This commit was manufactured by cvs2svn to create tag 'OpenSSL_0_9_3beta1'.

.cvsignore

@@ -1,6 +1,3 @@
 Makefile.ssl
 MINFO
 makefile.one
-tmp
-out
-outinc

CHANGES

@@ -3,33 +3,12 @@
  _______________
 
 
- Changes between 0.9.3 and 0.9.3a  [29 May 1999]
-
-  *) New configuration variant "sco5-gcc".
-
-  *) Updated some demos.
-     [Sean O Riordain, Wade Scholine]
-
-  *) Add missing BIO_free at exit of pkcs12 application.
-     [Wu Zhigang]
-
-  *) Fix memory leak in conf.c.
-     [Steve Henson]
-
-  *) Updates for Win32 to assembler version of MD5.
-     [Steve Henson]
-
-  *) Set #! path to perl in apps/der_chop to where we found it
-     instead of using a fixed path.
-     [Bodo Moeller]
-
-  *) SHA library changes for irix64-mips4-cc.
-     [Andy Polyakov]
-
-  *) Improvements for VMS support.
-     [Richard Levitte]
-
- Changes between 0.9.2b and 0.9.3  [24 May 1999]
+ Changes between 0.9.2b and 0.9.3  [XX May 1999]
+                                   [I suggest using the same format for the
+                                   date as in opensslv.h.  0.9.1c used
+                                   hyphens in the date, so I wrote
+                                   [23-Dec-1998] down below; but in later
+                                   versions, these hyphens are gone.]
 
   *) Bignum library bug fix. IRIX 6 passes "make test" now!
      This also avoids the problems with SC4.2 and unpatched SC5.  

Configure

@@ -97,7 +97,6 @@ my %table=(
 "debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe:(unknown):::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe:(unknown):::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall:(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-bodo",	"gcc:-DL_ENDIAN -O3 -g -m486 -Wall:-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 "dist",		"cc:-O:(unknown):::::",
 
 # Basic configs that should work on any box
@@ -135,8 +134,8 @@ my %table=(
 "irix-mips3-gcc","gcc:-mips3 -O2 -DTERMIOS -DB_ENDIAN:(unknown)::MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:::",
 "irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN:(unknown)::DES_PTR DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:::",
 "debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:(unknown):::::",
-# This is the n64 mode build.
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN:(unknown)::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:::",
+# This is the n64 mode build. (Untested!)
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS:(unknown)::DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT:::",
 
 # HPUX 9.X config.
 # Don't use the bundled cc.  It is broken.  Use HP ANSI C if possible, or gcc.
@@ -221,7 +220,6 @@ my %table=(
 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
 # SCO cc.
 "sco5-cc",  "cc::(unknown):-lsocket:$x86_gcc_des ${x86_gcc_opts}:::", # des options?
-"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer:(unknown):-lsocket:BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
 
 # Sinix/ReliantUNIX RM400
 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
@@ -367,14 +365,6 @@ foreach (@ARGV)
 	$options .= $_ unless $_ eq $target;
 }
 
-if ($target eq "TABLE") {
-	foreach $target (sort keys %table) {
-		print_table_entry($target);
-	}
-	print "\n";
-	exit 0;
-}
-
 &usage if (!defined($table{$target}));
 
 my $IsWindows=scalar grep /^$target$/,@WinTargets;
@@ -659,12 +649,6 @@ if($IsWindows) {
 	# Run "make depend" manually if you want to be able to delete
 	# the source code files of ciphers you left out.
 	&dofile("tools/c_rehash",$openssldir,'^DIR=',	'DIR=%s',);
-	if ( $perl =~ m@^/@) {
-	    &dofile("apps/der_chop",$perl,'^#!/', '#!%s');
-	} else {
-	    # No path for Perl known ...
-	    &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
-	}	    
 }
 
 my $pwd;
@@ -765,32 +749,3 @@ sub dofile
 	rename($f,"$ff.bak") || die "unable to rename $f\n" if -e $f;
 	rename("$ff.new",$f) || die "unable to rename $ff.new\n";
 	}
-
-sub print_table_entry
-	{
-	my $target = shift;
-
-	(my $cc,my $cflags,my $thread_cflag,my $lflags,my $bn_ops,
-	my $bn_obj,my $des_obj,my $bf_obj,
-	$md5_obj,$sha1_obj,my $cast_obj,my $rc4_obj,$rmd160_obj,my $rc5_obj)=
-	split(/\s*:\s*/,$table{$target} . ":" x 20 , -1);
-			
-	print <<EOF
-
-*** $target
-\$cc           = $cc
-\$cflags       = $cflags
-\$thread_cflag = $thread_cflag
-\$lflags       = $lflags
-\$bn_ops       = $bn_ops
-\$bn_obj       = $bn_obj
-\$des_obj      = $des_obj
-\$bf_obj       = $bf_obj
-\$md5_obj      = $md5_obj
-\$sha1_obj     = $sha1_obj
-\$cast_obj     = $cast_obj
-\$rc4_obj      = $rc4_obj
-\$rmd160_obj   = $rmd160_obj
-\$rc5_obj      = $rc5_obj
-EOF
-	}

INSTALL

@@ -119,11 +119,6 @@
      Include the output of "./config -t" and the OpenSSL version
      number in your message.
 
-     [If you encounter assembler error messages, try the "no-asm"
-     configuration option as an immediate fix.  Note that on Solaris x86
-     (not on Sparcs!) you may have to install the GNU assembler to use
-     OpenSSL assembler code -- /usr/ccs/bin/as won't do.]
-
   3. After a successful build, the libraries should be tested. Run:
 
        $ make test

INSTALL.VMS

@@ -83,10 +83,6 @@ Note 2: if you want to compile the crypto library only, please make sure
         you have at least done a @MAKEVMS DATE and a @MAKEVMS SOFTLINKS.
         A lot of things will break if you don't.
 
-Note 3: Alpha users will get a number of informational messages when
-        compiling the [.asm]vms.mar file in the BN (bignum) part of
-        the crypto library.  These can be safely ignored.
-
 Test:
 =====
 
@@ -110,9 +106,6 @@ Installation is easy, just do the following:
 subdirectories, libraries, header files, programs and startup command
 procedures.
 
-N.B.: INSTALL.COM builds a new directory structure, different from
-the directory tree where you have now build OpenSSL.
-
 In the [.VMS] subdirectory of the installation, you will find the
 following command procedures:
 
@@ -134,29 +127,15 @@ The logical names that are set up are the following:
 
   SSLROOT       a dotted concealed logical name pointing at the
                 root directory.
+  SSLLIB        points at the directory where CRYPTORTL.OLB and
+		SSLRTL.OLB are installed.
+  SSLINCLUDE    points at the directory where the header files are
+                installed.
+  SSLEXE        points at the directory where the applications are
+                installed.
+  SSLCERTS      the place where the certificates are stored.
+  SSLPRIVATE    I'm actually not sure what this is used for.
 
-  SSLCERTS      Initially an empty directory, this is the default
-		location for certificate files.
-  SSLMISC	Various scripts.
-  SSLPRIVATE	Initially an empty directory, this is the default
-		location for private key files.
-
-  SSLEXE        Contains the openssl binary and a few other utility
-		programs.
-  SSLINCLUDE    Contains the header files needed if you want to
-		compile programs with libcrypto or libssl.
-  SSLLIB        Contains the OpenSSL library files (LIBCRYPTO.OLB
-		and LIBSSL.OLB) themselves.
-
-  OPENSSL	Same as SSLINCLUDE.  This is because the standard
-		way to include OpenSSL header files from version
-		0.9.3 and on is:
-
-			#include <openssl/header.h>
-
-		For more info on this issue, see the INSTALL. file
-		(the NOTE in section 4 of "Installation in Detail").
-		You don't need to "deleting old header files"!!!
 
 Backward portability:
 =====================
@@ -223,23 +202,3 @@ for further info.
 -- 
 Richard Levitte <richard@levitte.org>
 1999-03-09
-
-
-TODO:
-=====
-
-There are a few things that need to be worked out in the VMS version of
-OpenSSL, still:
-
-- Description files. ("Makefile's" :-))
-- Script code to link an already compiled build tree.
-- A VMSINSTALlable version (way in the future, unless someone else hacks).
-- shareable images (DLL for you Windows folks).
-
-There may be other things that I have missed and that may be desirable.
-Please send mail to <openssl-users@openssl.org> or to me directly if you
-have any ideas.
-
---
-Richard Levitte <richard@levitte.org>
-1999-05-24

INSTALL.W32

@@ -6,7 +6,7 @@
  this is tested on Win32 but it may also work in Win 3.1 with some
  modification.  See the end of this file for Eric's original comments.
 
- You need Perl for Win32 (available from http://www.activestate.com/ActivePerl)
+ You need Perl for Win32 (available from http://activestate.com/ActivePerl)
  and one of the following C compilers:
 
   * Visual C++

Makefile.org

@@ -294,7 +294,7 @@ errors:
 
 tar:
 	@tar --norecurse -cvf - \
-		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS | sort` |\
+		`find * -depth \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS | sort` |\
 	tardy --user_number=0  --user_name=openssl \
 	      --group_number=0 --group_name=openssl \
 	      --prefix=openssl-$(VERSION) - |\

README

@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.3 24 May 1999
+ OpenSSL 0.9.2b 22-Mar-1999
 
  Copyright (c) 1998-1999 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

VMS/WISHLIST.TXT

@@ -1,4 +0,0 @@
-* Have the building procedure contain a LINK-only possibility.
-  Wished by Mark Daniel <mark.daniel@dsto.defence.gov.au>
-
-  One way to enable that is also to go over to DESCRIP.MMS files.

VMS/install.com

@@ -1,65 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte <richard@levitte.org>
-$! Time of creation: 23-MAY-1998 19:22
-$!
-$! P1	root of the directory tree
-$!
-$	IF P1 .EQS. ""
-$	THEN
-$	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
-$	    EXIT
-$	ENDIF
-$
-$	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
-		   - "[000000." - "][" - "[" - "]"
-$	ROOT = ROOT_DEV + "[" + ROOT_DIR
-$
-$	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
-$	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
-$	DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
-$	DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
-$
-$	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLROOT:[VMS]
-$
-$	OPEN/WRITE SF WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$	WRITE SYS$OUTPUT "%OPEN-I-CREATED,  ",F$SEARCH("WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM")," created."
-$	WRITE SF "$! Startup file for Openssl 0.9.2-RL 15-Mar-1999"
-$	WRITE SF "$!"
-$	WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
-$	WRITE SF "$! Instead, add or change SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$	WRITE SF "$!"
-$	WRITE SF "$! P1	a qualifier to DEFINE.  For example ""/SYSTEM"" to get the logical names"
-$	WRITE SF "$!	defined in the system logical name table."
-$	WRITE SF "$!"
-$	WRITE SF "$	ARCH = ""VAX"""
-$	WRITE SF "$	IF F$GETSYI(""CPU"") .GE. 128 THEN ARCH = ""ALPHA"""
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLROOT		",ROOT,".] /TRANS=CONC"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLLIB		SSLROOT:['ARCH'_LIB]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLINCLUDE	SSLROOT:[INCLUDE]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLEXE		SSLROOT:['ARCH'_EXE]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLCERTS	SSLROOT:[CERTS]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLPRIVATE	SSLROOT:[PRIVATE]"
-$	WRITE SF "$"
-$	WRITE SF "$!	This is program can include <openssl/{foo}.h>"
-$	WRITE SF "$	DEFINE/NOLOG'P1	OPENSSL		SSLINCLUDE:"
-$	WRITE SF "$"
-$	WRITE SF "$	IF F$SEARCH(""SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"") .NES."""" THEN -"
-$	WRITE SF "	   @SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$	WRITE SF "$"
-$	WRITE SF "$	EXIT"
-$	CLOSE SF
-$
-$	COPY OPENSSL_UTILS.COM WRK_SSLROOT:[VMS]/LOG
-$
-$	EXIT

VMS/multinet_shr.opt

@@ -1 +0,0 @@
-multinet:multinet_socket_library.exe/share

VMS/openssl_utils.com

@@ -1,38 +0,0 @@
-$!
-$!  APPS.COM
-$!  Written By:  Robert Byer
-$!               Vice-President
-$!               A-Com Computing, Inc.
-$!               byer@mail.all-net.net
-$!
-$!
-$! Slightly modified by Richard Levitte <richard@levitte.org>
-$!
-$ OPENSSL  :== $SSLEXE:OPENSSL
-$ VERIFY   :== $SSLEXE:OPENSSL VERIFY
-$ ASN1PARSE:== $SSLEXE:OPENSSL ASN1PARS
-$ REQ      :== $SSLEXE:OPENSSL REQ
-$ DGST     :== $SSLEXE:OPENSSL DGST
-$ DH       :== $SSLEXE:OPENSSL DH
-$ ENC      :== $SSLEXE:OPENSSL ENC
-$ GENDH    :== $SSLEXE:OPENSSL GENDH
-$ ERRSTR   :== $SSLEXE:OPENSSL ERRSTR
-$ CA       :== $SSLEXE:OPENSSL CA
-$ CRL      :== $SSLEXE:OPENSSL CRL
-$ RSA      :== $SSLEXE:OPENSSL RSA
-$ DSA      :== $SSLEXE:OPENSSL DSA
-$ DSAPARAM :== $SSLEXE:OPENSSL DSAPARAM
-$ X509     :== $SSLEXE:OPENSSL X509
-$ GENRSA   :== $SSLEXE:OPENSSL GENRSA
-$ GENDSA   :== $SSLEXE:OPENSSL GENDSA
-$ S_SERVER :== $SSLEXE:OPENSSL S_SERVER
-$ S_CLIENT :== $SSLEXE:OPENSSL S_CLIENT
-$ SPEED    :== $SSLEXE:OPENSSL SPEED
-$ S_TIME   :== $SSLEXE:OPENSSL S_TIME
-$ VERSION  :== $SSLEXE:OPENSSL VERSION
-$ PKCS7    :== $SSLEXE:OPENSSL PKCS7
-$ CRL2PKCS7:== $SSLEXE:OPENSSL CRL2P7
-$ SESS_ID  :== $SSLEXE:OPENSSL SESS_ID
-$ CIPHERS  :== $SSLEXE:OPENSSL CIPHERS
-$ NSEQ     :== $SSLEXE:OPENSSL NSEQ
-$ PKCS12   :== $SSLEXE:OPENSSL PKCS12

VMS/socketshr_shr.opt

@@ -1 +0,0 @@
-socketshr/share

VMS/ucx_shr_decc.opt

@@ -1 +0,0 @@
-sys$share:ucx$ipc_shr.exe/share

VMS/ucx_shr_decc_log.opt

@@ -1 +0,0 @@
-ucx$ipc_shr/share

VMS/ucx_shr_vaxc.opt

@@ -1 +0,0 @@
-sys$library:ucx$ipc.olb/library

apps/.cvsignore

@@ -1,4 +1,2 @@
 openssl
 Makefile.save
-der_chop
-der_chop.bak

apps/apps.h

@@ -59,7 +59,7 @@
 #ifndef HEADER_APPS_H
 #define HEADER_APPS_H
 
-#include "openssl/e_os.h"
+#include <openssl/e_os.h>
 
 #include <openssl/buffer.h>
 #include <openssl/bio.h>

apps/eay.c

@@ -62,8 +62,7 @@
 
 #define MONOLITH
 #define USE_SOCKETS
-
-#include "openssl/e_os.h"
+#include <openssl/e_os.h>
 
 #include <openssl/bio.h>
 #include <openssl/stack.h>

apps/openssl-vms.cnf

@@ -3,17 +3,10 @@
 # This is mostly being used for generation of certificate requests.
 #
 
-RANDFILE		= $ENV::HOME/.rnd
-oid_file		= $ENV::HOME/.oid
+RANDFILE		= $ENV::HOME.rnd
+oid_file		= $ENV::HOME.oid
 oid_section		= new_oids
 
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
 [ new_oids ]
 
 # We can add new OIDs in here for use by 'ca' and 'req'.
@@ -42,11 +35,6 @@ private_key	= $dir.private]cakey.pem# The private key
 RANDFILE	= $dir.private].rand	# private random number file
 
 x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
 default_md	= md5			# which md to use.
@@ -135,33 +123,31 @@ basicConstraints=CA:FALSE
 # the certificate can be used for anything *except* object signing.
 
 # This is OK for an SSL server.
-# nsCertType			= server
+#nsCertType			= server
 
 # For an object signing certificate this would be used.
-# nsCertType = objsign
+#nsCertType = objsign
 
 # For normal client use this is typical
-# nsCertType = client, email
+#nsCertType = client, email
 
-# and for everything including object signing:
-# nsCertType = client, email, objsign
+# This is typical also
 
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 
-# This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"
 
-# PKIX recommendations harmless if included in all certificates.
+# PKIX recommendations
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer:always
 
-# This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
-# subjectAltName=email:copy
+
+subjectAltName=email:copy
 
 # Copy subject details
-# issuerAltName=issuer:copy
+
+issuerAltName=issuer:copy
 
 #nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
 #nsBaseUrl
@@ -174,6 +160,8 @@ authorityKeyIdentifier=keyid,issuer:always
 
 # Extensions for a typical CA
 
+# It's a CA certificate
+basicConstraints = CA:true
 
 # PKIX recommendation.
 
@@ -184,31 +172,19 @@ authorityKeyIdentifier=keyid:always,issuer:always
 # This is what PKIX recommends but some broken software chokes on critical
 # extensions.
 #basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
 
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
+# Key usage: again this should really be critical.
+keyUsage = cRLSign, keyCertSign
 
 # Some might want this also
-# nsCertType = sslCA, emailCA
+#nsCertType = sslCA, emailCA
 
 # Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
+subjectAltName=email:copy
 # Copy issuer details
-# issuerAltName=issuer:copy
+issuerAltName=issuer:copy
 
 # RAW DER hex encoding of an extension: beware experts only!
 # 1.2.3.5=RAW:02:03
 # You can even override a supported extension:
 # basicConstraints= critical, RAW:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always

apps/pkcs12.c

@@ -452,7 +452,6 @@ if (export_cert) {
     PKCS12_free(p12);
     ret = 0;
     end:
-    BIO_free(out);
     EXIT(ret);
 }
 

apps/x509.c

@@ -85,7 +85,7 @@
 static char *x509_usage[]={
 "usage: x509 args\n",
 " -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
-" -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
+" -outform arg    - output format - default PEM (one of DER, NET or PEM\n",
 " -keyform arg    - private key format - default PEM\n",
 " -CAform arg     - CA format - default PEM\n",
 " -CAkeyform arg  - CA key format - default PEM\n",

config

@@ -304,7 +304,6 @@ echo Operating system: $GUESSOS
 case "$GUESSOS" in
   alpha-*-linux2) OUT="alpha-gcc" ;;
   ppc-*-linux2) OUT="linux-ppc" ;;
-  mips-*-linux?) OUT="linux-mips" ;;
   *-*-linux2) OUT="linux-elf" ;;
   *-*-linux1) OUT="linux-aout" ;;
   sun4u-sun-solaris2) OUT="solaris-usparc-$CC" ;;

crypto/Makefile.ssl

@@ -106,7 +106,7 @@ install:
 	@for i in $(SDIRS) ;\
 	do \
 	(cd $$i; echo "making install in crypto/$$i..."; \
-	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}'  INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
 	done;
 
 lint:

crypto/bf/Makefile.ssl

@@ -100,7 +100,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/bn/Makefile.ssl

@@ -156,7 +156,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/co86unix.cpp asm/bn86unix.cpp *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_asm.s
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/bn/bn_asm.c

@@ -93,8 +93,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
 	bn_check_num(num);
 	if (num <= 0) return(c1);
 
-	/* for (;;) */
-	while (1) /* circumvent egcs-1.1.2 bug */
+	for (;;)
 		{
 		mul(rp[0],ap[0],w,c1);
 		if (--num == 0) break;

crypto/bn/bntest.c

@@ -59,9 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/bio.h>
 #include <openssl/bn.h>
 #include <openssl/rand.h>
@@ -75,7 +73,7 @@
 int test_add(BIO *bp);
 int test_sub(BIO *bp);
 int test_lshift1(BIO *bp);
-int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_);
+int test_lshift(BIO *bp,BN_CTX *ctx);
 int test_rshift1(BIO *bp);
 int test_rshift(BIO *bp,BN_CTX *ctx);
 int test_div(BIO *bp,BN_CTX *ctx);
@@ -95,9 +93,6 @@ static int results=0;
 #include "bss_file.c"
 #endif
 
-static unsigned char lst1[]="\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
-"\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
-
 int main(int argc, char *argv[])
 	{
 	BN_CTX *ctx;
@@ -155,13 +150,8 @@ int main(int argc, char *argv[])
 	if (!test_lshift1(out)) goto err;
 	fflush(stdout);
 
-	fprintf(stderr,"test BN_lshift (fixed)\n");
-	if (!test_lshift(out,ctx,BN_bin2bn(lst1,sizeof(lst1)-1,NULL)))
-	    goto err;
-	fflush(stdout);
-
 	fprintf(stderr,"test BN_lshift\n");
-	if (!test_lshift(out,ctx,NULL)) goto err;
+	if (!test_lshift(out,ctx)) goto err;
 	fflush(stdout);
 
 	fprintf(stderr,"test BN_rshift1\n");
@@ -823,24 +813,19 @@ int test_exp(BIO *bp, BN_CTX *ctx)
 	return(1);
 	}
 
-int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
+int test_lshift(BIO *bp,BN_CTX *ctx)
 	{
 	BIGNUM *a,*b,*c,*d;
 	int i;
 
+	a=BN_new();
 	b=BN_new();
 	c=BN_new();
 	d=BN_new();
 	BN_one(c);
 
-	if(a_)
-	    a=a_;
-	else
-	    {
-	    a=BN_new();
-	    BN_rand(a,200,0,0); /**/
-	    a->neg=rand_neg();
-	    }
+	BN_rand(a,200,0,0); /**/
+	a->neg=rand_neg();
 	for (i=0; i<70; i++)
 		{
 		BN_lshift(b,a,i+1);
@@ -862,15 +847,6 @@ int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
 		if(!BN_is_zero(d))
 		    {
 		    BIO_puts(bp,"Left shift test failed!\n");
-		    BIO_puts(bp,"a=");
-		    BN_print(bp,a);
-		    BIO_puts(bp,"\nb=");
-		    BN_print(bp,b);
-		    BIO_puts(bp,"\nc=");
-		    BN_print(bp,c);
-		    BIO_puts(bp,"\nd=");
-		    BN_print(bp,d);
-		    BIO_puts(bp,"\n");
 		    return 0;
 		    }
 		}

crypto/cast/Makefile.ssl

@@ -103,7 +103,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/cx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/cast/cast_lcl.h

@@ -60,8 +60,7 @@
 #include <stdlib.h>
 #endif
 
-
-#include "openssl/e_os.h" /* OPENSSL_EXTERN */
+#include <openssl/e_os.h>	/* OPENSSL_EXTERN */
 
 #undef c2l
 #define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \

crypto/conf/conf.c

@@ -358,7 +358,7 @@ char *CONF_get_string(LHASH *conf, char *section, char *name)
 				if (p != NULL) return(p);
 				}
 			}
-		vv.section="default";
+		vv.section=BUF_strdup("default");
 		vv.name=name;
 		v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
 		if (v != NULL)

crypto/cryptlib.h

@@ -66,8 +66,7 @@
 extern "C" {
 #endif
 
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h> 
 #include <openssl/bio.h> 

crypto/des/Makefile.ssl

@@ -132,7 +132,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/dx86unix.cpp asm/yx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/des/read_pwd.c

@@ -82,7 +82,6 @@
 #include "des_locl.h"
 #include "cryptlib.h"
 #include <signal.h>
-#include <stdio.h>
 #include <string.h>
 #include <setjmp.h>
 #include <errno.h>

crypto/md5/Makefile.ssl

@@ -109,10 +109,10 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
-md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_locl.h
+md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslv.h
+md5_dgst.o: ../md32_common.h md5_locl.h
 md5_one.o: ../../include/openssl/md5.h

crypto/md5/asm/m5-win32.asm

@@ -8,16 +8,15 @@
         .386
 .model FLAT
 _TEXT	SEGMENT
-PUBLIC	_md5_block_asm_host_order
+PUBLIC	_md5_block_x86
 
-_md5_block_asm_host_order PROC NEAR
+_md5_block_x86 PROC NEAR
 	push	esi
 	push	edi
 	mov	edi,		DWORD PTR 12[esp]
 	mov	esi,		DWORD PTR 16[esp]
 	mov	ecx,		DWORD PTR 20[esp]
 	push	ebp
-	shl	ecx,		6
 	push	ebx
 	add	ecx,		esi
 	sub	ecx,		64
@@ -35,161 +34,161 @@ L000start:
 	xor	edi,		edx
 	and	edi,		ebx
 	lea	eax,		DWORD PTR 3614090360[ebp*1+eax]
+	mov	ebp,		DWORD PTR 4[esi]
 	xor	edi,		edx
 	add	eax,		edi
 	mov	edi,		ebx
 	rol	eax,		7
-	mov	ebp,		DWORD PTR 4[esi]
 	add	eax,		ebx
 	; R0 1
 	xor	edi,		ecx
 	and	edi,		eax
 	lea	edx,		DWORD PTR 3905402710[ebp*1+edx]
+	mov	ebp,		DWORD PTR 8[esi]
 	xor	edi,		ecx
 	add	edx,		edi
 	mov	edi,		eax
 	rol	edx,		12
-	mov	ebp,		DWORD PTR 8[esi]
 	add	edx,		eax
 	; R0 2
 	xor	edi,		ebx
 	and	edi,		edx
 	lea	ecx,		DWORD PTR 606105819[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 12[esi]
 	xor	edi,		ebx
 	add	ecx,		edi
 	mov	edi,		edx
 	rol	ecx,		17
-	mov	ebp,		DWORD PTR 12[esi]
 	add	ecx,		edx
 	; R0 3
 	xor	edi,		eax
 	and	edi,		ecx
 	lea	ebx,		DWORD PTR 3250441966[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 16[esi]
 	xor	edi,		eax
 	add	ebx,		edi
 	mov	edi,		ecx
 	rol	ebx,		22
-	mov	ebp,		DWORD PTR 16[esi]
 	add	ebx,		ecx
 	; R0 4
 	xor	edi,		edx
 	and	edi,		ebx
 	lea	eax,		DWORD PTR 4118548399[ebp*1+eax]
+	mov	ebp,		DWORD PTR 20[esi]
 	xor	edi,		edx
 	add	eax,		edi
 	mov	edi,		ebx
 	rol	eax,		7
-	mov	ebp,		DWORD PTR 20[esi]
 	add	eax,		ebx
 	; R0 5
 	xor	edi,		ecx
 	and	edi,		eax
 	lea	edx,		DWORD PTR 1200080426[ebp*1+edx]
+	mov	ebp,		DWORD PTR 24[esi]
 	xor	edi,		ecx
 	add	edx,		edi
 	mov	edi,		eax
 	rol	edx,		12
-	mov	ebp,		DWORD PTR 24[esi]
 	add	edx,		eax
 	; R0 6
 	xor	edi,		ebx
 	and	edi,		edx
 	lea	ecx,		DWORD PTR 2821735955[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 28[esi]
 	xor	edi,		ebx
 	add	ecx,		edi
 	mov	edi,		edx
 	rol	ecx,		17
-	mov	ebp,		DWORD PTR 28[esi]
 	add	ecx,		edx
 	; R0 7
 	xor	edi,		eax
 	and	edi,		ecx
 	lea	ebx,		DWORD PTR 4249261313[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 32[esi]
 	xor	edi,		eax
 	add	ebx,		edi
 	mov	edi,		ecx
 	rol	ebx,		22
-	mov	ebp,		DWORD PTR 32[esi]
 	add	ebx,		ecx
 	; R0 8
 	xor	edi,		edx
 	and	edi,		ebx
 	lea	eax,		DWORD PTR 1770035416[ebp*1+eax]
+	mov	ebp,		DWORD PTR 36[esi]
 	xor	edi,		edx
 	add	eax,		edi
 	mov	edi,		ebx
 	rol	eax,		7
-	mov	ebp,		DWORD PTR 36[esi]
 	add	eax,		ebx
 	; R0 9
 	xor	edi,		ecx
 	and	edi,		eax
 	lea	edx,		DWORD PTR 2336552879[ebp*1+edx]
+	mov	ebp,		DWORD PTR 40[esi]
 	xor	edi,		ecx
 	add	edx,		edi
 	mov	edi,		eax
 	rol	edx,		12
-	mov	ebp,		DWORD PTR 40[esi]
 	add	edx,		eax
 	; R0 10
 	xor	edi,		ebx
 	and	edi,		edx
 	lea	ecx,		DWORD PTR 4294925233[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 44[esi]
 	xor	edi,		ebx
 	add	ecx,		edi
 	mov	edi,		edx
 	rol	ecx,		17
-	mov	ebp,		DWORD PTR 44[esi]
 	add	ecx,		edx
 	; R0 11
 	xor	edi,		eax
 	and	edi,		ecx
 	lea	ebx,		DWORD PTR 2304563134[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 48[esi]
 	xor	edi,		eax
 	add	ebx,		edi
 	mov	edi,		ecx
 	rol	ebx,		22
-	mov	ebp,		DWORD PTR 48[esi]
 	add	ebx,		ecx
 	; R0 12
 	xor	edi,		edx
 	and	edi,		ebx
 	lea	eax,		DWORD PTR 1804603682[ebp*1+eax]
+	mov	ebp,		DWORD PTR 52[esi]
 	xor	edi,		edx
 	add	eax,		edi
 	mov	edi,		ebx
 	rol	eax,		7
-	mov	ebp,		DWORD PTR 52[esi]
 	add	eax,		ebx
 	; R0 13
 	xor	edi,		ecx
 	and	edi,		eax
 	lea	edx,		DWORD PTR 4254626195[ebp*1+edx]
+	mov	ebp,		DWORD PTR 56[esi]
 	xor	edi,		ecx
 	add	edx,		edi
 	mov	edi,		eax
 	rol	edx,		12
-	mov	ebp,		DWORD PTR 56[esi]
 	add	edx,		eax
 	; R0 14
 	xor	edi,		ebx
 	and	edi,		edx
 	lea	ecx,		DWORD PTR 2792965006[ebp*1+ecx]
+	mov	ebp,		DWORD PTR 60[esi]
 	xor	edi,		ebx
 	add	ecx,		edi
 	mov	edi,		edx
 	rol	ecx,		17
-	mov	ebp,		DWORD PTR 60[esi]
 	add	ecx,		edx
 	; R0 15
 	xor	edi,		eax
 	and	edi,		ecx
 	lea	ebx,		DWORD PTR 1236535329[ebp*1+ebx]
+	mov	ebp,		DWORD PTR 4[esi]
 	xor	edi,		eax
 	add	ebx,		edi
 	mov	edi,		ecx
 	rol	ebx,		22
-	mov	ebp,		DWORD PTR 4[esi]
 	add	ebx,		ecx
 	; 
 	; R1 section
@@ -360,8 +359,8 @@ L000start:
 	xor	edi,		ebx
 	lea	eax,		DWORD PTR 4294588738[ebp*1+eax]
 	add	eax,		edi
-	rol	eax,		4
 	mov	ebp,		DWORD PTR 32[esi]
+	rol	eax,		4
 	mov	edi,		ebx
 	; R2 33
 	lea	edx,		DWORD PTR 2272392833[ebp*1+edx]
@@ -378,8 +377,8 @@ L000start:
 	xor	edi,		edx
 	lea	ecx,		DWORD PTR 1839030562[ebp*1+ecx]
 	add	ecx,		edi
-	rol	ecx,		16
 	mov	ebp,		DWORD PTR 56[esi]
+	rol	ecx,		16
 	mov	edi,		edx
 	; R2 35
 	lea	ebx,		DWORD PTR 4259657740[ebp*1+ebx]
@@ -396,8 +395,8 @@ L000start:
 	xor	edi,		ebx
 	lea	eax,		DWORD PTR 2763975236[ebp*1+eax]
 	add	eax,		edi
-	rol	eax,		4
 	mov	ebp,		DWORD PTR 16[esi]
+	rol	eax,		4
 	mov	edi,		ebx
 	; R2 37
 	lea	edx,		DWORD PTR 1272893353[ebp*1+edx]
@@ -414,8 +413,8 @@ L000start:
 	xor	edi,		edx
 	lea	ecx,		DWORD PTR 4139469664[ebp*1+ecx]
 	add	ecx,		edi
-	rol	ecx,		16
 	mov	ebp,		DWORD PTR 40[esi]
+	rol	ecx,		16
 	mov	edi,		edx
 	; R2 39
 	lea	ebx,		DWORD PTR 3200236656[ebp*1+ebx]
@@ -432,8 +431,8 @@ L000start:
 	xor	edi,		ebx
 	lea	eax,		DWORD PTR 681279174[ebp*1+eax]
 	add	eax,		edi
-	rol	eax,		4
 	mov	ebp,		DWORD PTR [esi]
+	rol	eax,		4
 	mov	edi,		ebx
 	; R2 41
 	lea	edx,		DWORD PTR 3936430074[ebp*1+edx]
@@ -450,8 +449,8 @@ L000start:
 	xor	edi,		edx
 	lea	ecx,		DWORD PTR 3572445317[ebp*1+ecx]
 	add	ecx,		edi
-	rol	ecx,		16
 	mov	ebp,		DWORD PTR 24[esi]
+	rol	ecx,		16
 	mov	edi,		edx
 	; R2 43
 	lea	ebx,		DWORD PTR 76029189[ebp*1+ebx]
@@ -468,8 +467,8 @@ L000start:
 	xor	edi,		ebx
 	lea	eax,		DWORD PTR 3654602809[ebp*1+eax]
 	add	eax,		edi
-	rol	eax,		4
 	mov	ebp,		DWORD PTR 48[esi]
+	rol	eax,		4
 	mov	edi,		ebx
 	; R2 45
 	lea	edx,		DWORD PTR 3873151461[ebp*1+edx]
@@ -486,8 +485,8 @@ L000start:
 	xor	edi,		edx
 	lea	ecx,		DWORD PTR 530742520[ebp*1+ecx]
 	add	ecx,		edi
-	rol	ecx,		16
 	mov	ebp,		DWORD PTR 8[esi]
+	rol	ecx,		16
 	mov	edi,		edx
 	; R2 47
 	lea	ebx,		DWORD PTR 3299628645[ebp*1+ebx]
@@ -682,6 +681,6 @@ L000start:
 	pop	edi
 	pop	esi
 	ret
-_md5_block_asm_host_order ENDP
+_md5_block_x86 ENDP
 _TEXT	ENDS
 END

crypto/md5/md5_locl.h

@@ -58,7 +58,6 @@
 
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/opensslconf.h>
 #include <openssl/md5.h>
 
 #ifndef MD5_LONG_LOG2
@@ -128,11 +127,7 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num);
  */
 #endif
 
-#ifndef FLAT_INC
 #include "../md32_common.h"
-#else
-#include "md32_common.h"
-#endif
 
 /*
 #define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))

crypto/opensslv.h

@@ -4,17 +4,15 @@
 /* Numeric release version identifier:
  * MMNNFFRBB: major minor fix final beta/patch
  * For example:
- * 0.9.3-dev	  0x00903000
- * 0.9.3beta1	  0x00903001
- * 0.9.3beta2-dev 0x00903002
- * 0.9.3beta2     0x00903002
- * 0.9.3	  0x00903100
- * 0.9.3a	  0x00903101
- * 1.2.3z	  0x1020311a
+ * 0.9.3-dev	0x00903000
+ * 0.9.3beta1	0x00903001
+ * 0.9.3	0x00903100
+ * 0.9.3a	0x00903101
+ * 1.2.3z	0x1020311a
  * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
  */
-#define OPENSSL_VERSION_NUMBER	0x00903101L
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.3a 29 May 1999"
+#define OPENSSL_VERSION_NUMBER	0x00903001L
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.3beta1 20 May 1999"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
 #endif /* HEADER_OPENSSLV_H */

crypto/pkcs7/pkcs7.h

@@ -66,11 +66,6 @@ extern "C" {
 #include <openssl/bio.h>
 #include <openssl/x509.h>
 
-#ifdef WIN32
-/* Under Win32 this is defined in wincrypt.h */
-#undef PKCS7_ISSUER_AND_SERIAL
-#endif
-
 /*
 Encryption_ID		DES-CBC
 Digest_ID		MD5
@@ -240,11 +235,11 @@ PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
 	unsigned char *md,unsigned int *len);
 #ifndef NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
+PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
 int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
 #endif
 PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
 #endif
 

crypto/rand/md_rand.c

@@ -60,9 +60,7 @@
 #include <sys/types.h>
 #include <time.h>
 #include <string.h>
-
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/crypto.h>
 
 #if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)

crypto/rand/randfile.c

@@ -63,9 +63,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/types.h>
-
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/rand.h>
 
 #undef BUFSIZE

crypto/rc4/Makefile.ssl

@@ -102,7 +102,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/rx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/rc5/Makefile.ssl

@@ -100,7 +100,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/r586unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/ripemd/Makefile.ssl

@@ -98,7 +98,7 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/rm86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 

crypto/rsa/rsa_oaep_test.c

@@ -2,9 +2,7 @@
 
 #include <stdio.h>
 #include <string.h>
-
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/err.h>
 #ifdef NO_RSA
 int main(int argc, char *argv[])

crypto/sha/Makefile.ssl

@@ -97,15 +97,13 @@ dclean:
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	rm -f asm/sx86unix.cpp *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
 sha1_one.o: ../../include/openssl/sha.h
-sha1dgst.o: ../../include/openssl/opensslconf.h
 sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
 sha1dgst.o: sha_locl.h
-sha_dgst.o: ../../include/openssl/opensslconf.h
 sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h
 sha_dgst.o: sha_locl.h
 sha_one.o: ../../include/openssl/sha.h

crypto/sha/sha1dgst.c

@@ -216,7 +216,7 @@ void SHA1_Update(SHA_CTX *c, const register unsigned char *data,
 		data+=SHA_CBLOCK;
 		sha1_block(c,p=c->data,1);
 		len-=SHA_CBLOCK;
-#elif defined(L_ENDIAN)
+#else	/* little-endian */
 #define BE_COPY(dst,src,i)	{				\
 				l = ((SHA_LONG *)src)[i];	\
 				Endian_Reverse32(l);		\
@@ -280,7 +280,7 @@ void SHA1_Transform(SHA_CTX *c, unsigned char *b)
 	memcpy(p,b,SHA_CBLOCK);
 	sha1_block(c,p,1);
 	return;
-#elif defined(L_ENDIAN)
+#else
 	if (((unsigned long)b%sizeof(SHA_LONG)) == 0)
 		{
 		SHA_LONG *q;

crypto/sha/sha_dgst.c

@@ -211,7 +211,7 @@ void SHA_Update(SHA_CTX *c, const register unsigned char *data,
 		data+=SHA_CBLOCK;
 		sha_block(c,p=c->data,1);
 		len-=SHA_CBLOCK;
-#elif defined(L_ENDIAN)
+#else	/* little-endian */
 #define BE_COPY(dst,src,i)	{				\
 				l = ((SHA_LONG *)src)[i];	\
 				Endian_Reverse32(l);		\
@@ -275,7 +275,7 @@ void SHA_Transform(SHA_CTX *c, unsigned char *b)
 	memcpy(p,b,SHA_CBLOCK);
 	sha_block(c,p,1);
 	return;
-#elif defined(L_ENDIAN)
+#else
 	if (((unsigned long)b%sizeof(SHA_LONG)) == 0)
 		{
 		SHA_LONG *q;

crypto/sha/sha_locl.h

@@ -59,8 +59,6 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/opensslconf.h>
-
 #ifdef undef
 /* one or the other needs to be defined */
 #ifndef SHA_1 /* FIPE 180-1 */

crypto/x509/x509.h

@@ -86,12 +86,6 @@ extern "C" {
 
 #include <openssl/evp.h>
 
-
-#ifdef WIN32
-/* Under Win32 this is defined in wincrypt.h */
-#undef X509_NAME
-#endif
-
 #define X509_FILETYPE_PEM	1
 #define X509_FILETYPE_ASN1	2
 #define X509_FILETYPE_DEFAULT	3
@@ -557,39 +551,39 @@ int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
 #endif
 
 #ifndef NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+X509 *d2i_X509_fp(FILE *fp, X509 *x509);
 int i2d_X509_fp(FILE *fp,X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl);
 int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req);
 int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
 #ifndef NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
+RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
 int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa);
 int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
 #endif
 #ifndef NO_DSA
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
 int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
 #endif
 #endif
 
 #ifdef HEADER_BIO_H
-X509 *d2i_X509_bio(BIO *bp,X509 **x509);
+X509 *d2i_X509_bio(BIO *bp,X509 *x509);
 int i2d_X509_bio(BIO *bp,X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl);
 int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req);
 int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
 #ifndef NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
+RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
 int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa);
 int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
 #endif
 #ifndef NO_DSA
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
 int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
 #endif
 #endif

crypto/x509/x_all.c

@@ -133,7 +133,7 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex)
 	}
 
 #ifndef NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509)
+X509 *d2i_X509_fp(FILE *fp, X509 *x509)
 	{
 	return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
 		(char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
@@ -145,7 +145,7 @@ int i2d_X509_fp(FILE *fp, X509 *x509)
 	}
 #endif
 
-X509 *d2i_X509_bio(BIO *bp, X509 **x509)
+X509 *d2i_X509_bio(BIO *bp, X509 *x509)
 	{
 	return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
 		(char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
@@ -163,7 +163,7 @@ X509_CRL *X509_CRL_dup(X509_CRL *crl)
 	}
 
 #ifndef NO_FP_API
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL *crl)
 	{
 	return((X509_CRL *)ASN1_d2i_fp((char *(*)())
 		X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
@@ -176,7 +176,7 @@ int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
 	}
 #endif
 
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL *crl)
 	{
 	return((X509_CRL *)ASN1_d2i_bio((char *(*)())
 		X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
@@ -195,7 +195,7 @@ PKCS7 *PKCS7_dup(PKCS7 *p7)
 	}
 
 #ifndef NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
+PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 *p7)
 	{
 	return((PKCS7 *)ASN1_d2i_fp((char *(*)())
 		PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
@@ -208,7 +208,7 @@ int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
 	}
 #endif
 
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
+PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 *p7)
 	{
 	return((PKCS7 *)ASN1_d2i_bio((char *(*)())
 		PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
@@ -227,7 +227,7 @@ X509_REQ *X509_REQ_dup(X509_REQ *req)
 	}
 
 #ifndef NO_FP_API
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ *req)
 	{
 	return((X509_REQ *)ASN1_d2i_fp((char *(*)())
 		X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
@@ -240,7 +240,7 @@ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
 	}
 #endif
 
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ *req)
 	{
 	return((X509_REQ *)ASN1_d2i_bio((char *(*)())
 		X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
@@ -266,7 +266,7 @@ RSA *RSAPrivateKey_dup(RSA *rsa)
 	}
 
 #ifndef NO_FP_API
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
 	{
 	return((RSA *)ASN1_d2i_fp((char *(*)())
 		RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
@@ -278,7 +278,7 @@ int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
 	return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
 	}
 
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA *rsa)
 	{
 	return((RSA *)ASN1_d2i_fp((char *(*)())
 		RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
@@ -291,7 +291,7 @@ int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
 	}
 #endif
 
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
 	{
 	return((RSA *)ASN1_d2i_bio((char *(*)())
 		RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
@@ -303,7 +303,7 @@ int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
 	return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
 	}
 
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA *rsa)
 	{
 	return((RSA *)ASN1_d2i_bio((char *(*)())
 		RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
@@ -318,7 +318,7 @@ int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
 
 #ifndef NO_DSA
 #ifndef NO_FP_API
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
 	{
 	return((DSA *)ASN1_d2i_fp((char *(*)())
 		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
@@ -331,7 +331,7 @@ int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
 	}
 #endif
 
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
 	{
 	return((DSA *)ASN1_d2i_bio((char *(*)())
 		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),

crypto/x509v3/v3_lib.c

@@ -131,7 +131,6 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from)
 void X509V3_EXT_cleanup(void)
 {
 	sk_pop_free(ext_list, ext_list_free);
-	ext_list = NULL;
 }
 
 static void ext_list_free(X509V3_EXT_METHOD *ext)

demos/bio/Makefile

@@ -1,16 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include
-LIBS= -L../.. ../../libssl.a ../../libcrypto.a
-EXAMPLES=saccept sconnect
-
-all: $(EXAMPLES) 
-
-saccept: saccept.o
-	$(CC) -o saccept saccept.o $(LIBS)
-
-sconnect: sconnect.o
-	$(CC) -o sconnect sconnect.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-

demos/bio/sconnect.c

@@ -9,7 +9,6 @@
  */
 #include <stdio.h>
 #include <stdlib.h>
-#include <unistd.h>
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 

demos/eay/Makefile

@@ -1,24 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include
-#LIBS=  -L../.. -lcrypto -lssl
-LIBS= -L../.. ../../libssl.a ../../libcrypto.a
-
-# the file conn.c requires a file "proxy.h" which I couldn't find...
-#EXAMPLES=base64 conn loadrsa
-EXAMPLES=base64 loadrsa
-
-all: $(EXAMPLES) 
-
-base64: base64.o
-	$(CC) -o base64 base64.o $(LIBS)
-#
-# sorry... can't find "proxy.h"
-#conn: conn.o
-#	$(CC) -o conn conn.o $(LIBS)
-
-loadrsa: loadrsa.o
-	$(CC) -o loadrsa loadrsa.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-

demos/eay/conn.c

@@ -9,7 +9,7 @@
 #include <stdlib.h>
 #include <openssl/err.h>
 #include <openssl/bio.h>
-/* #include "proxy.h" */
+#include "proxy.h"
 
 extern int errno;
 

demos/maurice/Makefile

@@ -1,5 +1,5 @@
 CC=cc
-CFLAGS= -g -I../../include -Wall
+CFLAGS= -g -I../../include
 LIBS=  -L../.. -lcrypto
 EXAMPLES=example1 example2 example3 example4
 
@@ -20,40 +20,3 @@ example4: example4.o
 clean:	
 	rm -f $(EXAMPLES) *.o
 
-test: all
-	@echo
-	@echo Example 1 Demonstrates the sealing and opening APIs
-	@echo Doing the encrypt side...
-	./example1 <README >t.t
-	@echo Doing the decrypt side...
-	./example1 -d <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo  example1 is OK
-
-	@echo
-	@echo Example2 Demonstrates rsa encryption and decryption
-	@echo   and it should just print \"This the clear text\"
-	./example2
-
-	@echo
-	@echo Example3 Demonstrates the use of symmetric block ciphers
-	@echo in this case it uses EVP_des_ede3_cbc
-	@echo i.e. triple DES in Cipher Block Chaining mode
-	@echo Doing the encrypt side...
-	./example3 ThisIsThePassword <README >t.t
-	@echo Doing the decrypt side...
-	./example3 -d ThisIsThePassword <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo  example3 is OK
-
-	@echo
-	@echo Example4 Demonstrates base64 encoding and decoding
-	@echo Doing the encrypt side...
-	./example4 <README >t.t
-	@echo Doing the decrypt side...
-	./example4 -d <t.t >t.2
-	diff t.2 README
-	rm -f t.t t.2
-	@echo example4 is OK

demos/maurice/example2.c

@@ -33,6 +33,7 @@ int main()
   	EVP_PKEY *pubKey;
   	EVP_PKEY *privKey;
 	int len;
+	FILE *fp;
 
         ERR_load_crypto_strings();
 
@@ -71,5 +72,6 @@ int main()
 	EVP_PKEY_free(pubKey);
 	free(buf);
 	free(buf2);
-        return 0;
 }
+
+

demos/maurice/example3.c

@@ -8,10 +8,9 @@
 */
 
 #include <stdio.h>
-#include <unistd.h>
 #include <fcntl.h>
 #include <sys/stat.h>
-#include <openssl/evp.h>
+#include <evp.h>
 
 #define STDIN     	0
 #define STDOUT    	1
@@ -48,9 +47,9 @@ void do_cipher(char *pw, int operation)
 {
 	char buf[BUFLEN];
 	char ebuf[BUFLEN + 8];
-	unsigned int ebuflen; /* rc; */
+	unsigned int ebuflen, rc;
         unsigned char iv[EVP_MAX_IV_LENGTH], key[EVP_MAX_KEY_LENGTH];
-	/* unsigned int ekeylen, net_ekeylen;  */
+	unsigned int ekeylen, net_ekeylen; 
 	EVP_CIPHER_CTX ectx;
         
 	memcpy(iv, INIT_VECTOR, sizeof(iv));
@@ -83,3 +82,5 @@ void do_cipher(char *pw, int operation)
 
 	write(STDOUT, ebuf, ebuflen); 
 }
+
+

demos/maurice/example4.c

@@ -8,10 +8,9 @@
 */
 
 #include <stdio.h>
-#include <unistd.h>
 #include <fcntl.h>
 #include <sys/stat.h>
-#include <openssl/evp.h>
+#include <evp.h>
 
 #define STDIN     	0
 #define STDOUT    	1
@@ -45,7 +44,7 @@ void do_encode()
 {
 	char buf[BUFLEN];
 	char ebuf[BUFLEN+24];
-	unsigned int ebuflen;
+	unsigned int ebuflen, rc;
 	EVP_ENCODE_CTX ectx;
         
 	EVP_EncodeInit(&ectx);
@@ -79,7 +78,7 @@ void do_decode()
 {
  	char buf[BUFLEN];
  	char ebuf[BUFLEN+24];
-	unsigned int ebuflen;
+	unsigned int ebuflen, rc;
 	EVP_ENCODE_CTX ectx;
         
 	EVP_DecodeInit(&ectx);

demos/prime/Makefile

@@ -1,20 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=prime
-
-all: $(EXAMPLES) 
-
-prime: prime.o
-	$(CC) -o prime prime.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
-test: all
-	@echo Test creating a 128-bit prime
-	./prime 128
-	@echo Test creating a 256-bit prime
-	./prime 256
-	@echo Test creating a 512-bit prime
-	./prime 512

demos/prime/prime.c

@@ -57,7 +57,6 @@
  */
 
 #include <stdio.h>
-#include <stdlib.h>
 #include <openssl/bn.h>    
 
 void callback(type,num)
@@ -88,8 +87,8 @@ char *argv[];
 		}
 
 	fprintf(stderr,"generate a strong prime\n");
-        rand=BN_generate_prime(NULL,num,1,NULL,NULL,callback,NULL);
-	/* change the third parameter to 1 for a strong prime */
+	rand=BN_generate_prime(num,1,NULL,NULL,callback);
+	/* change the second parameter to 1 for a strong prime */
 	fprintf(stderr,"\n");
 
 	BN_print_fp(stdout,rand);           

demos/sign/Makefile

@@ -1,15 +0,0 @@
-CC=cc
-CFLAGS= -g -I../../include -Wall
-LIBS=  -L../.. -lcrypto
-EXAMPLES=sign
-
-all: $(EXAMPLES) 
-
-sign: sign.o
-	$(CC) -o sign sign.o $(LIBS)
-
-clean:	
-	rm -f $(EXAMPLES) *.o
-
-test: all
-	./sign

demos/sign/sign.c

@@ -70,7 +70,7 @@
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
 
-int main ()
+void main ()
 {
   int err;
   int sig_len;
@@ -134,5 +134,4 @@ int main ()
   if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
   EVP_PKEY_free (pkey);
   printf ("Signature Verified Ok.\n");
-  return(0);
 }

demos/ssl/cli.cpp

@@ -1,10 +1,6 @@
 /* cli.cpp  -  Minimal ssleay client for Unix
    30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
 
-/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
-   Simplified to be even more minimal
-   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
-
 #include <stdio.h>
 #include <memory.h>
 #include <errno.h>
@@ -21,7 +17,6 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
-
 #define CHK_NULL(x) if ((x)==NULL) exit (1)
 #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
 #define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
@@ -36,14 +31,9 @@ void main ()
   X509*    server_cert;
   char*    str;
   char     buf [4096];
-  SSL_METHOD *meth;
 
-  SSLeay_add_ssl_algorithms();
-  meth = SSLv2_client_method();
   SSL_load_error_strings();
-  ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);
-
-  CHK_SSL(err);
+  ctx = SSL_CTX_new ();                        CHK_NULL(ctx);
   
   /* ----------------------------------------------- */
   /* Create a socket and connect to server using normal socket calls. */
@@ -77,12 +67,12 @@ void main ()
   server_cert = SSL_get_peer_certificate (ssl);       CHK_NULL(server_cert);
   printf ("Server certificate:\n");
   
-  str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
+  str = X509_NAME_oneline (X509_get_subject_name (server_cert));
   CHK_NULL(str);
   printf ("\t subject: %s\n", str);
   Free (str);
 
-  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
+  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert));
   CHK_NULL(str);
   printf ("\t issuer: %s\n", str);
   Free (str);

demos/ssl/serv.cpp

@@ -1,14 +1,7 @@
 /* serv.cpp  -  Minimal ssleay server for Unix
    30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
 
-
-/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
-   Simplified to be even more minimal
-   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
-
 #include <stdio.h>
-#include <unistd.h>
-#include <stdlib.h>
 #include <memory.h>
 #include <errno.h>
 #include <sys/types.h>
@@ -24,13 +17,9 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
-
-/* define HOME to be dir for key and cert files... */
-#define HOME "./"
-/* Make these what you want for cert & key files */
-#define CERTF  HOME "foo-cert.pem"
-#define KEYF  HOME  "foo-cert.pem"
-
+#define HOME "/usr/users/sampo/sibs/tim/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF  HOME "plain-key.pem"
 
 #define CHK_NULL(x) if ((x)==NULL) exit (1)
 #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
@@ -43,39 +32,24 @@ void main ()
   int sd;
   struct sockaddr_in sa_serv;
   struct sockaddr_in sa_cli;
-  size_t client_len;
+  int client_len;
   SSL_CTX* ctx;
   SSL*     ssl;
   X509*    client_cert;
   char*    str;
   char     buf [4096];
-  SSL_METHOD *meth;
-  
+
   /* SSL preliminaries. We keep the certificate and key with the context. */
 
   SSL_load_error_strings();
-  SSLeay_add_ssl_algorithms();
-  meth = SSLv23_server_method();
-  ctx = SSL_CTX_new (meth);
-  if (!ctx) {
-    ERR_print_errors_fp(stderr);
-    exit(2);
-  }
+  ctx = SSL_CTX_new ();   CHK_NULL(ctx);
+  
+  err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF,  SSL_FILETYPE_PEM);
+  CHK_SSL(err);
+  
+  err = SSL_CTX_use_certificate_file   (ctx, CERTF, SSL_FILETYPE_PEM);
+  CHK_SSL(err);
   
-  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
-    ERR_print_errors_fp(stderr);
-    exit(3);
-  }
-  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
-    ERR_print_errors_fp(stderr);
-    exit(4);
-  }
-
-  if (!SSL_CTX_check_private_key(ctx)) {
-    fprintf(stderr,"Private key does not match the certificate public key\n");
-    exit(5);
-  }
-
   /* ----------------------------------------------- */
   /* Prepare TCP socket for receiving connections */
 
@@ -118,12 +92,12 @@ void main ()
   if (client_cert != NULL) {
     printf ("Client certificate:\n");
     
-    str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
+    str = X509_NAME_oneline (X509_get_subject_name (client_cert));
     CHK_NULL(str);
     printf ("\t subject: %s\n", str);
     Free (str);
     
-    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert), 0, 0);
+    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert));
     CHK_NULL(str);
     printf ("\t issuer: %s\n", str);
     Free (str);

e_os.h

@@ -61,8 +61,8 @@
 
 #include <openssl/e_os2.h>
 /* <openssl/e_os2.h> contains what we can justify to make visible
- * to the outside; this file e_os.h is not part of the exported
- * interface. */
+ * to the outside.  e_os.h shouldn't even be in the include/openssl
+ * directory, these are just local definitions. */
 
 #ifdef  __cplusplus
 extern "C" {
@@ -103,6 +103,9 @@ extern "C" {
 #ifdef WIN32
 #define get_last_sys_error()	GetLastError()
 #define clear_sys_error()	SetLastError(0)
+/* These are defined in wincrypt.h and can cause problems */
+#undef X509_NAME
+#undef PKCS7_SIGNER_INFO
 #if !defined(WINNT)
 #define WIN_CONSOLE_BUG
 #endif
@@ -348,9 +351,6 @@ extern HINSTANCE _hInstance;
 #ifdef sgi
 #define IRIX_CC_BUG	/* all version of IRIX I've tested (4.* 5.*) */
 #endif
-#ifdef SNI
-#define IRIX_CC_BUG	/* CDS++ up to V2.0Bsomething suffered from the same bug.*/
-#endif
 
 #ifdef NO_MD2
 #define MD2_Init MD2Init

install.com

@@ -53,7 +53,7 @@ $	IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
 	   CREATE/DIR/LOG WRK_SSLROOT:[VMS]
 $
 $	SDIRS := CRYPTO,SSL,RSAREF,APPS,VMS!,TEST,TOOLS
-$	EXHEADER := e_os.h,e_os2.h
+$	EXHEADER := e_os.h
 $
 $	COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG
 $

makevms.com

@@ -47,7 +47,6 @@ $!	  VAXC	 For VAX C.
 $!	  DECC	 For DEC C.
 $!	  GNUC	 For GNU C.
 $!	  LINK   To only link the programs from existing object files.
-$!               (not yet implemented)
 $!
 $! If you don't speficy a compiler, it will try to determine which
 $! "C" compiler to use.
@@ -221,7 +220,7 @@ $ IF F$PARSE("SYS$DISK:[.INCLUDE.OPENSSL]") .EQS. "" THEN -
 $!
 $! Copy All The ".H" Files From The Main Directory.
 $!
-$ EXHEADER := e_os.h,e_os2.h
+$ EXHEADER := e_os.h
 $ COPY 'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL]
 $!
 $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
@@ -670,7 +669,7 @@ $ ELSE
 $!
 $!  Check To See If The User Entered A Valid Paramter.
 $!
-$   IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC")!.OR.(P4.EQS."LINK")
+$   IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC").OR.(P4.EQS."LINK")
 $   THEN
 $!
 $!    Check To See If The User Wanted To Just LINK.

ms/do_nt.bat

@@ -1,7 +1,7 @@
 
 perl util\mkfiles.pl >MINFO
-perl util\mk1mf.pl no-asm VC-NT >ms\nt.mak
-perl util\mk1mf.pl dll no-asm VC-NT >ms\ntdll.mak
+perl util\mk1mf.pl VC-NT no-asm >ms\nt.mak
+perl util\mk1mf.pl VC-NT dll no-asm >ms\ntdll.mak
 
-perl util\mkdef.pl libeay NT > ms\libeay32.def
-perl util\mkdef.pl ssleay NT > ms\ssleay32.def
+perl util\mkdef.pl NT libeay > ms\libeay32.def
+perl util\mkdef.pl NT ssleay > ms\ssleay32.def

ssl/s3_srvr.c

@@ -557,9 +557,7 @@ static int ssl3_get_client_hello(SSL *s)
 			{ /* previous session */
 			s->hit=1;
 			}
-		else if (i == -1)
-			goto err;
-		else /* i == 0 */
+		else
 			{
 			if (!ssl_get_new_session(s,1))
 				goto err;

ssl/ssl.c

@@ -61,6 +61,7 @@
 #include <string.h>
 
 #define USE_SOCKETS
+#include <openssl/e_os.h>
 
 #include <openssl/buffer.h>
 #include <openssl/stack.h>

ssl/ssl_locl.h

@@ -63,7 +63,7 @@
 #include <string.h>
 #include <errno.h>
 
-#include "openssl/e_os.h"
+#include <openssl/e_os.h>
 
 #include <openssl/buffer.h>
 #include <openssl/comp.h>

ssl/ssl_sess.c

@@ -168,8 +168,6 @@ int ssl_get_new_session(SSL *s, int session)
 			CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
 			if (r == NULL) break;
 			/* else - woops a session_id match */
-			/* XXX should also check external cache!
-			 * (But the probability of a collision is negligible, anyway...) */
 			}
 		}
 	else
@@ -190,29 +188,24 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 	/* This is used only by servers. */
 
 	SSL_SESSION *ret=NULL,data;
-	int fatal = 0;
+	int copy=1;
 
 	/* conn_init();*/
 	data.ssl_version=s->version;
 	data.session_id_length=len;
 	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
-		goto err;
+		return(0);
 	memcpy(data.session_id,session_id,len);
 
 	if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
 		{
 		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
 		ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
-		if (ret != NULL)
-		    /* don't allow other threads to steal it: */
-		    CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
 		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
 		}
 
 	if (ret == NULL)
 		{
-		int copy=1;
-	
 		s->ctx->stats.sess_miss++;
 		ret=NULL;
 		if (s->ctx->get_session_cb != NULL
@@ -221,52 +214,28 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 			{
 			s->ctx->stats.sess_cb_hit++;
 
-			/* Increment reference count now if the session callback
-			 * asks us to do so (note that if the session structures
-			 * returned by the callback are shared between threads,
-			 * it must handle the reference count itself [i.e. copy == 0],
-			 * or things won't be thread-safe). */
-			if (copy)
-				CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-
 			/* The following should not return 1, otherwise,
 			 * things are very strange */
 			SSL_CTX_add_session(s->ctx,ret);
 			}
-		if (ret == NULL)
-			goto err;
+		if (ret == NULL) return(0);
 		}
 
-	/* Now ret is non-NULL, and we own one of its reference counts. */
-
 	if((s->verify_mode&SSL_VERIFY_PEER)
 	   && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
 	       || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
 	    {
-		/* We've found the session named by the client, but we don't
-		 * want to use it in this context. */
-		
-		if (s->sid_ctx_length == 0)
-			{
-			/* application should have used SSL[_CTX]_set_session_id_context
-			 * -- we could tolerate this and just pretend we never heard
-			 * of this session, but then applications could effectively
-			 * disable the session cache by accident without anyone noticing */
-
-			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
-			fatal = 1;
-			goto err;
-			}
-		else
-			{
-#if 0 /* The client cannot always know when a session is not appropriate,
-	   * so we shouldn't generate an error message. */
-
+		if (s->sid_ctx_length)
 			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-#endif
-			goto err; /* treat like cache miss */
-			}
-		}
+		else
+			/* application should have used SSL[_CTX]_set_session_id_context */
+			SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+	    return 0;
+	    }
+
+	/* auto free it */
+	if (!copy)
+	    SSL_SESSION_free(ret);
 
 	if (ret->cipher == NULL)
 		{
@@ -281,25 +250,22 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 		else 
 			ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
 		if (ret->cipher == NULL)
-			goto err;
+			return(0);
 		}
 
-
-#if 0 /* This is way too late. */
-
 	/* If a thread got the session, then 'swaped', and another got
 	 * it and then due to a time-out decided to 'Free' it we could
 	 * be in trouble.  So I'll increment it now, then double decrement
 	 * later - am I speaking rubbish?. */
 	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
-#endif
 
 	if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
 		{
 		s->ctx->stats.sess_timeout++;
 		/* remove it from the cache */
 		SSL_CTX_remove_session(s->ctx,ret);
-		goto err;
+		SSL_SESSION_free(ret);		/* again to actually Free it */
+		return(0);
 		}
 
 	s->ctx->stats.sess_hit++;
@@ -312,14 +278,6 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 		SSL_SESSION_free(s->session);
 	s->session=ret;
 	return(1);
-
- err:
-	if (ret != NULL)
-		SSL_SESSION_free(ret);
-	if (fatal)
-		return -1;
-	else
-		return 0;
 	}
 
 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)

ssl/ssl_task.c

@@ -123,10 +123,8 @@ int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
 
 #include <string.h>		/* from ssltest.c */
 #include <errno.h>
-
-#include "openssl/e_os.h"
-
 #include <openssl/buffer.h>
+#include <openssl/e_os.h>
 #include <openssl/x509.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>

ssl/ssltest.c

@@ -60,9 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
-
-#include "openssl/e_os.h"
-
+#include <openssl/e_os.h>
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
 #include <openssl/x509.h>