ret);
+	EXIT(ret);
 	return(ret);
 	}

--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -176,7 +176,7 @@ void ECDH_DATA_free(ECDH_DATA *r)

 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);

-	memset((void *)r, 0x0, sizeof(ECDH_DATA));
+	OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA));

 	OPENSSL_free(r);
 	}
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -1,4 +1,7 @@
 /* crypto/ecdsa/ecdsatest.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
 /* ====================================================================
 * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
 *
@@ -69,298 +72,377 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <time.h>
-
-#ifdef CLOCKS_PER_SEC
-	/* "To determine the time in seconds, the value returned
-	 * by the clock function should be divided by the value
-	 * of the macro CLOCKS_PER_SEC."
-	 *                                       -- ISO/IEC 9899 */
-#	define UNIT "s"
-#else
-	/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
-	 *                            -- cc on NeXTstep/OpenStep */
-#	define UNIT "units"
-#	define CLOCKS_PER_SEC 1
-#endif

 #ifdef OPENSSL_NO_ECDSA
-int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; }
+int main(int argc, char * argv[])
+	{
+	puts("Elliptic curves are disabled.");
+	return 0;
+	}
 #else

 #include <openssl/crypto.h>
 #include <openssl/bio.h>
 #include <openssl/evp.h>
-#include <openssl/x509.h>
 #include <openssl/ecdsa.h>
 #include <openssl/engine.h>
 #include <openssl/err.h>

-static BIO *bio_err=NULL;
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+static const char rnd_seed[] = "string to make the random number generator "
+	"think it has entropy";

-#define	ECDSA_NIST_TESTS	10
-ECDSA_SIG*	signatures[ECDSA_NIST_TESTS];
-unsigned char	digest[ECDSA_NIST_TESTS][20];
+/* declaration of the test functions */
+int x9_62_tests(BIO *);
+int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
+int test_builtin(BIO *);

-/* some declarations */
-void clear_ecdsa(EC_KEY *);
-int set_p192_param(EC_KEY *);
-int set_p239_param(EC_KEY *);
-int test_sig_vrf(EC_KEY *, const unsigned char *);
-int test_x962_sig_vrf(EC_KEY *, const unsigned char *,
-                           const char *, const char *, const char *);
-int ecdsa_cmp(const EC_KEY *, const EC_KEY *);
+/* functions to change the RAND_METHOD */
+int change_rand(void);
+int restore_rand(void);
+int fbytes(unsigned char *buf, int num);

-void clear_ecdsa(EC_KEY *ecdsa)
-{
-	if (!ecdsa)
-		return;
-	if (ecdsa->group)
+RAND_METHOD	fake_rand;
+const RAND_METHOD *old_rand;
+
+int change_rand(void)
 	{
-		EC_GROUP_free(ecdsa->group);
-		ecdsa->group = NULL;
-	}
-	if (ecdsa->pub_key)
-	{
-		EC_POINT_free(ecdsa->pub_key);
-		ecdsa->pub_key = NULL;
-	}
-	if (ecdsa->priv_key)
-	{
-		BN_free(ecdsa->priv_key);
-		ecdsa->priv_key = NULL;
-	}
-}
-
-int set_p192_param(EC_KEY *ecdsa)
-{
-	BN_CTX	 *ctx=NULL;
-	int 	 ret=0;
-
-	if (!ecdsa)
+	/* save old rand method */
+	if ((old_rand = RAND_get_rand_method()) == NULL)
 		return 0;
-	if ((ctx = BN_CTX_new()) == NULL) goto err;
-	clear_ecdsa(ecdsa);
-	
-	if ((ecdsa->group = EC_GROUP_new_by_nid(NID_X9_62_prime192v1)) == NULL)
-	{
-		BIO_printf(bio_err,"ECDSA_SET_GROUP_P_192_V1() failed \n");
-		goto err;
-	}
-	if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL)
-	{
-		BIO_printf(bio_err,"EC_POINT_new failed \n");
-		goto err;
-	}

-	if (!BN_dec2bn(&(ecdsa->priv_key), "651056770906015076056810763456358567190100156695615665659"))	goto err;
-	if (!EC_POINT_mul(ecdsa->group,ecdsa->pub_key,ecdsa->priv_key,NULL,NULL,ctx))
-	{
-		BIO_printf(bio_err,"EC_POINT_mul() failed \n");
-		goto err;
-	}
-	ret = 1;
-
-err :	if (ctx)	BN_CTX_free(ctx);
-	return ret;
-}
-
-int set_p239_param(EC_KEY *ecdsa)
-{
-	BN_CTX	 *ctx=NULL;
-	int 	 ret=0;
-
-	if (!ecdsa)
+	fake_rand.seed    = old_rand->seed;
+	fake_rand.cleanup = old_rand->cleanup;
+	fake_rand.add     = old_rand->add;
+	fake_rand.status  = old_rand->status;
+	/* use own random function */
+	fake_rand.bytes      = fbytes;
+	fake_rand.pseudorand = fbytes;
+	/* set new RAND_METHOD */
+	if (!RAND_set_rand_method(&fake_rand))
 		return 0;
-	if ((ctx = BN_CTX_new()) == NULL) goto err;
-	clear_ecdsa(ecdsa);
-	
-	if ((ecdsa->group = EC_GROUP_new_by_nid(NID_X9_62_prime239v1)) == NULL)
-	{
-		BIO_printf(bio_err,"ECDSA_SET_GROUP_P_239_V1() failed \n");
-		goto err;
-	}
-	if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL)
-	{
-		BIO_printf(bio_err,"EC_POINT_new failed \n");
-		goto err;
+	return 1;
 	}

-	if (!BN_dec2bn(&(ecdsa->priv_key), "876300101507107567501066130761671078357010671067781776716671676178726717"))	goto err;
-	if (!EC_POINT_mul(ecdsa->group,ecdsa->pub_key,ecdsa->priv_key,NULL,NULL,ctx))
+int restore_rand(void)
 	{
-		BIO_printf(bio_err,"EC_POINT_mul() failed \n");
-		goto err;
+	if (!RAND_set_rand_method(old_rand))
+		return 0;
+	else
+		return 1;
 	}
-	ret = 1;

-err :	if (ctx)	BN_CTX_free(ctx);
+static int fbytes_counter = 0;
+static const char *numbers[8] = {
+	"651056770906015076056810763456358567190100156695615665659",
+	"6140507067065001063065065565667405560006161556565665656654",
+	"8763001015071075675010661307616710783570106710677817767166"
+	"71676178726717",
+	"7000000175690566466555057817571571075705015757757057795755"
+	"55657156756655",
+	"1275552191113212300012030439187146164646146646466749494799",
+	"1542725565216523985789236956265265265235675811949404040041",
+	"1456427555219115346513212300075341203043918714616464614664"
+	"64667494947990",
+	"1712787255652165239672857892369562652652652356758119494040"
+	"40041670216363"};
+
+int fbytes(unsigned char *buf, int num)
+	{
+	int	ret;
+	BIGNUM	*tmp = NULL;
+
+	if (fbytes_counter >= 8)
+		return 0;
+	tmp = BN_new();
+	if (!tmp)
+		return 0;
+	if (!BN_dec2bn(&tmp, numbers[fbytes_counter]))
+		{
+		BN_free(tmp);
+		return 0;
+		}
+	fbytes_counter ++;
+	ret = BN_bn2bin(tmp, buf);	
+	if (ret == 0 || ret != num)
+		ret = 0;
+	else
+		ret = 1;
+	if (tmp)
+		BN_free(tmp);
 	return ret;
-}
+	}

-int test_sig_vrf(EC_KEY *ecdsa, const unsigned char* dgst)
-{
-        int       ret=0,type=0;
-        unsigned char *buffer=NULL;
-        unsigned int  buf_len;
-        clock_t  tim;
- 
-        if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
-                return 0;
-        if ((buf_len = ECDSA_size(ecdsa)) == 0)
-        {
-                BIO_printf(bio_err, "ECDSA_size() == 0 \n");
-                goto err;
-        }
-        if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
-                goto err;
- 
-        tim = clock();
-        if (!ECDSA_sign(type, dgst , 20, buffer, &buf_len, ecdsa))
-        {
-                BIO_printf(bio_err, "ECDSA_sign() FAILED \n");
-                goto err;
-        }
-        tim = clock() - tim;
-        BIO_printf(bio_err, " [ ECDSA_sign() %.2f"UNIT, (double)tim/(CLOCKS_PER_SEC));
- 
-        tim = clock();
-        ret = ECDSA_verify(type, dgst, 20, buffer, buf_len, ecdsa);
-        if (ret != 1)
-        {
-                BIO_printf(bio_err, "ECDSA_verify() FAILED \n");
-                goto err;
-        }
-        tim = clock() - tim;
-        BIO_printf(bio_err, " and ECDSA_verify() %.2f"UNIT" ] ", (double)tim/(CLOCKS_PER_SEC));
- 
-err:    OPENSSL_free(buffer);
-        return(ret == 1);
-}
+/* some tests from the X9.62 draft */
+int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
+	{
+	int	ret = 0;
+	const char message[] = "abc";
+	unsigned char digest[20];
+	unsigned int  dgst_len = 0;
+	EVP_MD_CTX md_ctx;
+	EC_KEY    *key = NULL;
+	ECDSA_SIG *signature = NULL;
+	BIGNUM    *r = NULL, *s = NULL;

-int test_x962_sig_vrf(EC_KEY *eckey, const unsigned char *dgst,
-                           const char *k_in, const char *r_in, const char *s_in)
-{
-        int       ret=0;
-        ECDSA_SIG *sig=NULL;
-        EC_POINT  *point=NULL;
-        BIGNUM    *r=NULL,*s=NULL,*k=NULL,*x=NULL,*y=NULL,*m=NULL,*ord=NULL;
-        BN_CTX    *ctx=NULL;
-        char      *tmp_char=NULL;
-	ECDSA_DATA *ecdsa = ecdsa_check(eckey);;
+	EVP_MD_CTX_init(&md_ctx);
+	/* get the message digest */
+	EVP_DigestInit(&md_ctx, EVP_ecdsa());
+	EVP_DigestUpdate(&md_ctx, (const void*)message, 3);
+	EVP_DigestFinal(&md_ctx, digest, &dgst_len);
+
+	BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
+	/* create the key */
+	if ((key = EC_KEY_new()) == NULL)
+		goto x962_int_err;
+	if ((key->group = EC_GROUP_new_by_nid(nid)) == NULL)
+		goto x962_int_err;
+	if (!EC_KEY_generate_key(key))
+		goto x962_int_err;
+	BIO_printf(out, ".");
+	BIO_flush(out);
+	/* create the signature */
+	signature = ECDSA_do_sign(digest, 20, key);
+	if (signature == NULL)
+		goto x962_int_err;
+	BIO_printf(out, ".");
+	BIO_flush(out);
+	/* compare the created signature with the expected signature */
+	if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
+		goto x962_int_err;
+	if (!BN_dec2bn(&r, r_in) ||
+	    !BN_dec2bn(&s, s_in))
+		goto x962_int_err;
+	if (BN_cmp(signature->r ,r) || BN_cmp(signature->s, s))
+		goto x962_int_err;
+	BIO_printf(out, ".");
+	BIO_flush(out);
+	/* verify the signature */
+	if (ECDSA_do_verify(digest, 20, signature, key) != 1)
+		goto x962_int_err;
+	BIO_printf(out, ".");
+	BIO_flush(out);
+
+	BIO_printf(out, " ok\n");
+	ret = 1;
+x962_int_err:
+	if (!ret)
+		BIO_printf(out, " failed\n");
+	if (key)
+		EC_KEY_free(key);
+	if (signature)
+		ECDSA_SIG_free(signature);
+	if (r)
+		BN_free(r);
+	if (s)
+		BN_free(s);
+	EVP_MD_CTX_cleanup(&md_ctx);
+	return ret;
+	}
+
+int x9_62_tests(BIO *out)
+	{
+	int ret = 0;
+
+	BIO_printf(out, "some tests from X9.62:\n");
+
+	/* set own rand method */
+	if (!change_rand())
+		goto x962_err;
+
+	if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
+		"3342403536405981729393488334694600415596881826869351677613",
+		"5735822328888155254683894997897571951568553642892029982342"))
+		goto x962_err;
+	if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
+		"3086361431751678114926225473006680188549593787585317781474"
+		"62058306432176",
+		"3238135532097973577080787768312505059318910517550078427819"
+		"78505179448783"))
+		goto x962_err;
+	if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
+		"87194383164871543355722284926904419997237591535066528048",
+		"308992691965804947361541664549085895292153777025772063598"))
+		goto x962_err;
+	if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
+		"2159633321041961198501834003903461262881815148684178964245"
+		"5876922391552",
+		"1970303740007316867383349976549972270528498040721988191026"
+		"49413465737174"))
+		goto x962_err;
+
+	ret = 1;
+x962_err:
+	if (!restore_rand())
+		ret = 0;
+	return ret;
+	}
+
+int test_builtin(BIO *out)
+	{
+	EC_builtin_curve *curves = NULL;
+	size_t		crv_len = 0, n = 0;
+	EC_KEY		*eckey = NULL, *wrong_eckey = NULL;
+	unsigned char	digest[20], wrong_digest[20];
+	unsigned char	*signature; 
+	unsigned int	sig_len;
+	int		nid, ret =  0;
 	
-        if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key
-		|| !ecdsa)
-                return 0;
-        if ((point = EC_POINT_new(eckey->group)) == NULL) goto err;
-        if ((r = BN_new()) == NULL || (s = BN_new()) == NULL 
-		|| (k = BN_new()) == NULL || (x = BN_new()) == NULL || 
-		(y = BN_new()) == NULL || (m = BN_new()) == NULL ||
-		(ord = BN_new()) == NULL) goto err;
-        if ((ctx = BN_CTX_new()) == NULL) goto err;
-        if (!BN_bin2bn(dgst, 20, m)) goto err;
-        if (!BN_dec2bn(&k, k_in)) goto err;
-        if (!EC_POINT_mul(eckey->group, point, k, NULL, NULL, ctx)) goto err;
-        if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, point, x, y,
-		ctx)) goto err;
-        if (!EC_GROUP_get_order(eckey->group, ord, ctx)) goto err;
-        if ((ecdsa->r = BN_dup(x)) == NULL) goto err;
-        if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL)
-		goto err;
- 
-        if ((sig = ECDSA_do_sign(dgst, 20, eckey)) == NULL)
-        {
-                BIO_printf(bio_err,"ECDSA_do_sign() failed \n");
-                goto err;
-        }
- 
-        if (!BN_dec2bn(&r, r_in)) goto err;
-        if (!BN_dec2bn(&s, s_in)) goto err;
-        if (BN_cmp(sig->r,r) != 0 || BN_cmp(sig->s,s) != 0)
-        {
-                tmp_char = OPENSSL_malloc(128);
-                if (tmp_char == NULL) goto err;
-                tmp_char = BN_bn2dec(sig->r);
-                BIO_printf(bio_err,"unexpected signature \n");
-                BIO_printf(bio_err,"sig->r = %s\n",tmp_char);
-                tmp_char = BN_bn2dec(sig->s);
-                BIO_printf(bio_err,"sig->s = %s\n",tmp_char);
-                goto err;
-        }
-	        ret = ECDSA_do_verify(dgst, 20, sig, eckey);
-        if (ret != 1)
-        {
-                BIO_printf(bio_err,"ECDSA_do_verify : signature verification failed \n");
-                goto err;
-        }
- 
-        ret = 1;
-err :   if (r)    BN_free(r);
-        if (s)    BN_free(s);
-        if (k)    BN_free(k);
-        if (x)    BN_free(x);
-        if (y)    BN_free(y);
-	if (m)	  BN_free(m);
-        if (ord)  BN_free(ord);
-        if (sig)  ECDSA_SIG_free(sig);
-        if (ctx)  BN_CTX_free(ctx);
-        if (point) EC_POINT_free(point);
-        if (tmp_char) OPENSSL_free(tmp_char);
-        return(ret == 1);
-}
+	/* fill digest values with some random data */
+	if (!RAND_pseudo_bytes(digest, 20) ||
+	    !RAND_pseudo_bytes(wrong_digest, 20))
+		{
+		BIO_printf(out, "ERROR: unable to get random data\n");
+		goto builtin_err;
+		}

-int ecdsa_cmp(const EC_KEY *a, const EC_KEY *b)
-{
-	int 	ret=1;
-	BN_CTX	*ctx=NULL;
-	BIGNUM	*tmp_a1=NULL, *tmp_a2=NULL, *tmp_a3=NULL;
-	BIGNUM	*tmp_b1=NULL, *tmp_b2=NULL, *tmp_b3=NULL;
+	/* create and verify a ecdsa signature with every availble curve
+	 * (with ) */
+	BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
+		"with some internal curves:\n");

-	if ((ctx = BN_CTX_new()) == NULL) return 1;
-	if ((tmp_a1 = BN_new()) == NULL || (tmp_a2 = BN_new()) == NULL || (tmp_a3 = BN_new()) == NULL) goto err;
-	if ((tmp_b1 = BN_new()) == NULL || (tmp_b2 = BN_new()) == NULL || (tmp_b3 = BN_new()) == NULL) goto err;
+	/* get a list of all internal curves */
+	crv_len = EC_get_builtin_curves(NULL, 0);

-	if (a->pub_key && b->pub_key)
-		if (EC_POINT_cmp(a->group, a->pub_key, b->pub_key, ctx) != 0) goto err;
-	if (a->priv_key && b->priv_key)
-		if (BN_cmp(a->priv_key, b->priv_key) != 0) goto err;
-	if (!EC_GROUP_get_curve_GFp(a->group, tmp_a1, tmp_a2, tmp_a3, ctx)) goto err;
-	if (!EC_GROUP_get_curve_GFp(a->group, tmp_b1, tmp_b2, tmp_b3, ctx)) goto err;
-	if (BN_cmp(tmp_a1, tmp_b1) != 0) goto err;
-	if (BN_cmp(tmp_a2, tmp_b2) != 0) goto err;
-	if (BN_cmp(tmp_a3, tmp_b3) != 0) goto err;
+	curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);

-	ret = 0;
-err:	if (tmp_a1) BN_free(tmp_a1);
-	if (tmp_a2) BN_free(tmp_a2);
-	if (tmp_a3) BN_free(tmp_a3);
-	if (tmp_b1) BN_free(tmp_b1);
-	if (tmp_b2) BN_free(tmp_b2);
-	if (tmp_b3) BN_free(tmp_b3);
-	if (ctx) BN_CTX_free(ctx);
-	return(ret);
-}
+	if (curves == NULL)
+		{
+		BIO_printf(out, "malloc error\n");
+		goto builtin_err;
+		}
+	
+	if (!EC_get_builtin_curves(curves, crv_len))
+		{
+		BIO_printf(out, "unable to get internal curves\n");
+		goto builtin_err;
+		}
+
+	/* now create and verify a signature for every curve */
+	for (n = 0; n < crv_len; n++)
+		{
+		nid = curves[n].nid;
+		/* create new ecdsa key (== EC_KEY) */
+		if ((eckey = EC_KEY_new()) == NULL)
+			goto builtin_err;
+		if ((eckey->group = EC_GROUP_new_by_nid(nid)) == NULL)
+			goto builtin_err;
+		if (EC_GROUP_get_degree(eckey->group) < 160)
+			/* drop the curve */ 
+			{
+			EC_KEY_free(eckey);
+			eckey = NULL;
+			continue;
+			}
+		BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
+		/* create key */
+		if (!EC_KEY_generate_key(eckey))
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		/* create second key */
+		if ((wrong_eckey = EC_KEY_new()) == NULL)
+			goto builtin_err;
+		if ((wrong_eckey->group = EC_GROUP_new_by_nid(nid)) == NULL)
+			goto builtin_err;
+		if (!EC_KEY_generate_key(wrong_eckey))
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* check key */
+		if (!EC_KEY_check_key(eckey))
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* create signature */
+		sig_len = ECDSA_size(eckey);
+		if ((signature = OPENSSL_malloc(sig_len)) == NULL)
+			goto builtin_err;
+                if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey))
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* verify signature */
+		if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* verify signature with the wrong key */
+		if (ECDSA_verify(0, digest, 20, signature, sig_len, 
+			wrong_eckey) == 1)
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* wrong digest */
+		if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len,
+			eckey) == 1)
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		/* modify signature */
+		signature[((int)signature[0])%sig_len] ^= 
+			signature[((int)signature[1])%sig_len];
+		if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
+			{
+			BIO_printf(out, " failed\n");
+			goto builtin_err;
+			}
+		BIO_printf(out, ".");
+		BIO_flush(out);
+		
+		BIO_printf(out, " ok\n");
+		/* cleanup */
+		OPENSSL_free(signature);
+		signature = NULL;
+		EC_KEY_free(eckey);
+		eckey = NULL;
+		EC_KEY_free(wrong_eckey);
+		wrong_eckey = NULL;
+		}
+
+	ret = 1;	
+builtin_err:
+	if (eckey)
+		EC_KEY_free(eckey);
+	if (wrong_eckey)
+		EC_KEY_free(wrong_eckey);
+	if (signature);
+		OPENSSL_free(signature);
+	if (curves)
+		OPENSSL_free(curves);
+
+	return ret;
+	}

 int main(void)
-{
-	EC_KEY	 	*ecdsa=NULL, *ret_ecdsa=NULL;
-	BIGNUM	 	*d=NULL;
-	X509_PUBKEY 	*x509_pubkey=NULL;
-	PKCS8_PRIV_KEY_INFO *pkcs8=NULL;
-	EVP_PKEY 	*pkey=NULL, *ret_pkey=NULL;
-	int 	 	dgst_len=0;
-	unsigned char 	*dgst=NULL;
-	int 	 	ret = 0, i=0;
-	clock_t		tim;
-	unsigned char 	*buffer=NULL;
-	unsigned char   *pp;
-	long		buf_len=0;
-	double		tim_d;
-	EVP_MD_CTX	*md_ctx=NULL;
+	{
+	int 	ret = 0;
+	BIO	*out;
+
+	out = BIO_new_fp(stdout, BIO_NOCLOSE);
 	
 	/* enable memory leak checking unless explicitly disabled */
-	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && 
+		(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
 		{
 		CRYPTO_malloc_debug_init();
 		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
@@ -374,210 +456,27 @@ int main(void)

 	ERR_load_crypto_strings();

-	if (bio_err == NULL)
-		bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
-
+	/* initialize the prng */
 	RAND_seed(rnd_seed, sizeof(rnd_seed));

-	if ((ecdsa = EC_KEY_new()) == NULL)   goto err;
-
-	set_p192_param(ecdsa);
-	EC_KEY_print(bio_err, ecdsa, 0);
-
-	/* en- decode tests */
-
-	/* i2d_ - d2i_ECParameters() */
-	BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n");
-	buf_len = i2d_ECParameters(ecdsa, NULL);
-	if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
-	pp = buffer;
-	if (!i2d_ECParameters(ecdsa, &pp)) goto err;
-	pp = buffer;
-	if ((ret_ecdsa = d2i_ECParameters(&ret_ecdsa, (const unsigned char **)&pp, 
-			buf_len)) == NULL) goto err;
-	ECParameters_print(bio_err, ret_ecdsa);
-	if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
-	OPENSSL_free(buffer);
-	buffer = NULL;
-	EC_KEY_free(ret_ecdsa);
-	ret_ecdsa = NULL;
-
-	/* i2d_ - d2i_ECPrivateKey() */
-	BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n");
-	buf_len = i2d_ECPrivateKey(ecdsa, NULL);
-	if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
-	pp = buffer;
-	if (!i2d_ECPrivateKey(ecdsa, &pp)) goto err;
-	pp = buffer;
-	if ((ret_ecdsa = d2i_ECPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, 
-			buf_len)) == NULL) goto err;
-	EC_KEY_print(bio_err, ret_ecdsa, 0);
-	if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
-	EC_KEY_free(ret_ecdsa);
-	ret_ecdsa = NULL;
-	OPENSSL_free(buffer);
-	buffer = NULL;
-
-	/* X509_PUBKEY_set() &  X509_PUBKEY_get() */	
-
-	BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set}            : ");
-	if ((pkey = EVP_PKEY_new()) == NULL) goto err;
-	EVP_PKEY_assign_EC_KEY(pkey, ecdsa);
-	if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err;
-	if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err;
-
-	if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err;
-	ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
-	EVP_PKEY_free(ret_pkey);
-	ret_pkey = NULL;
-
-	if (ecdsa_cmp(ecdsa, ret_ecdsa)) 
-	{
-		BIO_printf(bio_err, "TEST FAILED \n");
-		goto err;
-	}
-	else BIO_printf(bio_err, "TEST OK \n");
-	X509_PUBKEY_free(x509_pubkey);
-	x509_pubkey = NULL;
-	EC_KEY_free(ret_ecdsa);
-	ret_ecdsa = NULL;
-
-	/* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */
-	BIO_printf(bio_err, "Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY : \n");
-	BIO_printf(bio_err, "PKCS8_OK              : ");
-	if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err;
-	if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
-	ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
-	if (ecdsa_cmp(ecdsa, ret_ecdsa))
-	{
-		BIO_printf(bio_err, "TEST FAILED \n");
-		goto err;
-	}
-	else BIO_printf(bio_err, "TEST OK \n");
-	EVP_PKEY_free(ret_pkey);
-	ret_pkey = NULL;
-	EC_KEY_free(ret_ecdsa);
-	ret_ecdsa = NULL;
-	PKCS8_PRIV_KEY_INFO_free(pkcs8);
-	EVP_PKEY_free(pkey);
-	pkey  = NULL;
-	ecdsa = NULL;
-	pkcs8 = NULL;
-
-	/* sign and verify tests */
-	if ((d = BN_new()) == NULL) goto err;
- 
-        if (!BN_dec2bn(&d, "968236873715988614170569073515315707566766479517")) goto err;
-        dgst_len = BN_num_bytes(d);
-	if ((dgst = OPENSSL_malloc(dgst_len)) == NULL) goto err;
-        if (!BN_bn2bin(d, dgst)) goto err;
-
-        BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n");
- 
-        BIO_printf(bio_err, "PRIME_192_V1 : ");
-	if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-        if (!set_p192_param(ecdsa)) goto err;
-        if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654",
-                               "3342403536405981729393488334694600415596881826869351677613",
-                               "5735822328888155254683894997897571951568553642892029982342"))
-                goto err;
-        else
-                BIO_printf(bio_err, "OK\n");
-        BIO_printf(bio_err, "PRIME_239_V1 : ");
-        if (!set_p239_param(ecdsa))
-                goto err;
-        if (!test_x962_sig_vrf(ecdsa, dgst, "700000017569056646655505781757157107570501575775705779575555657156756655",
-                               "308636143175167811492622547300668018854959378758531778147462058306432176",
-                               "323813553209797357708078776831250505931891051755007842781978505179448783"))
-                goto err;
-        else
-                BIO_printf(bio_err, "OK\n");
-
-	EC_KEY_free(ecdsa);
-	ecdsa = NULL;
-	OPENSSL_free(dgst);
-	dgst = NULL;
-
-	for (i=0; i<ECDSA_NIST_TESTS; i++)
-		if (!RAND_bytes(digest[i], 20)) goto err;
-
- 	BIO_printf(bio_err, "\n");
-
-/* Macro for each test */
-#define ECDSA_GROUP_TEST(text, curve) \
- 	BIO_printf(bio_err, "Testing sign & verify with %s : \n", text); \
-	EC_KEY_free(ecdsa); \
-	if ((ecdsa = EC_KEY_new()) == NULL) goto err; \
-	if ((ecdsa->group = EC_GROUP_new_by_nid(curve)) == NULL) goto err; \
-	if (!EC_KEY_generate_key(ecdsa)) goto err; \
-        tim = clock(); \
-        for (i=0; i<ECDSA_NIST_TESTS; i++) \
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; \
-        tim = clock() - tim; \
-	tim_d = (double)tim / CLOCKS_PER_SEC; \
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n" \
-		, ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS); \
-	tim = clock(); \
-	for (i=0; i<ECDSA_NIST_TESTS; i++) \
-		if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err; \
-	tim = clock() - tim; \
-	tim_d = (double)tim / CLOCKS_PER_SEC; \
-	BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n" \
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS); \
-	for (i=0; i<ECDSA_NIST_TESTS; i++) \
-	{ \
-		ECDSA_SIG_free(signatures[i]); \
-		signatures[i] = NULL; \
-	}
-	
-	/* NIST PRIME CURVES TESTS */
-	ECDSA_GROUP_TEST("NIST Prime-Curve P-192", NID_X9_62_prime192v1);
-	ECDSA_GROUP_TEST("NIST Prime-Curve P-224", NID_secp224r1);
-	ECDSA_GROUP_TEST("NIST Prime-Curve P-256", NID_X9_62_prime256v1);
-	ECDSA_GROUP_TEST("NIST Prime-Curve P-384", NID_secp384r1);
-	ECDSA_GROUP_TEST("NIST Prime-Curve P-521", NID_secp521r1);
-	/* NIST BINARY CURVES TESTS */
-	ECDSA_GROUP_TEST("NIST Binary-Curve K-163", NID_sect163k1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve B-163", NID_sect163r2);
-	ECDSA_GROUP_TEST("NIST Binary-Curve K-233", NID_sect233k1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve B-233", NID_sect233r1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve K-283", NID_sect283k1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve B-283", NID_sect283r1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve K-409", NID_sect409k1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve B-409", NID_sect409r1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve K-571", NID_sect571k1);
-	ECDSA_GROUP_TEST("NIST Binary-Curve B-571", NID_sect571r1);
-#undef ECDSA_GROUP_TEST
-
-	EC_KEY_free(ecdsa);
-	ecdsa = NULL;
-	OPENSSL_free(buffer);
-	buffer = NULL;
-	EVP_PKEY_free(pkey);
-	pkey = NULL;
+	/* the tests */
+	if (!x9_62_tests(out))  goto err;
+	if (!test_builtin(out)) goto err;
 	
 	ret = 1;
-err:	if (!ret) 	
-		BIO_printf(bio_err, "TEST FAILED \n");
+err:	
+	if (!ret) 	
+		BIO_printf(out, "\nECDSA test failed\n");
 	else 
-		BIO_printf(bio_err, "TEST PASSED \n");
+		BIO_printf(out, "\nECDSA test passed\n");
 	if (!ret)
-		ERR_print_errors(bio_err);
-	if (ecdsa)	EC_KEY_free(ecdsa);
-	if (d)		BN_free(d);
-	if (dgst)	OPENSSL_free(dgst);
-	if (md_ctx)	EVP_MD_CTX_destroy(md_ctx);
-	if (pkey)	EVP_PKEY_free(pkey);
+		ERR_print_errors(out);
 	CRYPTO_cleanup_all_ex_data();
 	ERR_remove_state(0);
 	ERR_free_strings();
-	CRYPTO_mem_leaks(bio_err);
-	if (bio_err != NULL)
-	{
-		BIO_free(bio_err);
-		bio_err = NULL;
-	}
+	CRYPTO_mem_leaks(out);
+	if (out != NULL)
+		BIO_free(out);
 	return(0);
-}	
-
+	}	
 #endif
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -170,7 +170,7 @@ void ECDSA_DATA_free(ECDSA_DATA *r)

 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);

-	memset((void *)r, 0x0, sizeof(ECDSA_DATA));
+	OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA));

 	OPENSSL_free(r);
 }
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -46,6 +46,18 @@ ENGINE_load_cryptodev(void)

 #include <sys/types.h>
 #include <sys/param.h>
+
+#if OpenBSD < 200112
+
+void
+ENGINE_load_cryptodev(void)
+{
+	/* This is a NOP unless we have release 3.0 (released december 2001) */
+	return;
+}
+
+#else /* OpenBSD 3.0 or above */
+
 #include <crypto/cryptodev.h>
 #include <sys/ioctl.h>
 #include <errno.h>
@@ -1114,4 +1126,5 @@ ENGINE_load_cryptodev(void)
 	ERR_clear_error();
 }

+#endif /* OpenBSD 3.0 or above */
 #endif /* __OpenBSD__ */
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -84,6 +84,21 @@
 /* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
 /* #define TEST_ENG_OPENSSL_SHA_P_FINAL */

+/* Now check what of those algorithms are actually enabled */
+#ifdef OPENSSL_NO_RC4
+#undef TEST_ENG_OPENSSL_RC4
+#undef TEST_ENG_OPENSSL_RC4_OTHERS
+#undef TEST_ENG_OPENSSL_RC4_P_INIT
+#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
+#endif
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
+#undef TEST_ENG_OPENSSL_SHA
+#undef TEST_ENG_OPENSSL_SHA_OTHERS
+#undef TEST_ENG_OPENSSL_SHA_P_INIT
+#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
+#undef TEST_ENG_OPENSSL_SHA_P_FINAL 
+#endif
+
 #ifdef TEST_ENG_OPENSSL_RC4
 static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
 				const int **nids, int nid);
--- a/crypto/engine/enginetest.c
+++ b/crypto/engine/enginetest.c
@@ -58,9 +58,6 @@

 #include <openssl/e_os2.h>
 #include <stdio.h>
-#ifdef OPENSSL_SYS_WINCE
-#include <stdlib_extras.h>
-#endif
 #include <string.h>
 #include <openssl/buffer.h>
 #include <openssl/crypto.h>
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -132,7 +132,7 @@ static int enc_free(BIO *a)
 	if (a == NULL) return(0);
 	b=(BIO_ENC_CTX *)a->ptr;
 	EVP_CIPHER_CTX_cleanup(&(b->cipher));
-	memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+	OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
 	OPENSSL_free(a->ptr);
 	a->ptr=NULL;
 	a->init=0;
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -211,7 +211,7 @@ static int ok_free(BIO *a)
 	{
 	if (a == NULL) return(0);
 	EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
-	memset(a->ptr,0,sizeof(BIO_OK_CTX));
+	OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX));
 	OPENSSL_free(a->ptr);
 	a->ptr=NULL;
 	a->init=0;
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -301,7 +301,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 		ctx->digest->cleanup(ctx);
 	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
 		{
-		memset(ctx->md_data,0,ctx->digest->ctx_size);
+		OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
 		OPENSSL_free(ctx->md_data);
 		}
 	if(ctx->engine)
--- a/crypto/evp/e_idea.c
+++ b/crypto/evp/e_idea.c
@@ -109,7 +109,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,

 		idea_set_encrypt_key(key,&tmp);
 		idea_set_decrypt_key(&tmp,ctx->cipher_data);
-		memset((unsigned char *)&tmp,0,
+		OPENSSL_cleanse((unsigned char *)&tmp,
 				sizeof(IDEA_KEY_SCHEDULE));
 		}
 	return 1;
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -454,9 +454,9 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
 		{
 		if(c->cipher->cleanup && !c->cipher->cleanup(c))
 			return 0;
-		/* Zero cipher context data */
+		/* Cleanse cipher context data */
 		if (c->cipher_data)
-			memset(c->cipher_data, 0, c->cipher->ctx_size);
+			OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
 		}
 	if (c->cipher_data)
 		OPENSSL_free(c->cipher_data);
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 			buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
 	ret = UI_process(ui);
 	UI_free(ui);
-	memset(buff,0,BUFSIZ);
+	OPENSSL_cleanse(buff,BUFSIZ);
 	return ret;
 	}

@@ -168,7 +168,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
 		if ((nkey == 0) && (niv == 0)) break;
 		}
 	EVP_MD_CTX_cleanup(&c);
-	memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+	OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
 	return(type->key_len);
 	}

--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -49,6 +49,9 @@

 #include <stdio.h>
 #include <string.h>
+
+#include "../e_os.h"
+
 #include <openssl/evp.h>
 #include <openssl/engine.h>
 #include <openssl/conf.h>
@@ -78,7 +81,7 @@ static int convert(unsigned char *s)
 	if(!s[1])
 	    {
 	    fprintf(stderr,"Odd number of hex digits!");
-	    exit(4);
+	    EXIT(4);
 	    }
 	sscanf((char *)s,"%2x",&n);
 	*d=(unsigned char)n;
@@ -120,6 +123,12 @@ static char *sstrsep(char **string, const char *delim)
 static unsigned char *ustrsep(char **p,const char *sep)
    { return (unsigned char *)sstrsep(p,sep); }

+static int test1_exit(int ec)
+	{
+	EXIT(ec);
+	return(0);		/* To keep some compilers quiet */
+	}
+
 static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 		  const unsigned char *iv,int in,
 		  const unsigned char *plaintext,int pn,
@@ -142,7 +151,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	{
 	fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
 		c->key_len);
-	exit(5);
+	test1_exit(5);
 	}
    EVP_CIPHER_CTX_init(&ctx);
    if (encdec != 0)
@@ -150,26 +159,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
 	    {
 	    fprintf(stderr,"EncryptInit failed\n");
-	    exit(10);
+	    test1_exit(10);
 	    }
 	EVP_CIPHER_CTX_set_padding(&ctx,0);

 	if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
 	    {
 	    fprintf(stderr,"Encrypt failed\n");
-	    exit(6);
+	    test1_exit(6);
 	    }
 	if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
 	    {
 	    fprintf(stderr,"EncryptFinal failed\n");
-	    exit(7);
+	    test1_exit(7);
 	    }

 	if(outl+outl2 != cn)
 	    {
 	    fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
 		    outl+outl2,cn);
-	    exit(8);
+	    test1_exit(8);
 	    }

 	if(memcmp(out,ciphertext,cn))
@@ -177,7 +186,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	    fprintf(stderr,"Ciphertext mismatch\n");
 	    hexdump(stderr,"Got",out,cn);
 	    hexdump(stderr,"Expected",ciphertext,cn);
-	    exit(9);
+	    test1_exit(9);
 	    }
 	}

@@ -186,26 +195,26 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
 	    {
 	    fprintf(stderr,"DecryptInit failed\n");
-	    exit(11);
+	    test1_exit(11);
 	    }
 	EVP_CIPHER_CTX_set_padding(&ctx,0);

 	if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,cn))
 	    {
 	    fprintf(stderr,"Decrypt failed\n");
-	    exit(6);
+	    test1_exit(6);
 	    }
 	if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
 	    {
 	    fprintf(stderr,"DecryptFinal failed\n");
-	    exit(7);
+	    test1_exit(7);
 	    }

 	if(outl+outl2 != cn)
 	    {
 	    fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
 		    outl+outl2,cn);
-	    exit(8);
+	    test1_exit(8);
 	    }

 	if(memcmp(out,plaintext,cn))
@@ -213,7 +222,7 @@ static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
 	    fprintf(stderr,"Plaintext mismatch\n");
 	    hexdump(stderr,"Got",out,cn);
 	    hexdump(stderr,"Expected",plaintext,cn);
-	    exit(9);
+	    test1_exit(9);
 	    }
 	}

@@ -260,24 +269,24 @@ static int test_digest(const char *digest,
    if(!EVP_DigestInit_ex(&ctx,d, NULL))
 	{
 	fprintf(stderr,"DigestInit failed\n");
-	exit(100);
+	EXIT(100);
 	}
    if(!EVP_DigestUpdate(&ctx,plaintext,pn))
 	{
 	fprintf(stderr,"DigestUpdate failed\n");
-	exit(101);
+	EXIT(101);
 	}
    if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
 	{
 	fprintf(stderr,"DigestFinal failed\n");
-	exit(101);
+	EXIT(101);
 	}
    EVP_MD_CTX_cleanup(&ctx);

    if(mdn != cn)
 	{
 	fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
-	exit(102);
+	EXIT(102);
 	}

    if(memcmp(md,ciphertext,cn))
@@ -285,7 +294,7 @@ static int test_digest(const char *digest,
 	fprintf(stderr,"Digest mismatch\n");
 	hexdump(stderr,"Got",md,cn);
 	hexdump(stderr,"Expected",ciphertext,cn);
-	exit(103);
+	EXIT(103);
 	}

    printf("\n");
@@ -303,7 +312,7 @@ int main(int argc,char **argv)
    if(argc != 2)
 	{
 	fprintf(stderr,"%s <test file>\n",argv[0]);
-	exit(1);
+	EXIT(1);
 	}
    CRYPTO_malloc_debug_init();
    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
@@ -315,7 +324,7 @@ int main(int argc,char **argv)
    if(!f)
 	{
 	perror(szTestFile);
-	exit(2);
+	EXIT(2);
 	}

    /* Load up the software EVP_CIPHER and EVP_MD definitions */
@@ -371,7 +380,7 @@ int main(int argc,char **argv)
 	   && !test_digest(cipher,plaintext,pn,ciphertext,cn))
 	    {
 	    fprintf(stderr,"Can't find %s\n",cipher);
-	    exit(3);
+	    EXIT(3);
 	    }
 	}

--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -146,8 +146,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
 						 EVP_CIPHER_iv_length(cipher));
 	EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
-	memset(md_tmp, 0, EVP_MAX_MD_SIZE);
-	memset(key, 0, EVP_MAX_KEY_LENGTH);
-	memset(iv, 0, EVP_MAX_IV_LENGTH);
+	OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
+	OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+	OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
 	return 1;
 }
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -231,7 +231,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	iter = ASN1_INTEGER_get(kdf->iter);
 	PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
 	EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
-	memset(key, 0, keylen);
+	OPENSSL_cleanse(key, keylen);
 	PBKDF2PARAM_free(kdf);
 	return 1;

--- a/crypto/evp/p_open.c
+++ b/crypto/evp/p_open.c
@@ -101,7 +101,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,

 	ret=1;
 err:
-	if (key != NULL) memset(key,0,size);
+	if (key != NULL) OPENSSL_cleanse(key,size);
 	OPENSSL_free(key);
 	return(ret);
 	}
--- a/crypto/hmac/hmactest.c
+++ b/crypto/hmac/hmactest.c
@@ -60,6 +60,8 @@
 #include <string.h>
 #include <stdlib.h>

+#include "../e_os.h"
+
 #ifdef OPENSSL_NO_HMAC
 int main(int argc, char *argv[])
 {
@@ -68,12 +70,15 @@ int main(int argc, char *argv[])
 }
 #else
 #include <openssl/hmac.h>
+#ifndef OPENSSL_NO_MD5
 #include <openssl/md5.h>
+#endif

 #ifdef CHARSET_EBCDIC
 #include <openssl/ebcdic.h>
 #endif

+#ifndef OPENSSL_NO_MD5
 static struct test_st
 	{
 	unsigned char key[16];
@@ -113,13 +118,20 @@ static struct test_st
 		(unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
 	},
 	};
-
+#endif

 static char *pt(unsigned char *md);
 int main(int argc, char *argv[])
 	{
-	int i,err=0;
+#ifndef OPENSSL_NO_MD5
+	int i;
 	char *p;
+#endif
+	int err=0;
+
+#ifdef OPENSSL_NO_MD5
+	printf("test skipped: MD5 disabled\n");
+#else

 #ifdef CHARSET_EBCDIC
 	ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
@@ -144,10 +156,12 @@ int main(int argc, char *argv[])
 		else
 			printf("test %d ok\n",i);
 		}
-	exit(err);
+#endif /* OPENSSL_NO_MD5 */
+	EXIT(err);
 	return(0);
 	}

+#ifndef OPENSSL_NO_MD5
 static char *pt(unsigned char *md)
 	{
 	int i;
@@ -158,3 +172,4 @@ static char *pt(unsigned char *md)
 	return(buf);
 	}
 #endif
+#endif
--- a/crypto/idea/ideatest.c
+++ b/crypto/idea/ideatest.c
@@ -60,6 +60,8 @@
 #include <string.h>
 #include <stdlib.h>

+#include "../e_os.h"
+
 #ifdef OPENSSL_NO_IDEA
 int main(int argc, char *argv[])
 {
@@ -167,7 +169,7 @@ int main(int argc, char *argv[])
 	else
 		printf("ok\n");

-	exit(err);
+	EXIT(err);
 	return(err);
 	}

--- a/crypto/md2/Makefile.ssl
+++ b/crypto/md2/Makefile.ssl
@@ -79,8 +79,11 @@ clean:

 # DO NOT DELETE THIS LINE -- make depend depends on it.

+md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
-md2_dgst.o: ../../include/openssl/opensslv.h md2_dgst.c
+md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md2_dgst.o: md2_dgst.c
 md2_one.o: ../../e_os.h ../../include/openssl/bio.h
 md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@@ -61,6 +61,7 @@
 #include <string.h>
 #include <openssl/md2.h>
 #include <openssl/opensslv.h>
+#include <openssl/crypto.h>

 const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;

@@ -196,7 +197,7 @@ static void md2_block(MD2_CTX *c, const unsigned char *d)
 		t=(t+i)&0xff;
 		}
 	memcpy(sp1,state,16*sizeof(MD2_INT));
-	memset(state,0,48*sizeof(MD2_INT));
+	OPENSSL_cleanse(state,48*sizeof(MD2_INT));
 	}

 int MD2_Final(unsigned char *md, MD2_CTX *c)
--- a/crypto/md2/md2_one.c
+++ b/crypto/md2/md2_one.c
@@ -88,6 +88,6 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
 	}
 #endif
 	MD2_Final(md,&c);
-	memset(&c,0,sizeof(c));	/* Security consideration */
+	OPENSSL_cleanse(&c,sizeof(c));	/* Security consideration */
 	return(md);
 	}
--- a/crypto/md2/md2test.c
+++ b/crypto/md2/md2test.c
@@ -61,6 +61,8 @@
 #include <string.h>
 #include <openssl/md2.h>

+#include "../e_os.h"
+
 #ifdef OPENSSL_NO_MD2
 int main(int argc, char *argv[])
 {
@@ -122,7 +124,7 @@ int main(int argc, char *argv[])
 		R++;
 		P++;
 		}
-	exit(err);
+	EXIT(err);
 	return(0);
 	}

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
cvs2svn	14cbc6ff45	This commit was manufactured by cvs2svn to create tag 'STATE_before_zlib'.	2002-12-07 20:03:43 +00:00
Richard Levitte	b11405723d	Forgot one.	2002-12-07 20:03:42 +00:00
Richard Levitte	4c3a2b4f8a	Add a few items I intend to work on for 0.9.8 and on.	2002-12-07 20:02:20 +00:00
Andy Polyakov	bbf8198feb	Workaround for GCC-ia64 compiler bug. Submitted by: <appro> Reviewed by: PR:	2002-12-06 17:18:10 +00:00
Richard Levitte	3dda0dd2a2	Some compilers are quite picky about non-void functions that don't return anything.	2002-12-06 08:50:06 +00:00
Richard Levitte	fa63a98ad8	Apparently, bash is more forgiving than sh. To be backward compatible, don't use ==, use = instead...	2002-12-06 08:43:41 +00:00
Richard Levitte	1fc73fef48	Keep NEWS in HEAD up to date.	2002-12-06 00:39:03 +00:00
Richard Levitte	90543bd07a	Keep STATUS in HEAD up to date.	2002-12-05 23:01:17 +00:00
Richard Levitte	43ecece595	Merge in relevant changes from the OpenSSL 0.9.6h release.	2002-12-05 21:50:13 +00:00
Richard Levitte	4ba8cabf62	SSL_CERT_FILE should be used in place of the system default file, not as a first alternative to try	2002-12-05 21:07:26 +00:00
Richard Levitte	f68bb3c51f	Corrected DJGPP patch	2002-12-05 20:50:25 +00:00
Andy Polyakov	6d4ac67ac1	linux64-sparcv9 support finally debugged and tested. Submitted by: Reviewed by: PR:	2002-12-05 13:17:52 +00:00
Richard Levitte	b84d5b72f1	Make sure to implement the cryptodev engine only when /dev/crypto exists.	2002-12-05 10:16:28 +00:00
Richard Levitte	8cbccedf7c	make update	2002-12-05 01:55:48 +00:00
Richard Levitte	1c24347062	Declare another general file.	2002-12-05 01:42:14 +00:00
Richard Levitte	9ef888130d	Allow users to modify /MD to /MT. PR: 380	2002-12-05 01:35:04 +00:00
Richard Levitte	4387f47832	Make sure using SSL_CERT_FILE actually works, and has priority over system defaults. PR: 376	2002-12-05 01:20:47 +00:00
Richard Levitte	38d6e4bb50	If an application supports static locks, it MUST support dynamic locks as well to be able to use the CHIL engine. PR: 281	2002-12-05 00:56:58 +00:00
Richard Levitte	ced621e3c2	PR: 381	2002-12-05 00:05:48 +00:00
Richard Levitte	85940ea8ea	Only check for a result buffer if the allocated string is a prompt string. PR: 381	2002-12-05 00:04:30 +00:00
Richard Levitte	439ae4d398	Do not implement RC4 stuff if RC4 is disabled. Concequently, apply the same rule for SHA stuff. PR: 381	2002-12-04 22:54:02 +00:00
Richard Levitte	4fbe40c54f	gethostname() is more a BSD feature than an XOPEN one. PR: 379	2002-12-04 22:48:01 +00:00
Richard Levitte	578ca7e4cd	Correct a few typos that I introduced after applying DJGPP patches.	2002-12-04 19:13:43 +00:00
Bodo Möller	7e8c30b589	In ECPKParameters_print, output the private key length correctly (length of the order of the group, not length of the actual key, which will be shorter in some cases). Submitted by: Nils Larsch	2002-12-04 17:43:01 +00:00
Bodo Möller	2b32b28191	Don't compute timings here, we can do this elsewhere. Include X9.62 signature examples. Submitted by: Nils Larsch	2002-12-04 17:38:40 +00:00
Lutz Jänicke	532215f2db	Missing ")" Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com> Reviewed by: PR:	2002-12-04 13:30:58 +00:00
Richard Levitte	5319be4438	DJGPP patches. PR: 347	2002-12-04 09:54:10 +00:00
Richard Levitte	f7a3e73ef6	Add support for x86_64. PR: 348	2002-12-04 09:17:43 +00:00
Richard Levitte	ff3345cb72	A gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS. PR: 375	2002-12-04 08:24:18 +00:00
Dr. Stephen Henson	716b2079dc	Make ASN1_TYPE_get() work for V_ASN1_NULL type.	2002-12-04 00:49:46 +00:00
Dr. Stephen Henson	e7b6228fd3	Typo in X509v3_get_ext_by_critical	2002-12-04 00:16:00 +00:00
Dr. Stephen Henson	2053c43de2	In asn1_d2i_read_bio, don't assume BIO_read will return the requested number of bytes when reading content.	2002-12-03 23:50:59 +00:00
Richard Levitte	1c3e4a3660	EXIT() may mean return(). That's confusing, so let's have it really mean exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)	2002-12-03 16:33:03 +00:00
Richard Levitte	4707991520	Make CRYPTO_cleanse() independent of endianness.	2002-12-03 16:06:40 +00:00
Richard Levitte	7a1f92fdc3	Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au>	2002-12-03 14:20:44 +00:00
Richard Levitte	e7a285694e	define USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN gets defined). PR: 371	2002-12-02 22:49:02 +00:00
Richard Levitte	6ab285bf4c	I think I got it now. Apparently, the case of having to shift down the divisor was a bit more complex than I first saw. The lost bit can't just be discarded, as there are cases where it is important. For example, look at dividing 320000 with 80000 vs. 80001 (all decimals), the difference is crucial. The trick here is to check if that lost bit was 1, and in that case, do the following: 1. subtract the quotient from the remainder 2. as long as the remainder is negative, add the divisor (the whole divisor, not the shofted down copy) to it, and decrease the quotient by one. There's probably a nice mathematical proof for this already, but I won't bother with that, unless someone requests it from me.	2002-12-02 21:31:45 +00:00
Richard Levitte	1d3159bcca	Make some names consistent.	2002-12-02 02:40:27 +00:00
Richard Levitte	f60ceb54eb	Through some experimentation and thinking, I think I finally got the proper implementation of bn_div_words() for VAX. If the tests go through well, the next step will be to test on Alpha.	2002-12-02 02:28:27 +00:00
Richard Levitte	0f995b2f40	Small bugfix: even when r == d, we need to adjust r and q. PR: 366	2002-12-01 02:17:23 +00:00
Richard Levitte	848f735ae4	EXIT() needs to be in a function that returns int.	2002-12-01 01:23:35 +00:00
Richard Levitte	a678430602	Redo the VAX assembler version of bn_div_words(). PR: 366	2002-12-01 00:49:36 +00:00
Richard Levitte	e9b553dac1	Remove incorrect assert. PR: 360	2002-11-29 15:18:22 +00:00
Richard Levitte	db3758923b	Make it so all names mentioned in the NAME section of each manpage becomes a symlink to said manpage. PR: 242	2002-11-29 15:00:58 +00:00
Richard Levitte	5e4a75e79f	Correct some names.	2002-11-29 14:21:54 +00:00
Richard Levitte	43d601641f	A few more memset()s converted to OPENSSL_cleanse(). I think I got them all covered by now, bu please, if you find any more, tell me and I'll correct it. PR: 343	2002-11-29 11:30:45 +00:00
Richard Levitte	55f78baf32	Have all tests use EXIT() to exit rather than exit(), since the latter doesn't always give the expected result on some platforms.	2002-11-28 18:54:30 +00:00
Richard Levitte	6c359479d7	Make sure EXIT() can always be used as one statement.	2002-11-28 18:52:14 +00:00
Richard Levitte	4579924b7e	Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some.	2002-11-28 08:04:36 +00:00
Richard Levitte	2047bda6fb	Unused variable removed.	2002-11-27 13:40:41 +00:00
Richard Levitte	406c6f6962	Extra ; removed.	2002-11-27 13:40:11 +00:00