This commit was manufactured by cvs2svn to create tag 'SSLeay_0_8_1b'.

1998-12-21 10:52:48 +00:00
1254 changed files with 59259 additions and 144733 deletions
--- a/.cvsignore
+++ b/.cvsignore
@@ -1,6 +0,0 @@
-Makefile.ssl
-MINFO
-makefile.one
-tmp
-out
-outinc
--- a/1624
+++ b/1624
--- a/64
+++ b/64
@@ -0,0 +1,64 @@
+Copyright (C) 1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with Netscapes SSL.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution, be it the RC4, RSA,
+lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+included with this distribution is covered by the same copyright terms
+except that the holder is Tim Hudson (tjh@cryptsoft.com).
+
+Please note that MD2, MD5 and IDEA are publically available standards
+that contain sample implementations, I have re-coded them in my own
+way but there is nothing special about those implementations.  The DES
+library is another mater :-).
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of the parts of the library used.
+This can be in the form of a textual message at program startup or
+in documentation (online or textual) provided with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   "This product includes cryptographic software written by
+    Eric Young (eay@cryptsoft.com)"
+   The word 'cryptographic' can be left out if the rouines from the library
+   being used are not cryptographic related :-).
+4. If you include any Windows specific code (or a derivative thereof) from 
+   the apps directory (application code) you must include an acknowledgement:
+   "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The licence and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distribution licence
+[including the GNU Public Licence.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
--- a/994
+++ b/994
--- a/126
+++ b/126
@@ -0,0 +1,126 @@
+SSLeay 0.8.1 released.
+
+19-Jul-97
+	- Server side initated dynamic renegotiation is broken.  I will fix
+	  it when I get back from holidays.
+
+15-Jul-97
+	- Quite a few small changes.
+	- INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
+
+09-Jul-97
+	- Added 2 new values to the SSL info callback.
+	  SSL_CB_START which is passed when the SSL protocol is started
+	  and SSL_CB_DONE when it has finished sucsessfully.
+
+08-Jul-97
+	- Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
+	  that related to DSA public/private keys.
+	- Added all the relevent PEM and normal IO functions to support
+	  reading and writing RSAPublic keys.
+	- Changed makefiles to use ${AR} instead of 'ar r'
+
+07-Jul-97
+	- Error in ERR_remove_state() that would leave a dangling reference
+	  to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
+	- s_client now prints the X509_NAMEs passed from the server
+	  when requesting a client cert.
+	- Added a ssl->type, which is one of SSL_ST_CONNECT or
+	  SSL_ST_ACCEPT.  I had to add it so I could tell if I was
+	  a connect or an accept after the handshake had finished.
+	- SSL_get_client_CA_list(SSL *s) now returns the CA names
+	  passed by the server if called by a client side SSL.
+
+05-Jul-97
+	- Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
+	  0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
+
+04-Jul-97
+	- Fixed some things in X509_NAME_add_entry(), thanks to
+	  Matthew Donald <matthew@world.net>.
+	- I had a look at the cipher section and though that it was a
+	  bit confused, so I've changed it.
+	- I was not setting up the RC4-64-MD5 cipher correctly.  It is
+	  a MS special that appears in exported MS Money.
+	- Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
+	  spec.  I was missing the two byte length header for the
+	  ClientDiffieHellmanPublic value.  This is a packet sent from
+	  the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+	  option will enable SSLeay server side SSLv3 accept either
+	  the correct or my 080 packet format.
+	- Fixed a few typos in crypto/pem.org.
+
+02-Jul-97
+	- Alias mapping for EVP_get_(digest|cipher)byname is now
+	  performed before a lookup for actual cipher.  This means
+	  that an alias can be used to 're-direct' a cipher or a
+	  digest.
+	- ASN1_read_bio() had a bug that only showed up when using a
+	  memory BIO.  When EOF is reached in the memory BIO, it is
+	  reported as a -1 with BIO_should_retry() set to true.
+
+01-Jul-97
+	- Fixed an error in X509_verify_cert() caused by my
+	  miss-understanding how 'do { contine } while(0);' works.
+	  Thanks to Emil Sit <sit@mit.edu> for educating me :-)
+
+30-Jun-97
+	- Base64 decoding error.  If the last data line did not end with
+	  a '=', sometimes extra data would be returned.
+	- Another 'cut and paste' bug in x509.c related to setting up the
+	  STDout BIO.
+
+27-Jun-97
+	- apps/ciphers.c was not printing due to an editing error.
+	- Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
+	  a library build error in util/mk1mf.pl
+
+26-Jun-97
+	- Still did not have the auto 'experimental' code removal
+	  script correct.
+	- A few header tweaks for Watcom 11.0 under Win32 from
+	  Rolf Lindemann <Lindemann@maz-hh.de>
+	- 0 length OCTET_STRING bug in asn1_parse
+	- A minor fix with an non-existent function in the MS .def files.
+	- A few changes to the PKCS7 stuff.
+
+25-Jun-97
+	SSLeay 0.8.0 finally it gets released.
+
+24-Jun-97
+	Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
+	use a temporary RSA key.  This is experimental and needs some more work.
+	Fixed a few Win16 build problems.
+
+23-Jun-97
+	SSLv3 bug. I was not doing the 'lookup' of the CERT structure
+	correctly. I was taking the SSL->ctx->default_cert when I should
+	have been using SSL->cert. The bug was in ssl/s3_srvr.c
+
+20-Jun-97
+	X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
+	rest of the library. Even though I had the code required to do
+	it correctly, apps/req.c was doing the wrong thing.  I have fixed
+	and tested everything.
+
+	Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
+
+19-Jun-97
+	Fixed a bug in the SSLv2 server side first packet handling. When
+	using the non-blocking test BIO, the ssl->s2->first_packet flag
+	was being reset when a would-block failure occurred when reading
+	the first 5 bytes of the first packet. This caused the checking
+	logic to run at the wrong time and cause an error.
+
+	Fixed a problem with specifying cipher. If RC4-MD5 were used,
+	only the SSLv3 version would be picked up.  Now this will pick
+	up both SSLv2 and SSLv3 versions. This required changing the
+	SSL_CIPHER->mask values so that they only mask the ciphers,
+	digests, authentication, export type and key-exchange algorithms.
+
+	I found that when a SSLv23 session is established, a reused
+	session, of type SSLv3 was attempting to write the SSLv2 
+	ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
+	method has been modified so it will only write out cipher which
+	that method knows about.  
+
--- a/CHANGES.SSLeay
+++ b/CHANGES.SSLeay
@@ -1,529 +1,4 @@
-This file contains the changes for the SSLeay library up to version
-0.9.0b. For later changes, see the file "CHANGES".
-
-  SSLeay CHANGES
-  ______________
-
-Changes between 0.8.x and 0.9.0b
-
-10-Apr-1998
-
-I said the next version would go out at easter, and so it shall.
-I expect a 0.9.1 will follow with portability fixes in the next few weeks.
-
-This is a quick, meet the deadline.  Look to ssl-users for comments on what
-is new etc.
-
-eric (about to go bushwalking for the 4 day easter break :-)
-
-16-Mar-98
-    - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
-    - Lots and lots of changes
-
-29-Jan-98
-    - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
-      Goetz Babin-Ebell <babinebell@trustcenter.de>.
-    - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
-      TLS1_VERSION.
-
-7-Jan-98
-    - Finally reworked the cipher string to ciphers again, so it
-      works correctly
-    - All the app_data stuff is now ex_data with funcion calls to access.
-      The index is supplied by a function and 'methods' can be setup
-      for the types that are called on XXX_new/XXX_free.  This lets
-      applications get notified on creation and destruction.  Some of
-      the RSA methods could be implemented this way and I may do so.
-    - Oh yes, SSL under perl5 is working at the basic level.
-
-15-Dec-97
-    - Warning - the gethostbyname cache is not fully thread safe,
-      but it should work well enough.
-    - Major internal reworking of the app_data stuff.  More functions
-      but if you were accessing ->app_data directly, things will
-      stop working.
-    - The perlv5 stuff is working.  Currently on message digests,
-      ciphers and the bignum library.
-
-9-Dec-97
-    - Modified re-negotiation so that server initated re-neg
-      will cause a SSL_read() to return -1 should retry.
-      The danger otherwise was that the server and the
-      client could end up both trying to read when using non-blocking
-      sockets.
-
-4-Dec-97
-    - Lots of small changes
-    - Fix for binaray mode in Windows for the FILE BIO, thanks to
-      Bob Denny <rdenny@dc3.com>
-
-17-Nov-97
-    - Quite a few internal cleanups, (removal of errno, and using macros
-      defined in e_os.h).
-    - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
-      the automactic naming out output files was being stuffed up.
-
-29-Oct-97
-    - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
-      for x86.
-
-21-Oct-97
-    - Fixed a bug in the BIO_gethostbyname() cache.
-
-15-Oct-97
-    - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
-      has also been improved.  At this point in time, on the pentium,
-      md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
-      des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
-      is %62 faster.
-
-12-Oct-97
-    - MEM_BUF_grow() has been fixed so that it always sets the buf->length
-      to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
-      way to set the length value correctly.
-
-10-Oct-97
-    - I now hash for certificate lookup on the raw DER encoded RDN (md5).
-      This breaks things again :-(.  This is efficent since I cache
-      the DER encoding of the RDN.
-    - The text DN now puts in the numeric OID instead of UNKNOWN.
-    - req can now process arbitary OIDs in the config file.
-    - I've been implementing md5 in x86 asm, much faster :-).
-    - Started sha1 in x86 asm, needs more work.
-    - Quite a few speedups in the BN stuff.  RSA public operation
-      has been made faster by caching the BN_MONT_CTX structure.
-      The calulating of the Ai where A*Ai === 1 mod m was rather
-      expensive.  Basically a 40-50% speedup on public operations.
-      The RSA speedup is now 15% on pentiums and %20 on pentium
-      pro.
-
-30-Sep-97
-    - After doing some profiling, I added x86 adm for bn_add_words(),
-      which just adds 2 arrays of longs together.  A %10 speedup
-      for 512 and 1024 bit RSA on the pentium pro.
-
-29-Sep-97
-    - Converted the x86 bignum assembler to us the perl scripts
-      for generation.
-
-23-Sep-97
-    - If SSL_set_session() is passed a NULL session, it now clears the
-      current session-id.
-
-22-Sep-97
-    - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
-      certificates.
-    - Bug in crypto/evp/encode.c where by decoding of 65 base64
-      encoded lines, one line at a time (via a memory BIO) would report
-      EOF after the first line was decoded.
-    - Fix in X509_find_by_issuer_and_serial() from
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-19-Sep-97
-    - NO_FP_API and NO_STDIO added.
-    - Put in sh config command.  It auto runs Configure with the correct
-      parameters.
-
-18-Sep-97
-    - Fix x509.c so if a DSA cert has different parameters to its parent,
-      they are left in place.  Not tested yet.
-
-16-Sep-97
-    - ssl_create_cipher_list() had some bugs, fixes from
-      Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
-    - Fixed a bug in the Base64 BIO, where it would return 1 instead
-      of -1 when end of input was encountered but should retry.
-      Basically a Base64/Memory BIO interaction problem.
-    - Added a HMAC set of functions in preporarion for TLS work.
-
-15-Sep-97
-    - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
-    - Prime generation spead up %25 (512 bit prime, pentium pro linux)
-      by using montgomery multiplication in the prime number test.
-
-11-Sep-97
-    - Ugly bug in ssl3_write_bytes().  Basically if application land
-      does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
-      did not check the size and tried to copy the entire buffer.
-      This would tend to cause memory overwrites since SSLv3 has
-      a maximum packet size of 16k.  If your program uses
-      buffers <= 16k, you would probably never see this problem.
-    - Fixed a new errors that were cause by malloc() not returning
-      0 initialised memory..
-    - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
-      SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
-      since this flags stops SSLeay being able to handle client
-      cert requests correctly.
-
-08-Sep-97
-    - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
-      on, the SSL server routines will not use a SSL_SESSION that is
-      held in it's cache.  This in intended to be used with the session-id
-      callbacks so that while the session-ids are still stored in the
-      cache, the decision to use them and how to look them up can be
-      done by the callbacks.  The are the 'new', 'get' and 'remove'
-      callbacks.  This can be used to determine the session-id
-      to use depending on information like which port/host the connection
-      is coming from.  Since the are also SSL_SESSION_set_app_data() and
-      SSL_SESSION_get_app_data() functions, the application can hold
-      information against the session-id as well.
-
-03-Sep-97
-    - Added lookup of CRLs to the by_dir method,
-      X509_load_crl_file() also added.  Basically it means you can
-      lookup CRLs via the same system used to lookup certificates.
-    - Changed things so that the X509_NAME structure can contain
-      ASN.1 BIT_STRINGS which is required for the unique
-      identifier OID.
-    - Fixed some problems with the auto flushing of the session-id
-      cache.  It was not occuring on the server side.
-
-02-Sep-97
-    - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
-      which is the maximum number of entries allowed in the
-      session-id cache.  This is enforced with a simple FIFO list.
-      The default size is 20*1024 entries which is rather large :-).
-      The Timeout code is still always operating.
-
-01-Sep-97
-    - Added an argument to all the 'generate private key/prime`
-      callbacks.  It is the last parameter so this should not
-      break existing code but it is needed for C++.
-    - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
-      BIO.  This lets the BIO read and write base64 encoded data
-      without inserting or looking for '\n' characters.  The '-A'
-      flag turns this on when using apps/enc.c.
-    - RSA_NO_PADDING added to help BSAFE functionality.  This is a
-      very dangerous thing to use, since RSA private key
-      operations without random padding bytes (as PKCS#1 adds) can
-      be attacked such that the private key can be revealed.
-    - ASN.1 bug and rc2-40-cbc and rc4-40 added by
-      Dr Stephen Henson <shenson@bigfoot.com>
-
-31-Aug-97 (stuff added while I was away)    
-    - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
-    - RSA_flags() added allowing bypass of pub/priv match check
-      in ssl/ssl_rsa.c - Tim Hudson.
-    - A few minor bugs.
-
-SSLeay 0.8.1 released.
-
-19-Jul-97
-    - Server side initated dynamic renegotiation is broken.  I will fix
-      it when I get back from holidays.
-
-15-Jul-97
-    - Quite a few small changes.
-    - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
-
-09-Jul-97
-    - Added 2 new values to the SSL info callback.
-      SSL_CB_START which is passed when the SSL protocol is started
-      and SSL_CB_DONE when it has finished sucsessfully.
-
-08-Jul-97
-    - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
-      that related to DSA public/private keys.
-    - Added all the relevent PEM and normal IO functions to support
-      reading and writing RSAPublic keys.
-    - Changed makefiles to use ${AR} instead of 'ar r'
-
-07-Jul-97
-    - Error in ERR_remove_state() that would leave a dangling reference
-      to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
-    - s_client now prints the X509_NAMEs passed from the server
-      when requesting a client cert.
-    - Added a ssl->type, which is one of SSL_ST_CONNECT or
-      SSL_ST_ACCEPT.  I had to add it so I could tell if I was
-      a connect or an accept after the handshake had finished.
-    - SSL_get_client_CA_list(SSL *s) now returns the CA names
-      passed by the server if called by a client side SSL.
-
-05-Jul-97
-    - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
-      0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
-
-04-Jul-97
-    - Fixed some things in X509_NAME_add_entry(), thanks to
-      Matthew Donald <matthew@world.net>.
-    - I had a look at the cipher section and though that it was a
-      bit confused, so I've changed it.
-    - I was not setting up the RC4-64-MD5 cipher correctly.  It is
-      a MS special that appears in exported MS Money.
-    - Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
-      spec.  I was missing the two byte length header for the
-      ClientDiffieHellmanPublic value.  This is a packet sent from
-      the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-      option will enable SSLeay server side SSLv3 accept either
-      the correct or my 080 packet format.
-    - Fixed a few typos in crypto/pem.org.
-
-02-Jul-97
-    - Alias mapping for EVP_get_(digest|cipher)byname is now
-      performed before a lookup for actual cipher.  This means
-      that an alias can be used to 're-direct' a cipher or a
-      digest.
-    - ASN1_read_bio() had a bug that only showed up when using a
-      memory BIO.  When EOF is reached in the memory BIO, it is
-      reported as a -1 with BIO_should_retry() set to true.
-
-01-Jul-97
-    - Fixed an error in X509_verify_cert() caused by my
-      miss-understanding how 'do { contine } while(0);' works.
-      Thanks to Emil Sit <sit@mit.edu> for educating me :-)
-
-30-Jun-97
-    - Base64 decoding error.  If the last data line did not end with
-      a '=', sometimes extra data would be returned.
-    - Another 'cut and paste' bug in x509.c related to setting up the
-      STDout BIO.
-
-27-Jun-97
-    - apps/ciphers.c was not printing due to an editing error.
-    - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
-      a library build error in util/mk1mf.pl
-
-26-Jun-97
-    - Still did not have the auto 'experimental' code removal
-      script correct.
-    - A few header tweaks for Watcom 11.0 under Win32 from
-      Rolf Lindemann <Lindemann@maz-hh.de>
-    - 0 length OCTET_STRING bug in asn1_parse
-    - A minor fix with an non-existent function in the MS .def files.
-    - A few changes to the PKCS7 stuff.
-
-25-Jun-97
-    SSLeay 0.8.0 finally it gets released.
-
-24-Jun-97
-    Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
-    use a temporary RSA key.  This is experimental and needs some more work.
-    Fixed a few Win16 build problems.
-
-23-Jun-97
-    SSLv3 bug. I was not doing the 'lookup' of the CERT structure
-    correctly. I was taking the SSL->ctx->default_cert when I should
-    have been using SSL->cert. The bug was in ssl/s3_srvr.c
-
-20-Jun-97
-    X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
-    rest of the library. Even though I had the code required to do
-    it correctly, apps/req.c was doing the wrong thing.  I have fixed
-    and tested everything.
-
-    Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
-
-19-Jun-97
-    Fixed a bug in the SSLv2 server side first packet handling. When
-    using the non-blocking test BIO, the ssl->s2->first_packet flag
-    was being reset when a would-block failure occurred when reading
-    the first 5 bytes of the first packet. This caused the checking
-    logic to run at the wrong time and cause an error.
-
-    Fixed a problem with specifying cipher. If RC4-MD5 were used,
-    only the SSLv3 version would be picked up.  Now this will pick
-    up both SSLv2 and SSLv3 versions. This required changing the
-    SSL_CIPHER->mask values so that they only mask the ciphers,
-    digests, authentication, export type and key-exchange algorithms.
-
-    I found that when a SSLv23 session is established, a reused
-    session, of type SSLv3 was attempting to write the SSLv2 
-    ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
-    method has been modified so it will only write out cipher which
-    that method knows about.  
-
-
- Changes between 0.8.0 and 0.8.1
-
-  *) Mostly bug fixes. 
-     There is an Ephemeral DH cipher problem which is fixed.
-
- SSLeay 0.8.0
-
-This version of SSLeay has quite a lot of things different from the
-previous version.
-
-Basically check all callback parameters, I will be producing documentation
-about how to use things in th future.  Currently I'm just getting 080 out
-the door.  Please not that there are several ways to do everything, and
-most of the applications in the apps directory are hybrids, some using old
-methods and some using new methods.
-
-Have a look in demos/bio for some very simple programs and
-apps/s_client.c and apps/s_server.c for some more advanced versions.
-Notes are definitly needed but they are a week or so away.
-
-Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
---
-Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
-get those people that want to move to using the new code base off to
-a quick start.
-
-Note that Eric has tidied up a lot of the areas of the API that were
-less than desirable and renamed quite a few things (as he had to break
-the API in lots of places anyrate). There are a whole pile of additional
-functions for making dealing with (and creating) certificates a lot
-cleaner.
-
-01-Jul-97
-Tim Hudson
-tjh@cryptsoft.com
-
---8<---
-
-To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
-use something like the following (assuming you #include "crypto.h" which
-is something that you really should be doing).
-
-#if SSLEAY_VERSION_NUMBER >= 0x0800
-#define SSLEAY8
-#endif
-
-buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
-            too if you are working with BIO internal stuff (as distinct
-        from simply using the interface in an opaque manner)
-
-#include "bio.h"    - required along with "buffer.h" if you write
-              your own BIO routines as the buffer and bio
-              stuff that was intermixed has been separated
-              out 
-            
-envelope.h -> evp.h  (which should have been done ages ago)
-
-Initialisation ... don't forget these or you end up with code that
-is missing the bits required to do useful things (like ciphers):
-
-SSLeay_add_ssl_algorithms()
-(probably also want SSL_load_error_strings() too but you should have
- already had that call in place)
-
-SSL_CTX_new()   - requires an extra method parameter
-              SSL_CTX_new(SSLv23_method()) 
-              SSL_CTX_new(SSLv2_method()) 
-              SSL_CTX_new(SSLv3_method()) 
-
-          OR to only have the server or the client code
-              SSL_CTX_new(SSLv23_server_method()) 
-              SSL_CTX_new(SSLv2_server_method()) 
-              SSL_CTX_new(SSLv3_server_method()) 
-          or  
-              SSL_CTX_new(SSLv23_client_method()) 
-              SSL_CTX_new(SSLv2_client_method()) 
-              SSL_CTX_new(SSLv3_client_method()) 
-
-SSL_set_default_verify_paths() ... renamed to the more appropriate
-SSL_CTX_set_default_verify_paths()
-
-If you want to use client certificates then you have to add in a bit
-of extra stuff in that a SSLv3 server sends a list of those CAs that
-it will accept certificates from ... so you have to provide a list to
-SSLeay otherwise certain browsers will not send client certs.
-
-SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
-
-
-X509_NAME_oneline(X)    -> X509_NAME_oneline(X,NULL,0)  
-               or provide a buffer and size to copy the
-               result into
-
-X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
-          notes on X509_NAME structure changes too)
-
-
-VERIFICATION CODE
-=================
-
-The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
-more accurately reflect things.
-
-The verification callback args are now packaged differently so that
-extra fields for verification can be added easily in future without
-having to break things by adding extra parameters each release :-)
-
-X509_cert_verify_error_string -> X509_verify_cert_error_string
-
-
-BIO INTERNALS
-=============
-
-Eric has fixed things so that extra flags can be introduced in
-the BIO layer in future without having to play with all the BIO
-modules by adding in some macros.
-
-The ugly stuff using 
-    b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_clear_retry_flags(b)
-
-    b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
-becomes
-    BIO_set_retry_read(b)
-
-Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
-
-
-
-OTHER THINGS
-============
-
-X509_NAME has been altered so that it isn't just a STACK ... the STACK
-is now in the "entries" field ... and there are a pile of nice functions
-for getting at the details in a much cleaner manner.
-
-SSL_CTX has been altered ... "cert" is no longer a direct member of this
-structure ... things are now down under "cert_store" (see x509_vfy.h) and
-things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
-If your code "knows" about this level of detail then it will need some 
-surgery.
-
-If you depending on the incorrect spelling of a number of the error codes
-then you will have to change your code as these have been fixed.
-
-ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
-has been all along so this makes things clearer.
-ify_cert_error_string(ctx->error));
-
-SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
-            and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
-
-
-
- Changes between 0.7.x and 0.8.0
-  
-  *) There have been lots of changes, mostly the addition of SSLv3.
-     There have been many additions from people and amongst
-     others, C2Net has assisted greatly.
- 
- Changes between 0.7.x and 0.7.x
-
-  *) Internal development version only
-
-SSLeay 0.6.6 13-Jan-1997
-
-The main additions are
-
- assember for x86 DES improvments.
-  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
-  loop and the IP/FP modifications are from
-  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
-  contribution.
- The 'DES macros' introduced in 0.6.5 now have 3 types.
-  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
-  is best and there is a summery of mine in crypto/des/options.txt
- A few bug fixes.
- Added blowfish.  It is not used by SSL but all the other stuff that
-  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
-  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
-  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
-  the 'Configure' script.
- There is now a 'get client certificate' callback which can be
-  'non-blocking'.  If more details are required, let me know.  It will
-  documented more in SSLv3 when I finish it.
- Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
-  now tests the ca program.
- Lots of little things modified and tweaked.
-
- SSLeay 0.6.5
+SSLeay 0.6.5

 After quite some time (3 months), the new release.  I have been very busy
 for the last few months and so this is mostly bug fixes and improvments.
@@ -582,7 +57,7 @@ The main changes in this release
 - 'ssleay ciphers' added, lists the default cipher list for SSLeay.
 - RC2 key setup is now compatable with Netscape.
 - Modifed server side of SSL implementation, big performance difference when
-      using session-id reuse.
+	  using session-id reuse.

 0.6.3

@@ -711,16 +186,16 @@ The wrappers are easy to write

 function_fp(fp,x)
 FILE *fp;
-    {
-    BIO *b;
-    int ret;
+	{
+	BIO *b;
+	int ret;

-    if ((b=BIO_new(BIO_s_file())) == NULL) error.....
-    BIO_set_fp(b,fp,BIO_NOCLOSE);
-    ret=function_bio(b,x);
-    BIO_free(b);
-    return(ret);
-    }
+	if ((b=BIO_new(BIO_s_file())) == NULL) error.....
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=function_bio(b,x);
+	BIO_free(b);
+	return(ret);
+	}
 Remember, there are no functions that take FILE * in SSLeay when
 compiled for Windows 3.1 DLL's.

@@ -761,8 +236,8 @@ The list of things to read and do

 dgst -d
 s_client -state (this uses a callback placed in the SSL state loop and
-        will be used else-where to help debug/monitor what
-        is happening.)
+		will be used else-where to help debug/monitor what
+		is happening.)

 doc/why.doc
 doc/bio.doc <- hmmm, needs lots of work.
--- a/267
+++ b/267
@@ -1,260 +1,6 @@
-
- INSTALLATION ON THE UNIX PLATFORM
- ---------------------------------
-
- [See INSTALL.W32 for instructions for compiling OpenSSL on Windows systems,
-  and INSTALL.VMS for installing on OpenVMS systems.]
-
- To install OpenSSL, you will need:
-
-  * Perl 5
-  * an ANSI C compiler
-  * a supported Unix operating system
-
- Quick Start
- -----------
-
- If you want to just get on with it, do:
-
-  $ ./config
-  $ make
-  $ make test
-  $ make install
-
- [If any of these steps fails, see section Installation in Detail below.]
-
- This will build and install OpenSSL in the default location, which is (for
- historical reasons) /usr/local/ssl. If you want to install it anywhere else,
- run config like this:
-
-  $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
-
-
- Configuration Options
- ---------------------
-
- There are several options to ./config to customize the build:
-
-  --prefix=DIR  Install in DIR/bin, DIR/lib, DIR/include/openssl.
-	        Configuration files used by OpenSSL will be in DIR/ssl
-                or the directory specified by --openssldir.
-
-  --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
-                the library files and binaries are also installed there.
-
-  rsaref        Build with RSADSI's RSAREF toolkit (this assumes that
-                librsaref.a is in the library search path).
-
-  no-threads    Don't try to build with support for multi-threaded
-                applications.
-
-  threads       Build with support for multi-threaded applications.
-                This will usually require additional system-dependent options!
-                See "Note on multi-threading" below.
-
-  no-asm        Do not use assembler code.
-
-  386           Use the 80386 instruction set only (the default x86 code is
-                more efficient, but requires at least a 486).
-
-  no-<cipher>   Build without the specified cipher (bf, cast, des, dh, dsa,
-                hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
-                The crypto/<cipher> directory can be removed after running
-                "make depend".
-
-  -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will
-                be passed through to the compiler to allow you to
-                define preprocessor symbols, specify additional libraries,
-                library directories or other compiler options.
-
-
- Installation in Detail
- ----------------------
-
- 1a. Configure OpenSSL for your operation system automatically:
-
-       $ ./config [options]
-
-     This guesses at your operating system (and compiler, if necessary) and
-     configures OpenSSL based on this guess. Run ./config -t to see
-     if it guessed correctly. If it did not get it correct or you want to
-     use a different compiler then go to step 1b. Otherwise go to step 2.
-
-     On some systems, you can include debugging information as follows:
-
-       $ ./config -d [options]
-
- 1b. Configure OpenSSL for your operating system manually
-
-     OpenSSL knows about a range of different operating system, hardware and
-     compiler combinations. To see the ones it knows about, run
-
-       $ ./Configure
-
-     Pick a suitable name from the list that matches your system. For most
-     operating systems there is a choice between using "cc" or "gcc".  When
-     you have identified your system (and if necessary compiler) use this name
-     as the argument to ./Configure. For example, a "linux-elf" user would
-     run:
-
-       $ ./Configure linux-elf [options]
-
-     If your system is not available, you will have to edit the Configure
-     program and add the correct configuration for your system. The
-     generic configurations "cc" or "gcc" should usually work.
-
-     Configure creates the file Makefile.ssl from Makefile.org and
-     defines various macros in crypto/opensslconf.h (generated from
-     crypto/opensslconf.h.in).
-
-  2. Build OpenSSL by running:
-
-       $ make
-
-     This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
-     OpenSSL binary ("openssl"). The libraries will be built in the top-level
-     directory, and the binary will be in the "apps" directory.
-
-     If "make" fails, please report the problem to <openssl-bugs@openssl.org>.
-     Include the output of "./config -t" and the OpenSSL version
-     number in your message.
-
-     [If you encounter assembler error messages, try the "no-asm"
-     configuration option as an immediate fix.  Note that on Solaris x86
-     (not on Sparcs!) you may have to install the GNU assembler to use
-     OpenSSL assembler code -- /usr/ccs/bin/as won't do.]
-
-     Compiling parts of OpenSSL with gcc and others with the system
-     compiler will result in unresolved symbols on some systems.
-
-  3. After a successful build, the libraries should be tested. Run:
-
-       $ make test
-
-    If a test fails, try removing any compiler optimization flags from
-    the CFLAGS line in Makefile.ssl and run "make clean; make". Please
-    send a bug report to <openssl-bugs@openssl.org>, including the
-    output of "openssl version -a" and of the failed test.
-
-  4. If everything tests ok, install OpenSSL with
-
-       $ make install
-
-     This will create the installation directory (if it does not exist) and
-     then the following subdirectories:
-
-       certs           Initially empty, this is the default location
-                       for certificate files.
-       misc            Various scripts.
-       private         Initially empty, this is the default location
-                       for private key files.
-
-     If you didn't chose a different installation prefix, the
-     following additional subdirectories will be created:
-
-       bin             Contains the openssl binary and a few other 
-                       utility programs. 
-       include/openssl Contains the header files needed if you want to
-                       compile programs with libcrypto or libssl.
-       lib             Contains the OpenSSL library files themselves.
-
-     Package builders who want to configure the library for standard
-     locations, but have the package installed somewhere else so that
-     it can easily be packaged, can use
-
-       $ make INSTALL_PREFIX=/tmp/package-root install
-
-     (or specify "--install_prefix=/tmp/package-root" as a configure
-     option).  The specified prefix will be prepended to all
-     installation target filenames.
-
-
-  NOTE: The header files used to reside directly in the include
-  directory, but have now been moved to include/openssl so that
-  OpenSSL can co-exist with other libraries which use some of the
-  same filenames.  This means that applications that use OpenSSL
-  should now use C preprocessor directives of the form
-
-       #include <openssl/ssl.h>
-
-  instead of "#include <ssl.h>", which was used with library versions
-  up to OpenSSL 0.9.2b.
-
-  If you install a new version of OpenSSL over an old library version,
-  you should delete the old header files in the include directory.
-
-  Compatibility issues:
-
-  *  COMPILING existing applications
-
-     To compile an application that uses old filenames -- e.g.
-     "#include <ssl.h>" --, it will usually be enough to find
-     the CFLAGS definition in the application's Makefile and
-     add a C option such as
-
-          -I/usr/local/ssl/include/openssl
-
-     to it.
-
-     But don't delete the existing -I option that points to
-     the ..../include directory!  Otherwise, OpenSSL header files
-     could not #include each other.
-
-  *  WRITING applications
-
-     To write an application that is able to handle both the new
-     and the old directory layout, so that it can still be compiled
-     with library versions up to OpenSSL 0.9.2b without bothering
-     the user, you can proceed as follows:
-
-     -  Always use the new filename of OpenSSL header files,
-        e.g. #include <openssl/ssl.h>.
-
-     -  Create a directory "incl" that contains only a symbolic
-        link named "openssl", which points to the "include" directory
-        of OpenSSL.
-        For example, your application's Makefile might contain the
-        following rule, if OPENSSLDIR is a pathname (absolute or
-        relative) of the directory where OpenSSL resides:
-
-        incl/openssl:
-        	-mkdir incl
-        	cd $(OPENSSLDIR) # Check whether the directory really exists
-        	-ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
-
-        You will have to add "incl/openssl" to the dependencies
-        of those C files that include some OpenSSL header file.
-
-     -  Add "-Iincl" to your CFLAGS.
-
-     With these additions, the OpenSSL header files will be available
-     under both name variants if an old library version is used:
-     Your application can reach them under names like <openssl/foo.h>,
-     while the header files still are able to #include each other
-     with names of the form <foo.h>.
-
-
- Note on multi-threading
- -----------------------
-
- For some systems, the OpenSSL Configure script knows what compiler options
- are needed to generate a library that is suitable for multi-threaded
- applications.  On these systems, support for multi-threading is enabled
- by default; use the "no-threads" option to disable (this should never be
- necessary).
-
- On other systems, to enable support for multi-threading, you will have
- to specify at least two options: "threads", and a system-dependent option.
- (The latter is "-D_REENTRANT" on various systems.)  The default in this
- case, obviously, is not to include support for multi-threading (but
- you can still use "no-threads" to suppress an annoying warning message
- from the Configure script.)
-
-
--------------------------------------------------------------------------------
-The orignal Unix build instructions from SSLeay follow. 
-Note: some of this may be out of date and no longer applicable
--------------------------------------------------------------------------------
+# Installation of SSLeay.
+# It depends on perl for a few bits but those steps can be skipped and
+# the top level makefile edited by hand

 # When bringing the SSLeay distribution back from the evil intel world
 # of Windows NT, do the following to make it nice again under unix :-)
@@ -292,7 +38,7 @@ make -f Makefile.ssl links
 Makefile.ssl		CC CFLAG EX_LIBS BN_MULW
 crypto/des/des.h	DES_LONG
 crypto/des/des_locl.h	DES_PTR
-crypto/md2/md2.h	MD2_INT
+crypto/md/md2.h		MD2_INT
 crypto/rc4/rc4.h	RC4_INT
 crypto/rc4/rc4_enc.c	RC4_INDEX
 crypto/rc2/rc2.h	RC2_INT
@@ -380,8 +126,3 @@ The examples for solaris and windows NT/95 are in the mt directory.
 have fun

 eric 25-Jun-1997
-
-IRIX 5.x will build as a 32 bit system with mips1 assember.
-IRIX 6.x will build as a 64 bit system with mips3 assember.  It conforms
-to n32 standards. In theory you can compile the 64 bit assember under
-IRIX 5.x but you will have to have the correct system software installed.
--- a/INSTALL.VMS
+++ b/INSTALL.VMS
@@ -1,245 +0,0 @@
-			VMS Installation instructions
-			written by Richard Levitte
-			<richard@levitte.org>
-
-
-Intro:
-======
-
-This file is divided in the following parts:
-
-  Compilation			- Mandatory reading.
-  Test				- Mandatory reading.
-  Installation			- Mandatory reading.
-  Backward portability		- Read if it's an issue.
-  Possible bugs or quirks	- A few warnings on things that
-				  may go wrong or may surprise you.
-  Report			- How to get in touch with me.
-
-Compilation:
-============
-
-I've used the very good command procedures written by Robert Byer
-<byer@mail.all-net.net>, and just slightly modified them, making
-them slightly more general and easier to maintain.
-
-You can actually compile in almost any directory separately.  Look
-for a command procedure name xxx-LIB.COM (in the library directories)
-or MAKExxx.COM (in the program directories) and read the comments at
-the top to understand how to use them.  However, if you want to
-compile all you can get, the simplest is to use MAKEVMS.COM in the top
-directory.  The syntax is trhe following:
-
-  @MAKEVMS <option> <rsaref-p> <debug-p> [<compiler>]
-
-<option> must be one of the following:
-
-      ALL       Just build "everything".
-      DATE      Just build the "[.INCLUDE]DATE.H" file.
-      SOFTLINKS Just copies some files, to simulate Unix soft links.
-      RSAREF    Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library.
-      CRYPTO    Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
-      SSL       Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
-      SSL_TASK  Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
-      TEST      Just build the "test" programs for OpenSSL.
-      APPS      Just build the "application" programs for OpenSSL.
-
-<rsaref-p> must be one of the following:
-
-      RSAREF    compile using the RSAREF Library
-      NORSAREF  compile without using RSAREF
-
-Note: The RSAREF libraries are NOT INCLUDED and you have to
-      download it from "ftp://ftp.rsa.com/rsaref".  You have to
-      get the ".tar-Z" file as the ".zip" file dosen't have the
-      directory structure stored.  You have to extract the file
-      into the [.RSAREF] directory as that is where the scripts
-      will look for the files.
-
-Note 2: I have never done this, so I've no idea if it works or not.
-
-<debug-p> must be one of the following:
-
-      DEBUG     compile with debugging info (will not optimize)
-      NODEBUG   compile without debugging info (will optimize)
-
-<compiler> must be one of the following:
-
-      VAXC      For VAX C.
-      DECC      For DEC C.
-      GNUC      For GNU C.
-
-
-You will find the crypto library in [.xxx.EXE.CRYPTO], called LIBCRYPTO.OLB,
-where xxx is VAX or AXP.  You will find the SSL library in [.xxx.EXE.SSL],
-named LIBSSL.OLB, and you will find a bunch of useful programs in
-[.xxx.EXE.APPS].  However, these shouldn't be used right off unless it's
-just to test them.  For production use, make sure you install first, see
-Installation below.
-
-Note: Some programs in this package require a TCP/IP library.
-
-Note 2: if you want to compile the crypto library only, please make sure
-        you have at least done a @MAKEVMS DATE and a @MAKEVMS SOFTLINKS.
-        A lot of things will break if you don't.
-
-Note 3: Alpha users will get a number of informational messages when
-        compiling the [.asm]vms.mar file in the BN (bignum) part of
-        the crypto library.  These can be safely ignored.
-
-Test:
-=====
-
-Testing is very simple, just do the following:
-
-  @[.TEST]TESTS
-
-If a test fails, try with defining the logical name OPENSSL_NO_ASM (yes,
-it's an ugly hack!) and rebuild. Please send a bug report to
-<openssl-bugs@openssl.org>, including the output of "openssl version -a"
-and of the failed test.
-
-Installation:
-=============
-
-Installation is easy, just do the following:
-
-  @INSTALL <root>
-
-<root> is the directory in which everything will be installed,
-subdirectories, libraries, header files, programs and startup command
-procedures.
-
-N.B.: INSTALL.COM builds a new directory structure, different from
-the directory tree where you have now build OpenSSL.
-
-In the [.VMS] subdirectory of the installation, you will find the
-following command procedures:
-
-  OPENSSL_STARTUP.COM
-
-        defines all needed logical names.  Takes one argument that
-        tells it in what logical name table to insert the logical
-        names.  If you insert if it SYS$MANAGER:SYSTARTUP_VMS.COM, the
-        call should look like this: 
-
-          @openssldev:[openssldir.VMS]OPENSSL_STARTUP "/SYSTEM"
-
-  OPENSSL_UTILS.COM
-
-        sets up the symbols to the applications.  Should be called
-        from for example SYS$MANAGER:SYLOGIN.COM 
-
-The logical names that are set up are the following:
-
-  SSLROOT       a dotted concealed logical name pointing at the
-                root directory.
-
-  SSLCERTS      Initially an empty directory, this is the default
-		location for certificate files.
-  SSLMISC	Various scripts.
-  SSLPRIVATE	Initially an empty directory, this is the default
-		location for private key files.
-
-  SSLEXE        Contains the openssl binary and a few other utility
-		programs.
-  SSLINCLUDE    Contains the header files needed if you want to
-		compile programs with libcrypto or libssl.
-  SSLLIB        Contains the OpenSSL library files (LIBCRYPTO.OLB
-		and LIBSSL.OLB) themselves.
-
-  OPENSSL	Same as SSLINCLUDE.  This is because the standard
-		way to include OpenSSL header files from version
-		0.9.3 and on is:
-
-			#include <openssl/header.h>
-
-		For more info on this issue, see the INSTALL. file
-		(the NOTE in section 4 of "Installation in Detail").
-		You don't need to "deleting old header files"!!!
-
-Backward portability:
-=====================
-
-One great problem when you build a library is making sure it will work
-on as many versions of VMS as possible.  Especially, code compiled on
-OpenVMS version 7.x and above tend to be unusable in version 6.x or
-lower, because some C library routines have changed names internally
-(the C programmer won't usually see it, because the old name is
-maintained through C macros).  One obvious solution is to make sure
-you have a development machine with an old enough version of OpenVMS.
-However, if you are stuck with a bunch of Alphas running OpenVMS version
-7.1, you seem to be out of luck.  Fortunately, the DEC C header files
-are cluttered with conditionals that make some declarations and definitions
-dependent on the OpenVMS version or the C library version, *and* you
-can use those macros to simulate older OpenVMS or C library versions,
-by defining the macros _VMS_V6_SOURCE, __VMS_VER and __CTRL_VER with
-correct values.  In the compilation scripts, I've provided the possibility
-for the user to influense the creation of such macros, through a bunch of
-symbols, all having names starting with USER_.  Here's the list of them:
-
-  USER_CCFLAGS		 - Used to give additional qualifiers to the
-			   compiler.  It can't be used to define macros
-			   since the scripts will do such things as well.
-			   To do such things, use USER_CCDEFS.
-  USER_CCDEFS		 - Used to define macros on the command line.  The
-			   value of this symbol will be inserted inside a
-			   /DEFINE=(...).
-  USER_CCDISABLEWARNINGS - Used to disable some warnings.  The value is
-			   inserted inside a /DISABLE=WARNING=(...).
-
-So, to maintain backward compatibility with older VMS versions, do the
-following before you start compiling:
-
-  $ USER_CCDEFS := _VMS_V6_SOURCE=1,__VMS_VER=60000000,__CRTL_VER=60000000
-  $ USER_CCDISABLEWARNINGS := PREOPTW
-
-The USER_CCDISABLEWARNINGS is there because otherwise, DEC C will complain
-that those macros have been changed.
-
-Note: Currently, this is only usefull for library compilation.  The
-      programs will still be linked with the current version of the
-      C library shareable image, and will thus complain if they are
-      faced with an older version of the same C library shareable image.
-      This will probably be fixed in a future revision of OpenSSL.
-
-
-Possible bugs or quirks:
-========================
-
-I'm not perfectly sure all the programs will use the SSLCERTS:
-directory by default, it may very well be that you have to give them
-extra arguments.  Please experiment.
-
-
-Report:
-=======
-
-I maintain a few mailinglists for bug reports and such on software that
-I develop/port/enhance/destroy.  Please look at http://www.free.lp.se/
-for further info.
-
-
-- 
-Richard Levitte <richard@levitte.org>
-1999-03-09
-
-
-TODO:
-=====
-
-There are a few things that need to be worked out in the VMS version of
-OpenSSL, still:
-
- Description files. ("Makefile's" :-))
- Script code to link an already compiled build tree.
- A VMSINSTALlable version (way in the future, unless someone else hacks).
- shareable images (DLL for you Windows folks).
-
-There may be other things that I have missed and that may be desirable.
-Please send mail to <openssl-users@openssl.org> or to me directly if you
-have any ideas.
-
--
-Richard Levitte <richard@levitte.org>
-1999-05-24
--- a/127
+++ b/127
@@ -1,127 +0,0 @@
-
-  LICENSE ISSUES
-  ==============
-
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-  the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts. Actually both licenses are BSD-style
-  Open Source licenses. In case of any license issues related to OpenSSL
-  please contact openssl-core@openssl.org.
-
-  OpenSSL License
-  ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -1,180 +1,3 @@
- 
- INSTALLATION ON THE WIN32 PLATFORM
- ----------------------------------
-
- Heres a few comments about building OpenSSL in Windows environments. Most of
- this is tested on Win32 but it may also work in Win 3.1 with some
- modification.  See the end of this file for Eric's original comments.
-
- You need Perl for Win32 (available from http://www.activestate.com/ActivePerl)
- and one of the following C compilers:
-
-  * Visual C++
-  * Borland C
-  * GNU C (Mingw32 or Cygwin32)
-
- If you want to compile in the assembly language routines with Visual C++ then
- you will need an assembler. This is worth doing because it will result in
- faster code: for example it will typically result in a 2 times speedup in the
- RSA routines. Currently the following assemblers are supported:
-
-  * Microsoft MASM (aka "ml")
-  * Free Netwide Assembler NASM.
-
- MASM was I believe distributed in the past with VC++ and it is also part of
- the MSDN SDKs. It is no longer distributed as part of VC++ and can be hard
- to get hold of. It can be purchased: see Microsoft's site for details at:
- http://www.microsoft.com/
-
- NASM is freely available. Version 0.98 was used during testing: other versions
- may also work. It is available from many places, see for example:
- http://www.kernel.org/pub/software/devel/nasm/binaries/win32/
- The NASM binary nasmw.exe needs to be installed anywhere on your PATH.
-
- If you are compiling from a tarball or a CVS snapshot then the Win32 files
- may well be not up to date. This may mean that some "tweaking" is required to
- get it all to work. See the trouble shooting section later on for if (when?)
- it goes wrong.
-
- Visual C++
- ----------
-
- Firstly you should run Configure:
-
- > perl Configure VC-WIN32
-
- Next you need to build the Makefiles and optionally the assembly language
- files:
-
- - If you are using MASM then run:
-
-   > ms\do_masm
-
- - If you are using NASM then run:
-
-   > ms\do_nasm
-
- - If you don't want to use the assembly language files at all then run:
-
-   > ms\do_ms
-
- If you get errors about things not having numbers assigned then check the
- troubleshooting section: you probably wont be able to compile it as it
- stands.
-
- Then from the VC++ environment at a prompt do:
-
- > nmake -f ms\ntdll.mak
-
- If all is well it should compile and you will have some DLLs and executables
- in out32dll. If you want to try the tests then do:
- 
- > cd out32dll
- > ..\ms\test
-
- Tweaks:
-
- There are various changes you can make to the Win32 compile environment. By
- default the library is not compiled with debugging symbols. If you add 'debug'
- to the mk1mk.pl lines in the do_* batch file then debugging symbols will be
- compiled in.
-
- The default Win32 environment is to leave out any Windows NT specific
- features.
-
- If you want to enable the NT specific features of OpenSSL (currently only the
- logging BIO) follow the instructions above but call the batch file do_nt.bat
- instead of do_ms.bat.
-
- You can also build a static version of the library using the Makefile
- ms\nt.mak
-
- Borland C++ builder 3 and 4
- ---------------------------
-
- * Setup PATH. First must be GNU make then bcb4/bin 
-
- * Run ms\bcb4.bat
-
- * Run make:
-   > make -f bcb.mak
-
- GNU C (Mingw32)
- ---------------
-
- To build OpenSSL, you need the Mingw32 package and GNU make.
-
- * Compiler installation:
-
-   Mingw32 is available from <ftp://ftp.xraylith.wisc.edu/pub/khan/gnu-win32/
-   mingw32/egcs-1.1.2/egcs-1.1.2-mingw32.zip>. GNU make is at
-   <ftp://agnes.dida.physik.uni-essen.de/home/janjaap/mingw32/binaries/
-   make-3.76.1.zip>. Install both of them in C:\egcs-1.1.2 and run
-   C:\egcs-1.1.2\mingw32.bat to set the PATH.
-
- * Compile OpenSSL:
-
-   > perl Configure Mingw32
-   > ms\mw.bat
-
-   This will create the library and binaries in out.
-
-   libcrypto.a and libssl.a are the static libraries. To use the DLLs,
-   link with libeay32.a and libssl32.a instead.
-
-   See troubleshooting if you get error messages about functions not having
-   a number assigned.
-
- * You can now try the tests:
-
-   > cd out
-   > ..\ms\test
-
- Troubleshooting
- ---------------
-
- Since the Win32 build is only occasionally tested it may not always compile
- cleanly.  If you get an error about functions not having numbers assigned
- when you run ms\do_ms then this means the Win32 ordinal files are not up to
- date. You can do:
-
- > perl util\mkdef.pl crypto ssl update
-
- then ms\do_XXX should not give a warning any more. However the numbers that
- get assigned by this technique may not match those that eventually get
- assigned in the CVS tree: so anything linked against this version of the
- library may need to be recompiled.
-
- If you get errors about unresolved externals then this means that either you
- didn't read the note above about functions not having numbers assigned or
- someone forgot to add a function to the header file.
-
- In this latter case check out the header file to see if the function is
- defined in the header file.
-
- If you get warnings in the code then the compilation will halt.
-
- The default Makefile for Win32 halts whenever any warnings occur. Since VC++
- has its own ideas about warnings which don't always match up to other
- environments this can happen. The best fix is to edit the file with the
- warning in and fix it. Alternatively you can turn off the halt on warnings by
- editing the CFLAG line in the Makefile and deleting the /WX option.
-
- You might get compilation errors. Again you will have to fix these or report
- them.
-
- One final comment about compiling applications linked to the OpenSSL library.
- If you don't use the multithreaded DLL runtime library (/MD option) your
- program will almost certainly crash: see the original SSLeay description
- below for more details.
-
--------------------------------------------------------------------------------
-The orignal Windows build instructions from SSLeay follow. 
-Note: some of this may be out of date and no longer applicable. In particular
-the Crypto_malloc_init() comment appears to be wrong: you always need to use
-the same runtime library as the DLL itself.
--------------------------------------------------------------------------------
-
 The Microsoft World.

 The good news, to build SSLeay for the Microsft World
--- a/831
+++ b/831
@@ -0,0 +1,831 @@
+RELATIVE_DIRECTORY=.
+AR=ar r
+BASENAME=SSLeay
+BF_ENC=bf_enc.o
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-O -DNOPROTO
+DES_ENC=des_enc.o fcrypt_b.o
+DIRS=crypto ssl rsaref apps test tools
+EDIRS=times doc bugs util include certs ms shlib mt demos
+EX_HEADER=
+EX_LIBS=
+GENERAL=Makefile
+HEADER=e_os.h
+INSTALLTOP=/usr/local/ssl
+LIBS=libcrypto.a libssl.a
+MAKE=make -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MAN1=1
+MAN3=3
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
+NAME=SSLeay-0.8.1
+ONEDIRS=out tmp
+PEX_LIBS=-L. -L.. -L../.. -L../../..
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHELL=/bin/sh
+TARFILE=SSLeay-0.8.1.tar
+TOP=.
+VERSION=0.8.1
+WDIRS=windows
+WTARFILE=SSLeay-0.8.1-win.tar
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto
+ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
+DIR=crypto
+EXHEADER=crypto.h cryptall.h
+EX_LIBS=
+GENERAL=Makefile README
+HEADER=cryptlib.h date.h crypto.h cryptall.h
+INCLUDE=-I. -I../include
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libcrypto.a
+LIBOBJ=cryptlib.o mem.o cversion.o
+LIBS=
+LIBSRC=cryptlib.c mem.c cversion.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+RM=/bin/rm -f
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md
+ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=md
+EXHEADER=md2.h md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md2.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
+LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+TEST=md2test.c md5test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/sha
+ALL=Makefile sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha_locl.h sha.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=sha
+EXHEADER=sha.h
+GENERAL=Makefile
+HEADER=sha_locl.h sha.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+TEST=shatest.c sha1test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/mdc2
+ALL=Makefile mdc2dgst.c mdc2_one.c mdc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=mdc2
+EXHEADER=mdc2.h
+GENERAL=Makefile
+HEADER=mdc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=mdc2dgst.o mdc2_one.o
+LIBSRC=mdc2dgst.c mdc2_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=mdc2dgst.c mdc2_one.c
+TEST=mdc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/des
+ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DES_ENC=des_enc.o fcrypt_b.o
+DIR=des
+EXHEADER=des.h
+GENERAL=Makefile des.org des_locl.org
+HEADER=des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+TEST=destest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc4
+ALL=Makefile rc4_enc.c rc4.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc4
+EXHEADER=rc4.h
+GENERAL=Makefile
+HEADER=rc4.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc4_enc.o
+LIBSRC=rc4_enc.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc4_enc.c
+TEST=rc4test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/idea
+ALL=Makefile i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c idea_lcl.h idea.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=idea
+EXHEADER=idea.h
+GENERAL=Makefile
+HEADER=idea_lcl.h idea.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+TEST=ideatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bf
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+APPS=
+AR=ar r
+BF_ENC=bf_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=bf
+EXHEADER=blowfish.h
+GENERAL=Makefile
+HEADER=bf_pi.h bf_locl.h blowfish.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+TEST=bftest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bn
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+APPS=
+AR=ar r
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bn
+ERR=bn
+ERRC=bn_err
+EXHEADER=bn.h
+GENERAL=Makefile
+HEADER=bn_lcl.h bn_prime.h bn.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+TEST=bntest.c exptest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rsa
+ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=rsa
+ERR=rsa
+ERRC=rsa_err
+EXHEADER=rsa.h
+GENERAL=Makefile
+HEADER=rsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
+LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dsa
+ALL=Makefile dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c dsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dsa
+ERR=dsa
+ERRC=dsa_err
+EXHEADER=dsa.h
+GENERAL=Makefile
+HEADER=dsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o dsa_err.o
+LIBSRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+TEST=dsatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dh
+ALL=Makefile dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dh
+ERR=dh
+ERRC=dh_err
+EXHEADER=dh.h
+GENERAL=Makefile
+HEADER=dh.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+LIBSRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+TEST=dhtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/buffer
+ALL=Makefile buffer.c buf_err.c buffer.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=buffer
+ERR=buffer
+ERRC=buf_err
+EXHEADER=buffer.h
+GENERAL=Makefile
+HEADER=buffer.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=buffer.o buf_err.o
+LIBSRC=buffer.c buf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=buffer.c buf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bio
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bio
+ERR=bio
+ERRC=bio_err
+EXHEADER=bio.h
+GENERAL=Makefile
+HEADER=bio.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/stack
+ALL=Makefile stack.c stack.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=stack
+EXHEADER=stack.h
+GENERAL=Makefile
+HEADER=stack.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=stack.o
+LIBSRC=stack.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=stack.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/lhash
+ALL=Makefile lhash.c lh_stats.c lhash.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=lhash
+EXHEADER=lhash.h
+GENERAL=Makefile
+HEADER=lhash.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=lhash.o lh_stats.o
+LIBSRC=lhash.c lh_stats.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=lhash.c lh_stats.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rand
+ALL=Makefile md_rand.c randfile.c rand.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rand
+EXHEADER=rand.h
+GENERAL=Makefile
+HEADER=rand.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md_rand.o randfile.o
+LIBSRC=md_rand.c randfile.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md_rand.c randfile.c
+TEST=randtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/err
+ALL=Makefile err.c err_all.c err_prn.c err.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=error
+EXHEADER=err.h
+GENERAL=Makefile
+HEADER=err.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=err.o err_all.o err_prn.o
+LIBSRC=err.c err_all.c err_prn.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=err.c err_all.c err_prn.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/objects
+ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=objects
+ERR=objects
+ERRC=obj_err
+EXHEADER=objects.h
+GENERAL=Makefile README
+HEADER=objects.h obj_dat.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=obj_dat.o obj_lib.o obj_err.o
+LIBSRC=obj_dat.c obj_lib.c obj_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=obj_dat.c obj_lib.c obj_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/evp
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=evp
+ERR=evp
+ERRC=evp_err
+EXHEADER=evp.h
+GENERAL=Makefile
+HEADER=evp.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pem
+ALL=Makefile pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c pem.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+CTX_SIZE=ctx_size
+DIR=pem
+ERR=pem
+ERRC=pem_err
+EXHEADER=pem.h
+GENERAL=Makefile
+HEADER=pem.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o
+LIBSRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/asn1
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=asn1
+ERR=asn1
+ERRC=asn1_err
+EXHEADER=asn1.h asn1_mac.h
+GENERAL=Makefile README
+HEADER=asn1.h asn1_mac.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/x509
+ALL=Makefile README x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c x509.h x509_vfy.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=x509
+ERR=x509
+ERRC=x509_err
+EXHEADER=x509.h x509_vfy.h
+GENERAL=Makefile README
+HEADER=x509.h x509_vfy.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=x509_def.o x509_d2.o x509_r2x.o x509_cmp.o x509_obj.o x509_req.o x509_vfy.o x509_set.o x509rset.o x509_err.o x509name.o x509_v3.o x509_ext.o x509pack.o x509type.o x509_lu.o x_all.o x509_txt.o by_file.o by_dir.o v3_net.o v3_x509.o
+LIBSRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/conf
+ALL=Makefile conf.c conf_err.c conf_lcl.h conf.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=conf
+ERR=conf
+ERRC=conf_err
+EXHEADER=conf.h
+GENERAL=Makefile
+HEADER=conf_lcl.h conf.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=conf.o conf_err.o
+LIBSRC=conf.c conf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=conf.c conf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/txt_db
+ALL=Makefile txt_db.c txt_db.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=txt_db
+EXHEADER=txt_db.h
+GENERAL=Makefile
+HEADER=txt_db.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=txt_db.o
+LIBSRC=txt_db.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=txt_db.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pkcs7
+ALL=Makefile README pk7_lib.c pkcs7err.c pk7_doit.c pkcs7.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=pkcs7
+ERR=pkcs7
+ERRC=pkcs7err
+EXHEADER=pkcs7.h
+GENERAL=Makefile README
+HEADER=pkcs7.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pk7_lib.o pkcs7err.o pk7_doit.o
+LIBSRC=pk7_lib.c pkcs7err.c pk7_doit.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pk7_lib.c pkcs7err.c pk7_doit.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=ssl
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=ssl
+ERR=ssl
+ERRC=ssl_err
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+GENERAL=Makefile README
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libssl.a
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+TEST=ssltest.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=rsaref
+ALL=Makefile rsaref.c rsar_err.c  rsaref.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=rsaref
+ERR=rsaref
+ERRC=rsar_err
+EXHEADER=
+GENERAL=Makefile
+HEADER= rsaref.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libRSAglue.a
+LIBOBJ=rsaref.o rsar_err.o
+LIBSRC=rsaref.c rsar_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsaref.c rsar_err.c
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=apps
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h 
+A_OBJ=apps.o
+A_SRC=apps.c
+CC=cc
+CFLAG=-g -static
+CFLAGS=-DMONOLITH -I../include -g -static
+DIR=apps
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+EXE=ssleay
+EXHEADER=
+EX_LIBS=
+E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+GENERAL=Makefile
+HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h 
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+PROGS=ssleay.c
+RM=/bin/rm -f
+SCRIPTS=CA.sh der_chop
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SSLEAY=ssleay
+S_OBJ=s_cb.o s_socket.o
+S_SRC=s_cb.c s_socket.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=test
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c 
+BFTEST=bftest
+BNTEST=bntest
+CC=cc
+CFLAG=-g
+CFLAGS=-I../include -g
+DESTEST=destest
+DHTEST=dhtest
+DIR=test
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+DSATEST=dsatest
+EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXHEADER=
+EXPTEST=exptest
+EX_LIBS=-lnsl -lsocket
+GENERAL=Makefile.ssl
+HEADER=
+IDEATEST=ideatest
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -fMakefile.ssl
+MAKEFILE=Makefile.ssl
+MD2TEST=md2test
+MD5TEST=md5test
+MDC2TEST=mdc2test
+METHTEST=methtest
+OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+PEX_LIBS=
+RANDTEST=randtest
+RC2TEST=rc2test
+RC4TEST=rc4test
+SHA1TEST=sha1test
+SHATEST=shatest
+SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SSLTEST=ssltest
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=tools
+APPS=c_hash c_info c_issuer c_name c_rehash
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=tools
+GENERAL=Makefile.ssl
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
--- a/Makefile.org
+++ b/Makefile.org
@@ -1,351 +0,0 @@
-##
-## Makefile for OpenSSL
-##
-
-VERSION=
-MAJOR=
-MINOR=
-PLATFORM=dist
-OPTIONS=
-# INSTALL_PREFIX is for package builders so that they can configure
-# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
-# Normally it is left empty.
-INSTALL_PREFIX=
-INSTALLTOP=/usr/local/ssl
-
-# Do not edit this manually. Use Configure --openssldir=DIR do change this!
-OPENSSLDIR=/usr/local/ssl
-
-# RSAref  - Define if we are to link with RSAref.
-# NO_IDEA - Define to build without the IDEA algorithm
-# NO_RC4  - Define to build without the RC4 algorithm
-# NO_RC2  - Define to build without the RC2 algorithm
-# THREADS - Define when building with threads, you will probably also need any
-#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
-# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
-# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
-# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
-# DEVRANDOM - Give this the value of the 'random device' if your OS supports
-#           one.  32 bytes will be read from this when the random
-#           number generator is initalised.
-# SSL_ALLOW_ADH - define if you want the server to be able to use the
-#           SSLv3 anon-DH ciphers.
-# SSL_FORBID_ENULL - define if you want the server to be not able to use the
-#           NULL encryption ciphers.
-#
-# LOCK_DEBUG - turns on lots of lock debug output :-)
-# REF_CHECK - turn on some xyz_free() assertions.
-# REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
-# MFUNC - Make all Malloc/Free/Realloc calls call
-#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
-#       call application defined callbacks via CRYPTO_set_mem_functions()
-# MD5_ASM needs to be defined to use the x86 assembler for MD5
-# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
-# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
-# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
-# equal 4.
-# PKCS1_CHECK - pkcs1 tests.
-
-CC= gcc
-#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
-DEPFLAG= 
-PEX_LIBS= -L. -L.. -L../.. -L../../..
-EX_LIBS= 
-AR=ar r
-RANLIB= ranlib
-PERL= perl
-
-# Set BN_ASM to bn_asm.o if you want to use the C version
-BN_ASM= bn_asm.o
-#BN_ASM= bn_asm.o
-#BN_ASM= asm/bn86-elf.o	# elf, linux-elf
-#BN_ASM= asm/bn86-sol.o # solaris
-#BN_ASM= asm/bn86-out.o # a.out, FreeBSD
-#BN_ASM= asm/bn86bsdi.o # bsdi
-#BN_ASM= asm/alpha.o    # DEC Alpha
-#BN_ASM= asm/pa-risc2.o # HP-UX PA-RISC
-#BN_ASM= asm/r3000.o    # SGI MIPS cpu
-#BN_ASM= asm/sparc.o    # Sun solaris/SunOS
-#BN_ASM= asm/bn-win32.o # Windows 95/NT
-#BN_ASM= asm/x86w16.o   # 16 bit code for Windows 3.1/DOS
-#BN_ASM= asm/x86w32.o   # 32 bit code for Windows 3.1
-
-# For x86 assembler: Set PROCESSOR to 386 if you want to support
-# the 80386.
-PROCESSOR=
-
-# Set DES_ENC to des_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-DES_ENC= asm/dx86-out.o asm/yx86-out.o
-#DES_ENC= des_enc.o fcrypt_b.o          # C
-#DES_ENC= asm/dx86-elf.o asm/yx86-elf.o # elf
-#DES_ENC= asm/dx86-sol.o asm/yx86-sol.o # solaris
-#DES_ENC= asm/dx86-out.o asm/yx86-out.o # a.out, FreeBSD
-#DES_ENC= asm/dx86bsdi.o asm/yx86bsdi.o # bsdi
-
-# Set BF_ENC to bf_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-BF_ENC= asm/bx86-out.o
-#BF_ENC= bf_enc.o
-#BF_ENC= asm/bx86-elf.o # elf
-#BF_ENC= asm/bx86-sol.o # solaris
-#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
-#BF_ENC= asm/bx86bsdi.o # bsdi
-
-# Set CAST_ENC to c_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-CAST_ENC= asm/cx86-out.o
-#CAST_ENC= c_enc.o
-#CAST_ENC= asm/cx86-elf.o # elf
-#CAST_ENC= asm/cx86-sol.o # solaris
-#CAST_ENC= asm/cx86-out.o # a.out, FreeBSD
-#CAST_ENC= asm/cx86bsdi.o # bsdi
-
-# Set RC4_ENC to rc4_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC4_ENC= asm/rx86-out.o
-#RC4_ENC= rc4_enc.o
-#RC4_ENC= asm/rx86-elf.o # elf
-#RC4_ENC= asm/rx86-sol.o # solaris
-#RC4_ENC= asm/rx86-out.o # a.out, FreeBSD
-#RC4_ENC= asm/rx86bsdi.o # bsdi
-
-# Set RC5_ENC to rc5_enc.o if you want to use the C version
-#There are 4 x86 assember options.
-RC5_ENC= asm/r586-out.o
-#RC5_ENC= rc5_enc.o
-#RC5_ENC= asm/r586-elf.o # elf
-#RC5_ENC= asm/r586-sol.o # solaris
-#RC5_ENC= asm/r586-out.o # a.out, FreeBSD
-#RC5_ENC= asm/r586bsdi.o # bsdi
-
-# Also need MD5_ASM defined
-MD5_ASM_OBJ= asm/mx86-out.o
-#MD5_ASM_OBJ= asm/mx86-elf.o        # elf
-#MD5_ASM_OBJ= asm/mx86-sol.o        # solaris
-#MD5_ASM_OBJ= asm/mx86-out.o        # a.out, FreeBSD
-#MD5_ASM_OBJ= asm/mx86bsdi.o        # bsdi
-
-# Also need SHA1_ASM defined
-SHA1_ASM_OBJ= asm/sx86-out.o
-#SHA1_ASM_OBJ= asm/sx86-elf.o       # elf
-#SHA1_ASM_OBJ= asm/sx86-sol.o       # solaris
-#SHA1_ASM_OBJ= asm/sx86-out.o       # a.out, FreeBSD
-#SHA1_ASM_OBJ= asm/sx86bsdi.o       # bsdi
-
-# Also need RMD160_ASM defined
-RMD160_ASM_OBJ= asm/rm86-out.o
-#RMD160_ASM_OBJ= asm/rm86-elf.o       # elf
-#RMD160_ASM_OBJ= asm/rm86-sol.o       # solaris
-#RMD160_ASM_OBJ= asm/rm86-out.o       # a.out, FreeBSD
-#RMD160_ASM_OBJ= asm/rm86bsdi.o       # bsdi
-
-DIRS=   crypto ssl rsaref apps test tools
-SHLIBDIRS= crypto ssl
-
-# dirs in crypto to build
-SDIRS=  \
-	md2 md5 sha mdc2 hmac ripemd \
-	des rc2 rc4 rc5 idea bf cast \
-	bn rsa dsa dh \
-	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp
-
-MAKEFILE= Makefile.ssl
-MAKE=     make -f Makefile.ssl
-
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-
-TOP=    .
-ONEDIRS=out tmp
-EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
-WDIRS=  windows
-LIBS=   libcrypto.a libssl.a 
-
-GENERAL=        Makefile
-BASENAME=       openssl
-NAME=           $(BASENAME)-$(VERSION)
-TARFILE=        $(NAME).tar
-WTARFILE=       $(NAME)-win.tar
-EXHEADER=       e_os.h e_os2.h
-HEADER=         e_os.h
-
-all: Makefile.ssl
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making all in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' SDIRS='${SDIRS}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
-	done
-	-@# cd perl; $(PERL) Makefile.PL; make
-
-sub_all:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making all in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \
-	done;
-
-linux-shared:
-	for i in ${SHLIBDIRS}; do \
-	rm -f lib$$i.a lib$$i.so \
-		lib$$i.so.${MAJOR} lib$$i.so.${MAJOR}.${MINOR}; \
-	${MAKE} CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='-fPIC ${CFLAG}' SDIRS='${SDIRS}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' DIRS=$$i clean all || exit 1; \
-	( set -x; ${CC}  -shared -o lib$$i.so.${MAJOR}.${MINOR} \
-		-Wl,-S,-soname=lib$$i.so.${MAJOR} \
-		-Wl,--whole-archive lib$$i.a \
-		-Wl,--no-whole-archive -lc ) || exit 1; \
-	rm -f lib$$i.a; make -C $$i clean || exit 1 ;\
-	done;
-	@set -x; \
-	for i in ${SHLIBDIRS}; do \
-	ln -s lib$$i.so.${MAJOR}.${MINOR} lib$$i.so.${MAJOR}; \
-	ln -s lib$$i.so.${MAJOR} lib$$i.so; \
-	done;
-
-Makefile.ssl: Makefile.org
-	@echo "Makefile.ssl is older than Makefile.org."
-	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
-	@false
-
-libclean:
-	rm -f *.a */lib */*/lib
-
-clean:
-	rm -f shlib/*.o *.o core a.out fluff *.map
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making clean in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
-	rm -f $(LIBS); \
-	done;
-	rm -f *.a *.o speed.* *.map *.so .pure core
-	rm -f $(TARFILE)
-	@for i in $(ONEDIRS) ;\
-	do \
-	rm -fr $$i/*; \
-	done
-
-makefile.one: files
-	$(PERL) util/mk1mf.pl >makefile.one; \
-	sh util/do_ms.sh
-
-files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making 'files' in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' files ) || exit 1; \
-	done;
-
-links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
-	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
-	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
-	@for i in $(DIRS); do \
-	(cd $$i && echo "making links in $$i..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' links ) || exit 1; \
-	done;
-
-dclean:
-	rm -f *.bak
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making dclean in $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' PERL='${PERL}' dclean ) || exit 1; \
-	done;
-
-rehash:
-	@(OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs)
-
-test:   tests
-
-tests: rehash
-	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' tests );
-	@apps/openssl version -a
-
-depend:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making dependencies $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' depend ) || exit 1; \
-	done;
-
-lint:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making lint $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' lint ) || exit 1; \
-	done;
-
-tags:
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i && echo "making tags $$i..." && \
-	$(MAKE) SDIRS='${SDIRS}' tags ) || exit 1; \
-	done;
-
-errors:
-	perl util/mkerr.pl -recurse -write
-
-util/libeay.num::
-	perl util/mkdef.pl crypto update
-
-util/ssleay.num::
-	perl util/mkdef.pl ssl update
-
-TABLE: Configure
-	(echo 'Output of `Configure TABLE'"':"; \
-	perl Configure TABLE) > TABLE
-
-update: depend errors util/libeay.num util/ssleay.num TABLE
-
-tar:
-	@tar --norecurse -cvf - \
-		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort` |\
-	tardy --user_number=0  --user_name=openssl \
-	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
-	gzip --best >../$(TARFILE).gz; \
-	ls -l ../$(TARFILE).gz
-
-dist:   
-	$(PERL) Configure dist
-	@$(MAKE) dist_pem_h
-	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) tar
-
-dist_pem_h:
-	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
-
-install: all
-	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/private \
-		$(INSTALL_PREFIX)$(OPENSSLDIR)/lib
-	@for i in $(EXHEADER) ;\
-	do \
-	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
-	done;
-	@for i in $(DIRS) ;\
-	do \
-	(cd $$i; echo "installing $$i..."; \
-	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' OPENSSLDIR='${OPENSSLDIR}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' install ); \
-	done
-	@for i in $(LIBS) ;\
-	do \
-	(       echo installing $$i; \
-		cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib; \
-		$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i; \
-		chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i ); \
-	done
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/Makefile.ssl
+++ b/Makefile.ssl
@@ -0,0 +1,276 @@
+#
+# Makefile for all the SSL related library routines and utilities
+VERSION	= 0.8.1a
+#
+# make install will install:
+#   libraries into $INSTALLTOP/lib
+#   headers   into $INSTALLTOP/include
+#   utilities into $INSTALLTOP/bin
+#
+# By default INSTALLTOP is set to /usr/local/ssl
+# If you want things install elsewere, consider running
+# perl util/ssldir.pl /new/path
+#
+# Interesting Mailing Lists:
+#     ssl-bugs@mincom.oz.au
+#     ssl-users@mincom.oz.au
+#
+# To join the Mailing Lists:
+#     ssl-bugs-request@mincom.oz.au
+#     ssl-users-request@mincom.oz.au
+#
+# If you must get hold of people directly (we much prefer the above
+# lists to be used if the question is of general interest!):
+#	Eric Young <eay@cryptsoft.com>
+#	Tim Hudson <tjh@cryptsoft.com>
+#	or both    <ssleay@cryptsoft.com>
+#
+# The primary distribution of SSLeay is from
+# ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
+#
+# NOCONST - Define for C compilers that don't like the const key word.
+# NOPROTO - Define in if your compiler does not support prototypes.
+# RSAref  - Define if we are to link with RSAref.
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4  - Define to build without the RC4 algorithm
+# NO_RC2  - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+#	    system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+#	    one.  32 bytes will be read from this when the random
+#	    number generator is initalised.
+# SSL_ALLOW_ADH - define if you want the server to be able to use the
+#	    SSLv3 anon-DH ciphers.
+# SSL_ALLOW_ENULL - define if you want the server to be able to use the
+#	    NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+#	CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#	call application defined callbacks via CRYPTO_set_mem_functions()
+
+
+CC= cc
+CFLAG= -O -DNOPROTO
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+PEX_LIBS= -L. -L.. -L../.. -L../../..
+EX_LIBS= 
+#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
+AR=ar r
+
+# Set BN_MULW to bn_mulw.o if you want to use the C version
+#BN_MULW= asm/x86-lnx.o
+BN_MULW= bn_mulw.o
+#BN_MULW= asm/x86-lnx.o		# elf
+#BN_MULW= asm/x86-sol.o		# solaris
+#BN_MULW= asm/x86-lnxa.o	# a.out, FreeBSD
+#BN_MULW= asm/x86-bsdi.o	# bsdi
+#BN_MULW= asm/alpha.o		# DEC Alpha
+#BN_MULW= asm/pa-risc2.o	# HP-UX PA-RISC
+#BN_MULW= asm/r3000.o		# SGI MIPS cpu
+#BN_MULW= asm/sparc.o		# Sun solaris/SunOS
+#BN_MULW= asm/x86nt32.o		# Windows 95/NT
+#BN_MULW= asm/x86w16.o		# 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o		# 32 bit code for Windows 3.1
+
+# Set DES_ENC to des_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+DES_ENC= des_enc.o fcrypt_b.o
+#DES_ENC= des_enc.o fcrypt_b.o		# C
+#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o	# solaris
+#DES_ENC= asm/dx86-out.o asm/cx86-out.o	# a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o	# bsdi
+
+# Set BF_ENC to bf_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+BF_ENC= bf_enc.o
+#BF_ENC= bf_enc.o	# C
+#BF_ENC= asm/bx86-elf.o # elf
+#BF_ENC= asm/bx86-sol.o	# solaris
+#BF_ENC= asm/bx86-out.o	# a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o	# bsdi
+
+DIRS=	crypto ssl rsaref apps test tools
+# dirs in crypto to build
+SDIRS=  \
+	md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+	buffer bio stack lhash rand err objects \
+	evp pem asn1 x509 conf txt_db pkcs7
+
+# If you change the INSTALLTOP, make sure to also change the values
+# in crypto/location.h
+INSTALLTOP=/usr/local/ssl
+
+MAKEFILE= Makefile.ssl
+MAKE=	  make -f Makefile.ssl
+
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+
+TOP=	.
+ONEDIRS=out tmp
+EDIRS=	times doc bugs util include certs ms shlib mt demos
+MISC=	COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+	README TODO HISTORY README.066 README.080 \
+	VERSION PROBLEMS MINFO makefile.one e_os.h \
+	MICROSOFT makevms.com
+WDIRS=	windows
+LIBS=	libcrypto.a libssl.a 
+
+GENERAL=	Makefile
+BASENAME=	SSLeay
+NAME=		$(BASENAME)-$(VERSION)
+TARFILE=	$(NAME).tar
+WTARFILE=	$(NAME)-win.tar
+EX_HEADER=
+HEADER=		e_os.h
+
+all:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making $$i..."; \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+	done;
+
+sub_all:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making $$i..."; \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+	done;
+
+clean:
+	/bin/rm -f *.o core a.out fluff *.map
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "cleaning $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' clean ); \
+	/bin/rm -f $(LIBS); \
+	done;
+	/bin/rm -f *.a *.o speed.* *.map *.so .pure core
+	/bin/rm -f $(TARFILE)
+	@for i in $(ONEDIRS) ;\
+	do \
+	/bin/rm -f $$i/*; \
+	done
+
+makefile.one: files
+	perl util/mk1mf.pl >makefile.one; \
+	sh util/do_ms.sh
+
+files:	MINFO
+	perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making 'files' in $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' files ); \
+	done;
+
+links:
+	/bin/rm -f Makefile;
+	./util/point.sh Makefile.ssl Makefile;
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making links in $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' links ); \
+	done;
+	# @(cd apps; sh ./mklinks)
+	sh tools/c_rehash certs
+
+dclean:
+	/bin/rm -f *.bak
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "undoing makedepend in $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' dclean ); \
+	done;
+
+rehash:
+	@(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
+
+test:	tests
+
+tests:
+	(cd test; echo "testing $$i..."; \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+	@apps/ssleay version -a
+
+depend:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making dependancies $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' depend ); \
+	done;
+
+lint:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making lint $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' lint ); \
+	done;
+
+tags:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making tags $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' tags ); \
+	done;
+
+errors:
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "making errors in $$i..."; \
+	$(MAKE) SDIRS='${SDIRS}' errors ); \
+	done;
+
+tar:
+	@(cd ..;\
+	mv $(BASENAME) $(NAME); \
+	export STUFF; \
+	for i in $(MISC) $(DIRS) $(EDIRS) $(ONEDIRS) ;\
+	do \
+		STUFF="$$STUFF $(NAME)/$$i"; \
+	done; \
+	tar cf $(NAME)/$(TARFILE) $$STUFF; \
+	mv $(NAME) $(BASENAME) ) 
+	gzip -f $(TARFILE)
+
+dist:	
+	perl Configure dist
+	@$(MAKE) dist_pem_h
+	@$(MAKE) SDIRS='${SDIRS}' clean
+	@$(MAKE) SDIRS='${SDIRS}' dclean
+	@(cd apps; sh ./rmlinks)
+	@$(MAKE) makefile.one
+	@$(MAKE) tar
+
+dist_pem_h:
+	(cd crypto/pem; $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
+
+install: all
+	@-mkdir -p $(INSTALLTOP)/bin 2>/dev/null
+	@-mkdir -p $(INSTALLTOP)/lib 2>/dev/null
+	@-mkdir -p $(INSTALLTOP)/include 2>/dev/null
+	@-mkdir -p $(INSTALLTOP)/certs 2>/dev/null
+	@-mkdir -p $(INSTALLTOP)/private 2>/dev/null
+	@for i in $(DIRS) ;\
+	do \
+	(cd $$i; echo "installing $$i..."; \
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' install ); \
+	done
+	@for i in $(LIBS) ;\
+	do \
+	(	echo installing $$i; \
+		cp $$i $(INSTALLTOP)/lib; \
+		sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
+		chmod 644 $(INSTALLTOP)/lib/$$i ); \
+	done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/65
+++ b/65
@@ -1,65 +0,0 @@
-
-  NEWS
-  ====
-
-  This file gives a brief overview of the major changes between each OpenSSL
-  release. For more details please read the CHANGES file.
-
-  Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
-
-      o Transparent support for PKCS#8 format private keys: these are used
-        by several software packages and are more secure than the standard
-        form
-      o PKCS#5 v2.0 implementation
-      o Password callbacks have a new void * argument for application data
-      o Avoid various memory leaks
-      o New pipe-like BIO that allows using the SSL library when actual I/O
-        must be handled by the application (BIO pair)
-
-  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
-      o Lots of enhancements and cleanups to the Configuration mechanism
-      o RSA OEAP related fixes
-      o Added `openssl ca -revoke' option for revoking a certificate
-      o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
-      o Source tree cleanups: removed lots of obsolete files
-      o Thawte SXNet, certificate policies and CRL distribution points
-        extension support
-      o Preliminary (experimental) S/MIME support
-      o Support for ASN.1 UTF8String and VisibleString
-      o Full integration of PKCS#12 code
-      o Sparc assembler bignum implementation, optimized hash functions
-      o Option to disable selected ciphers
-
-  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:
-      o Fixed a security hole related to session resumption
-      o Fixed RSA encryption routines for the p < q case
-      o "ALL" in cipher lists now means "everything except NULL ciphers"
-      o Support for Triple-DES CBCM cipher
-      o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
-      o First support for new TLSv1 ciphers
-      o Added a few new BIOs (syslog BIO, reliable BIO)
-      o Extended support for DSA certificate/keys.
-      o Extended support for Certificate Signing Requests (CSR)
-      o Initial support for X.509v3 extensions
-      o Extended support for compression inside the SSL record layer
-      o Overhauled Win32 builds
-      o Cleanups and fixes to the Big Number (BN) library
-      o Support for ASN.1 GeneralizedTime
-      o Splitted ASN.1 SETs from SEQUENCEs
-      o ASN1 and PEM support for Netscape Certificate Sequences
-      o Overhauled Perl interface
-      o Lots of source tree cleanups.
-      o Lots of memory leak fixes.
-      o Lots of bug fixes.
-
-  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
-      o Integration of the popular NO_RSA/NO_DSA patches
-      o Initial support for compression inside the SSL record layer
-      o Added BIO proxy and filtering functionality
-      o Extended Big Number (BN) library
-      o Added RIPE MD160 message digest
-      o Addeed support for RC2/64bit cipher
-      o Extended ASN.1 parser routines
-      o Adjustations of the source tree for CVS
-      o Support for various new platforms
-
--- a/50
+++ b/50
@@ -0,0 +1,50 @@
+If you have any problems with SSLeay then please take the following 
+steps:
+
+    Remove the ASM version of the BN routines (edit Configure)
+    Remove the compiler optimisation flags
+    Add in the compiler debug flags (-g)
+
+Note: if using gcc then remove -fomit-frame-pointer before you try
+      to debug things.
+
+If you wish to report a bug then please include the following information
+in any bug report:
+
+    SSLeay Details
+	- Version, most of these details can be got from the
+	  'ssleay version -a' command.
+    Operating System Details
+	- OS Name
+	- OS Version
+	- Hardware platform
+    Compiler Details
+	- Name
+	- Version
+    Application Details 
+	- Name 
+	- Version 
+    Problem Description
+	- include steps that will reproduce the problem (if known)
+    Stack Traceback (if the application dumps core)
+
+For example:
+
+    SSLeay-0.5.1a
+    SunOS 5.3, SPARC, SunC 3.0
+    SSLtelnet-0.7
+
+    Core dumps when using telnet with SSL support in bn_mul() with 
+    the following stack trackback 
+	...
+
+
+Report the bug to either
+    ssleay@mincom.oz.au (Eric and Tim)
+or
+    ssl-bugs@mincom.oz.au (mailing list of active developers)
+
+
+Tim Hudson
+tjh@mincom.oz.au
+
--- a/322
+++ b/322
@@ -1,205 +1,173 @@
+		SSLeay 0.8.1b 29-Jun-1998
+		Copyright (c) 1997, Eric Young
+		All rights reserved.

- OpenSSL 0.9.4  09 Aug 1999
+This directory contains Eric Young's (eay@cryptsoft.com) implementation
+of SSL and supporting libraries.

- Copyright (c) 1998-1999 The OpenSSL Project
- Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
- All rights reserved.
+The current version of this library is available from
+    ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz

- DESCRIPTION
- -----------
+There are patches to a number of internet applications which can be found in
+    ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/

- The OpenSSL Project is a collaborative effort to develop a robust,
- commercial-grade, fully featured, and Open Source toolkit implementing the
- Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols with full-strength cryptography world-wide. The project is managed
- by a worldwide community of volunteers that use the Internet to communicate,
- plan, and develop the OpenSSL toolkit and its related documentation. 
+A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com> 
+can be found at 
+    http://www.psy.uq.oz.au/~ftp/Crypto

- OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
- and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
- OpenSSL license plus the SSLeay license) situation, which basically means
- that you are free to get and use it for commercial and non-commercial
- purposes as long as you fulfill the conditions of both licenses. 
+Additional documentation is being slowly written by Eric Young, and is being
+added to http://www.cryptsoft.com/ssleay/doc.  It will normally also be
+available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay

- OVERVIEW
- --------
+This Library and programs are FREE for commercial and non-commercial
+usage.  The only restriction is that I must be attributed with the
+development of this code.  See the COPYRIGHT file for more details.
+Donations would still be accepted :-).

- The OpenSSL toolkit includes:
+THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6

- libssl.a:
-     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
-     both SSLv2, SSLv3 and TLSv1 in the one server and client.
+The package includes

- libcrypto.a:
-     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
-     actually logically part of it. It includes routines for the following:
+libssl.a:
+	My implementation of SSLv2, SSLv3 and the required code to support
+	both SSLv2 and SSLv3 in the one server.

-     Ciphers
-        libdes - EAY's libdes DES encryption package which has been floating
-                 around the net for a few years.  It includes 15
-                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
-                 cbc, cfb and ofb; pcbc and a more general form of cfb and
-                 ofb) including desx in cbc mode, a fast crypt(3), and
-                 routines to read passwords from the keyboard.
-        RC4 encryption,
-        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
-        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
-        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
+libcrypto.a:
+	General encryption and X509 stuff needed by SSL but not
+	actually logically part of it.  It includes routines for the following:

-     Digests
-        MD5 and MD2 message digest algorithms, fast implementations,
-        SHA (SHA-0) and SHA-1 message digest algorithms,
-        MDC2 message digest. A DES based hash that is popular on smart cards.
+  Ciphers
+	libdes - My libdes DES encryption package which has been floating
+		around the net for a few years.  It includes 15
+		'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+		cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
+		including desx in cbc mode,
+		a fast crypt(3), and routines to read passwords from the
+		keyboard.
+	RC4 encryption,
+	RC2 encryption 		- 4 different modes, ecb, cbc, cfb and ofb.
+	Blowfish encryption	- 4 different modes, ecb, cbc, cfb and ofb.
+	IDEA encryption		- 4 different modes, ecb, cbc, cfb and ofb.

-     Public Key
-        RSA encryption/decryption/generation.  
-            There is no limit on the number of bits.
-        DSA encryption/decryption/generation.   
-            There is no limit on the number of bits.
-        Diffie-Hellman key-exchange/key generation.  
-            There is no limit on the number of bits.
+  Digests
+	MD5 and MD2 message digest algorithms, fast implementations,
+	SHA (SHA-0) and SHA-1 message digest algorithms,
+	MDC2 message digest.  A DES based hash that is polular on smart cards.

-     X.509v3 certificates
-        X509 encoding/decoding into/from binary ASN1 and a PEM
-             based ascii-binary encoding which supports encryption with a
-             private key.  Program to generate RSA and DSA certificate
-             requests and to generate RSA and DSA certificates.
+  Public Key
+	RSA encryption/decryption/generation.  There is no limit
+		on the number of bits.
+	DSA encryption/decryption/generation.   There is no limit on the
+		number of bits.
+	Diffie-Hellman key-exchange/key generation.  There is no limit
+		on the number of bits.

-     Systems
-        The normal digital envelope routines and base64 encoding.  Higher
-        level access to ciphers and digests by name.  New ciphers can be
-        loaded at run time.  The BIO io system which is a simple non-blocking
-        IO abstraction.  Current methods supported are file descriptors,
-        sockets, socket accept, socket connect, memory buffer, buffering, SSL
-        client/server, file pointer, encryption, digest, non-blocking testing
-        and null.
+  X509v3 certificates
+	X509 encoding/decoding into/from binary ASN1 and a PEM
+		based ascii-binary encoding which supports encryption with
+		a private key.
+	Program to generate RSA and DSA certificate requests and to
+		generate RSA and DSA certificates.

-     Data structures
-        A dynamically growing hashing system
-        A simple stack.
-        A Configuration loader that uses a format similar to MS .ini files.
+  Systems
+  	The normal digital envelope routines and base64 encoding.
+	Higher level access to ciphers and digests by name.  New ciphers can be
+		loaded at run time.
+	The BIO io system which is a simple non-blocking IO abstraction.
+		Current methods supported are file descriptors, sockets,
+		socket accept, socket connect, memory buffer, buffering,
+		SSL client/server, file pointer, encryption, digest,
+		non-blocking testing and null.
+  Data structures
+  	A dynamically growing hashing system
+	A simple stack.
+	A Configuration loader that uses a format similar to MS .ini files.

- openssl: 
-     A command line tool which provides the following functions:
+Programs in this package include
+	enc	- a general encryption program that can encrypt/decrypt using
+		one of 17 different cipher/mode combinations.  The
+		input/output can also be converted to/from base64
+		ascii encoding.
+	dgst	- a generate message digesting program that will generate
+		message digests for any of md2, md5, sha (sha-0 or sha-1)
+		or mdc2.
+	asn1parse - parse and display the structure of an asn1 encoded
+		binary file.
+	rsa	- Manipulate RSA private keys.
+	dsa	- Manipulate DSA private keys.
+	dh	- Manipulate Diffie-Hellman parameter files.
+	dsaparam- Manipulate and generate DSA parameter files.
+	crl	- Manipulate certificate revocation lists.
+	crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+	x509	- Manipulate x509 certificates, self-sign certificates.
+	req	- Manipulate PKCS#10 certificate requests and also
+		  generate certificate requests.
+	genrsa  - Generates an arbitrary sized RSA private key.
+	gendh	- Generates a set of Diffie-Hellman parameters, the prime
+		  will be a strong prime.
+	ca	- Create certificates from PKCS#10 certificate requests.
+		  This program also maintains a database of certificates
+		  issued.
+	verify	- Check x509 certificate signatures.
+	speed	- Benchmark SSLeay's ciphers.
+	s_server- A test SSL server.
+	s_client- A test SSL client.
+	s_time	- Benchmark SSL performance of SSL server programs.
+	errstr	- Convert from SSLeay hex error codes to a readable form.
+	
+Documents avaliable are
+	A Postscript and html reference manual
+	(written by Tim Hudson tjh@cryptsoft.com).

-     enc     - a general encryption program that can encrypt/decrypt using
-               one of 17 different cipher/mode combinations.  The
-               input/output can also be converted to/from base64
-               ascii encoding.
-     dgst    - a generate message digesting program that will generate
-               message digests for any of md2, md5, sha (sha-0 or sha-1)
-               or mdc2.
-     asn1parse - parse and display the structure of an asn1 encoded
-               binary file.
-     rsa     - Manipulate RSA private keys.
-     dsa     - Manipulate DSA private keys.
-     dh      - Manipulate Diffie-Hellman parameter files.
-     dsaparam- Manipulate and generate DSA parameter files.
-     crl     - Manipulate certificate revocation lists.
-     crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
-     x509    - Manipulate x509 certificates, self-sign certificates.
-     req     - Manipulate PKCS#10 certificate requests and also
-               generate certificate requests.
-     genrsa  - Generates an arbitrary sized RSA private key.
-     gendsa  - Generates DSA parameters.
-     gendh   - Generates a set of Diffie-Hellman parameters, the prime
-               will be a strong prime.
-     ca      - Create certificates from PKCS#10 certificate requests.
-               This program also maintains a database of certificates
-               issued.
-     verify  - Check x509 certificate signatures.
-     speed   - Benchmark OpenSSL's ciphers.
-     s_server- A test SSL server.
-     s_client- A test SSL client.
-     s_time  - Benchmark SSL performance of SSL server programs.
-     errstr  - Convert from OpenSSL hex error codes to a readable form.
-     nseq    - Netscape certificate sequence utility
-        
- PATENTS
- -------
+	A list of text protocol references I used.
+	An initial version of the library manual.

- Various companies hold various patents for various algorithms in various
- locations around the world. _YOU_ are responsible for ensuring that your use
- of any algorithms is legal by checking if there are any patents in your
- country.  The file contains some of the patents that we know about or are
- rumoured to exist. This is not a definitive list.
+To install this package, read the INSTALL file.
+For the Microsoft word, read MICROSOFT
+This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
+SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
+LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.

- RSA Data Security holds software patents on the RSA and RC5 algorithms.  If
- their ciphers are used used inside the USA (and Japan?), you must contact RSA
- Data Security for licensing conditions. Their web page is
- http://www.rsa.com/.
+Multithreading has been tested under Windows NT and Solaris 2.5.1

- RC4 is a trademark of RSA Data Security, so use of this label should perhaps
- only be used with RSA Data Security's permission. 
+Due to time constraints, the current release has only be rigorously tested
+on Solaris 2.[45], Linux and Windows NT.

- The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
- Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They should
- be contacted if that algorithm is to be used, their web page is
- http://www.ascom.ch/.
+For people in the USA, it is possible to compile SSLeay to use RSA
+Inc.'s public key library, RSAref.  From my understanding, it is
+claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
+Read doc/rsaref.doc on how to build with RSAref.

- INSTALLATION
- ------------
+Read the documentation in the doc directory.  It is quite rough,
+but it lists the functions, you will probably have to look at
+the code to work out how to used them.  I will be working on
+documentation.  Look at the example programs.

- To install this package under a Unix derivative, read the INSTALL file.  For
- a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
- INSTALL.VMS.
+There should be a SSL reference manual which is being put together by
+Tim Hudson (tjh@cryptsoft.com) in the same location as this
+distribution.  This contains a lot more information that is very
+useful.  For a description of X509 Certificates, their use, and
+certification, read rfc1421, rfc1422, rfc1423 and rfc1424.  ssl/README
+also goes over the mechanism.

- For people in the USA, it is possible to compile OpenSSL to use RSA Inc.'s
- public key library, RSAREF, by configuring OpenSSL with the option "rsaref".
+We have setup some mailing lists for use by people that are interested
+in helping develop this code and/or ask questions.
+    ssl-bugs@mincom.oz.au
+    ssl-users@mincom.oz.au
+    ssl-bugs-request@mincom.oz.au
+    ssl-users-request@mincom.oz.au

- Read the documentation in the doc/ directory.  It is quite rough, but it
- lists the functions, you will probably have to look at the code to work out
- how to used them. Look at the example programs.
+I have recently read about a new form of software, that which is in
+a permanent state of beta release.  Linux and Netscape are 2 good 
+examples of this, and I would also add SSLeay to this category.
+The Current stable release is 0.6.6.  It has a few minor problems.
+0.8.0 is not call compatable so make sure you have the correct version
+of SSLeay to link with.  

- SUPPORT 
- -------
+eric (Jun 1997)

- If you have any problems with OpenSSL then please take the following steps
- first:
+Eric Young (eay@cryptsoft.com)
+86 Taunton St.
+Annerley 4103.
+Australia.

-    - Remove ASM versions of libraries
-    - Remove compiler optimisation flags 
-    - Add compiler debug flags (if using gcc then remove -fomit-frame-pointer
-      before you try to debug things)
-
- If you wish to report a bug then please include the following information in
- any bug report:
-
-    OpenSSL Details
-    - Version, most of these details can be got from the
-      'openssl version -a' command.
-    Operating System Details
-    - On Unix systems: Output of './config -t'
-    - OS Name, Version
-    - Hardware platform
-    Compiler Details
-    - Name
-    - Version
-    Application Details 
-    - Name 
-    - Version 
-    Problem Description
-    - include steps that will reproduce the problem (if known)
-    Stack Traceback (if the application dumps core)
-
- Report the bug to the OpenSSL project at:
-
-    openssl-bugs@openssl.org
-
- HOW TO CONTRIBUTE TO OpenSSL
- ----------------------------
-
- Development is coordinated on the openssl-dev mailing list (see
- http://www.openssl.org for information on subscribing). If you
- would like to submit a patch, send it to openssl-dev@openssl.org.
- Please be sure to include a textual explanation of what your patch
- does.
-
- The preferred format for changes is "diff -u" output. You might
- generate it like this:
-
- # cd openssl-work
- # [your changes]
- # ./Configure dist; make clean
- # cd ..
- # diff -urN openssl-orig openssl-work > mydiffs.patch
--- a/README.066
+++ b/README.066
@@ -0,0 +1,27 @@
+
+SSLeay 0.6.6 13-Jan-1997
+
+The main additions are
+
+- assember for x86 DES improvments.
+  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
+  loop and the IP/FP modifications are from
+  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
+  contribution.
+- The 'DES macros' introduced in 0.6.5 now have 3 types.
+  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
+  is best and there is a summery of mine in crypto/des/options.txt
+- A few bug fixes.
+- Added blowfish.  It is not used by SSL but all the other stuff that
+  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
+  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
+  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
+  the 'Configure' script.
+- There is now a 'get client certificate' callback which can be
+  'non-blocking'.  If more details are required, let me know.  It will
+  documented more in SSLv3 when I finish it.
+- Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
+  now tests the ca program.
+- Lots of little things modified and tweaked.
+
+eric
--- a/README.080
+++ b/README.080
@@ -0,0 +1,147 @@
+This version of SSLeay has quite a lot of things different from the
+previous version.
+
+Basically check all callback parameters, I will be producing documentation
+about how to use things in th future.  Currently I'm just getting 080 out
+the door.  Please not that there are several ways to do everything, and
+most of the applications in the apps directory are hybrids, some using old
+methods and some using new methods.
+
+Have a look in demos/bio for some very simple programs and
+apps/s_client.c and apps/s_server.c for some more advanced versions.
+Notes are definitly needed but they are a week or so away.
+
+Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
+---
+Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
+get those people that want to move to using the new code base off to
+a quick start.
+
+Note that Eric has tidied up a lot of the areas of the API that were
+less than desirable and renamed quite a few things (as he had to break
+the API in lots of places anyrate). There are a whole pile of additional
+functions for making dealing with (and creating) certificates a lot
+cleaner.
+
+01-Jul-97
+Tim Hudson
+tjh@cryptsoft.com
+
+---8<---
+
+To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
+use something like the following (assuming you #include "crypto.h" which
+is something that you really should be doing).
+
+#if SSLEAY_VERSION_NUMBER >= 0x0800
+#define SSLEAY8
+#endif
+
+buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
+            too if you are working with BIO internal stuff (as distinct
+	    from simply using the interface in an opaque manner)
+
+#include "bio.h"	- required along with "buffer.h" if you write
+			  your own BIO routines as the buffer and bio
+			  stuff that was intermixed has been separated
+			  out 
+			
+envelope.h -> evp.h  (which should have been done ages ago)
+
+Initialisation ... don't forget these or you end up with code that
+is missing the bits required to do useful things (like ciphers):
+
+SSLeay_add_ssl_algorithms()
+(probably also want SSL_load_error_strings() too but you should have
+ already had that call in place)
+
+SSL_CTX_new()	- requires an extra method parameter
+		      SSL_CTX_new(SSLv23_method()) 
+		      SSL_CTX_new(SSLv2_method()) 
+		      SSL_CTX_new(SSLv3_method()) 
+
+		  OR to only have the server or the client code
+		      SSL_CTX_new(SSLv23_server_method()) 
+		      SSL_CTX_new(SSLv2_server_method()) 
+		      SSL_CTX_new(SSLv3_server_method()) 
+		  or  
+		      SSL_CTX_new(SSLv23_client_method()) 
+		      SSL_CTX_new(SSLv2_client_method()) 
+		      SSL_CTX_new(SSLv3_client_method()) 
+
+SSL_set_default_verify_paths() ... renamed to the more appropriate
+SSL_CTX_set_default_verify_paths()
+
+If you want to use client certificates then you have to add in a bit
+of extra stuff in that a SSLv3 server sends a list of those CAs that
+it will accept certificates from ... so you have to provide a list to
+SSLeay otherwise certain browsers will not send client certs.
+
+SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+
+X509_NAME_oneline(X)	-> X509_NAME_oneline(X,NULL,0)	
+			   or provide a buffer and size to copy the
+			   result into
+
+X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
+		  notes on X509_NAME structure changes too)
+
+
+VERIFICATION CODE
+=================
+
+The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
+more accurately reflect things.
+
+The verification callback args are now packaged differently so that
+extra fields for verification can be added easily in future without
+having to break things by adding extra parameters each release :-)
+
+X509_cert_verify_error_string -> X509_verify_cert_error_string
+
+
+BIO INTERNALS
+=============
+
+Eric has fixed things so that extra flags can be introduced in
+the BIO layer in future without having to play with all the BIO
+modules by adding in some macros.
+
+The ugly stuff using 
+	b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
+becomes
+	BIO_clear_retry_flags(b)
+
+	b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
+becomes
+	BIO_set_retry_read(b)
+
+Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
+
+
+
+OTHER THINGS
+============
+
+X509_NAME has been altered so that it isn't just a STACK ... the STACK
+is now in the "entries" field ... and there are a pile of nice functions
+for getting at the details in a much cleaner manner.
+
+SSL_CTX has been altered ... "cert" is no longer a direct member of this
+structure ... things are now down under "cert_store" (see x509_vfy.h) and
+things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
+If your code "knows" about this level of detail then it will need some 
+surgery.
+
+If you depending on the incorrect spelling of a number of the error codes
+then you will have to change your code as these have been fixed.
+
+ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
+has been all along so this makes things clearer.
+ify_cert_error_string(ctx->error));
+
+SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
+			and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
+
+
--- a/120
+++ b/120
@@ -1,120 +0,0 @@
-
-  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 1999/08/09 10:25:36 $
-
-  DEVELOPMENT STATE
-
-    o  OpenSSL 0.9.4:  Is rolled the next hour...
-    o  OpenSSL 0.9.3a: Released on May      29th, 1999
-    o  OpenSSL 0.9.3:  Released on May      25th, 1999
-    o  OpenSSL 0.9.2b: Released on March    22th, 1999
-    o  OpenSSL 0.9.1c: Released on December 23th, 1998
-
-  RELEASE SHOWSTOPPERS
-
-  AVAILABLE PATCHES
-
-    o OCSP (titchenert@certco.com) 
-    o getenv in ca.c and x509_def.c (jaltman@watsun.cc.columbia.edu)
-
-  IN PROGRESS
-
-    o Steve is currently working on (in no particular order):
-        Proper (or at least usable) certificate chain verification.
-	Private key, certificate and CRL API and implementation.
-	Checking and bugfixing PKCS#7 (S/MIME code).
-
-    o Mark is currently working on:
-        Folding in any changes that are in the C2Net code base that were
-        not in the original SSLeay-0.9.1.b release.  Plus other minor
-        tidying.
-
-    o Ralf is currently working on:
-        1. Support for SSL_set_default_verify_paths(),
-           SSL_load_verify_locations(), SSL_get_cert_store() and
-           SSL_set_cert_store() functions which work like their existing
-           SSL_CTX_xxx() variants but on a per connection basis. That's needed
-           to let us provide full-featured per-URL client verification in
-           mod_ssl or Apache-SSL.
-           => It still dumps core, so I suspend this and investigate
-              again for OpenSSL 0.9.3.
-        2. The perl/ stuff to make it really work the first time ;-)
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        3. The new documentation set in POD format under doc/
-           => I'll investigate a few more hours for OpenSSL 0.9.2
-        4. More cleanups to get rid of obsolete/old/ugly files in the
-           source tree which are not really needed.
-           => Done all which were possible with my personal knowledge
-
-    o Ben is currently working on:
-	1. Function Prototype Thought Police issues.
-	2. Integrated documentation.
-	3. New TLS Ciphersuites.
-	4. Anything else that takes his fancy.
-
-  NEEDS PATCH
-
-    o  salzr@certco.com (Rich Salz): Bug in X509_name_print
-       <29E0A6D39ABED111A36000A0C99609CA2C2BA4@macertco-srv1.ma.certco.com>
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
-
-  OPEN ISSUES
-
-    o internal_verify doesn't know about X509.v3 (basicConstraints
-      CA flag ...)
-
-    o  The Makefile hierarchy and build mechanism is still not a round thing:
-
-       1. The config vs. Configure scripts
-          It's the same nasty situation as for Apache with APACI vs.
-          src/Configure. It confuses.
-          Suggestion: Merge Configure and config into a single configure
-                      script with a Autoconf style interface ;-) and remove
-                      Configure and config. Or even let us use GNU Autoconf
-                      itself. Then we can avoid a lot of those platform checks
-                      which are currently in Configure.
-
-    o  Support for Shared Libraries has to be added at least
-       for the major Unix platforms. The details we can rip from the stuff
-       Ralf has done for the Apache src/Configure script. Ben wants the
-       solution to be really simple.
-
-       Status: Ralf will look how we can easily incorporate the
-               compiler PIC and linker DSO flags from Apache
-               into the OpenSSL Configure script.
-
-    o  The perl/ stuff needs a major overhaul. Currently it's
-       totally obsolete. Either we clean it up and enhance it to be up-to-date
-       with the C code or we also could replace it with the really nice
-       Net::SSLeay package we can find under
-       http://www.neuronio.pt/SSLeay.pm.html.  Ralf uses this package for a
-       longer time and it works fine and is a nice Perl module. Best would be
-       to convince the author to work for the OpenSSL project and create a
-       Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
-       us.
-
-       Status: Ralf thinks we should both contact the author of Net::SSLeay
-               and look how much effort it is to bring Eric's perl/ stuff up
-               to date.
-               Paul +1
-
-    o The EVP and ASN1 stuff is a mess. Currently you have one EVP_CIPHER
-      structure for each cipher. This may make sense for things like DES but
-      for variable length ciphers like RC2 and RC4 it is NBG. Need a way to
-      use the EVP interface and set up the cipher parameters. The ASN1 stuff
-      is also foo wrt ciphers whose AlgorithmIdentifier has more than just
-      an IV in it (e.g. RC2, RC5). This also means that EVP_Seal and EVP_Open
-      don't work unless the key length matches the fixed value (some vendors
-      use a key length decided by the size of the RSA encrypted key and expect
-      RC2 to adapt).
-
-    o Properly initialize the PRNG in the absence of /dev/random.
-
-    o ERR_error_string(..., buf) does not know how large buf is,
-      there should be ERR_error_string_n(..., buf, bufsize)
-      or similar.
-
-  WISHES
-
-    o 
--- a/1548
+++ b/1548
--- a/28
+++ b/28
@@ -0,0 +1,28 @@
+- The loading of the netscape RC4 encrypted key is a crock of pig pellets.
+  It will be reworked along with a nice general mechanism for encrypting
+  ASN.1 stuff. [ Jun 96 ] I've cleaned up private keys internally but
+  still have not done PKCS#8 support.
+
+- Winsock support in s_client/s_server for windows nt/3.1 is a crock.
+  I will probably not get this fixed for a while, it is just there so
+  I could test things.
+
+- Be able to generate DSS certificates.
+
+- Add CRL to the X509 verification stuff, this will probably be added with
+  SSLv3.
+
+ X509 callback.  I need to callback the application to retrieve certificates
+  and CRL.
+
+*<- designates the things I'm activly working on.
+<- designates that which I have next in the queue.
+
+====
+
+X509v3 extensions
+verify certificate chains
+X509 cert lookup methods
+RSA/DSA/DH methods mostly for smart cards
+dsa cert generation
+
--- a/24
+++ b/24
@@ -0,0 +1,24 @@
+SSLeay 0.8.1
+	- Mostly bug fixes.  There is an Ephemeral DH cipher problem which
+	  is fixed.
+
+SSLeay 0.8.0
+	- New release, for those that are wondering what happend to
+	  0.7.x, call it our internal development version :-)
+	- There have been lots of changes, mostly the addition of SSLv3.
+	- There have been many additions from people and amongst
+	  others, C2Net has assisted greatly.
+
+SSLeay 0.6.6
+	SSLeay 0.8.0 is not upward compatable with SSLeay 0.6.6, so
+	if your application requires 0.6.6, use it.  There have been
+	lots of bug fixes to 0.8.x that have not been applied to 0.6.6
+	so use 0.8.0+ in preference.
+
+PORTING 0.6.6 to 0.8.0
+	I'll be documenting this over the next few weeks but as
+	pressures have been increasing for making SSLv3 support
+	available I'm shipping it without this documentation as I
+	basically have not had time to write it (too busy earning a
+	living :-)
+
--- a/VMS/TODO
+++ b/VMS/TODO
@@ -1,18 +0,0 @@
-TODO:
-=====
-
-There are a few things that need to be worked out in the VMS version of
-OpenSSL, still:
-
- Description files. ("Makefile's" :-))
- Script code to link an already compiled build tree.
- A VMSINSTALlable version (way in the future, unless someone else hacks).
- shareable images (DLL for you Windows folks).
-
-There may be other things that I have missed and that may be desirable.
-Please send mail to <openssl-users@openssl.org> or to me directly if you
-have any ideas.
-
--
-Richard Levitte <richard@levitte.org>
-1999-05-24
--- a/VMS/WISHLIST.TXT
+++ b/VMS/WISHLIST.TXT
@@ -1,4 +0,0 @@
-* Have the building procedure contain a LINK-only possibility.
-  Wished by Mark Daniel <mark.daniel@dsto.defence.gov.au>
-
-  One way to enable that is also to go over to DESCRIP.MMS files.
--- a/VMS/install.com
+++ b/VMS/install.com
@@ -1,71 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte <richard@levitte.org>
-$! Time of creation: 23-MAY-1998 19:22
-$!
-$! P1	root of the directory tree
-$!
-$	IF P1 .EQS. ""
-$	THEN
-$	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
-$	    EXIT
-$	ENDIF
-$
-$	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
-		   - "[000000." - "][" - "[" - "]"
-$	ROOT = ROOT_DEV + "[" + ROOT_DIR
-$
-$	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
-$	DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
-$	DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
-$	DEFINE/NOLOG WRK_SSLCERTS WRK_SSLROOT:[CERTS]
-$	DEFINE/NOLOG WRK_SSLPRIVATE WRK_SSLROOT:[PRIVATE]
-$
-$	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLINCLUDE:
-$	IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLROOT:[VMS]
-$
-$	EXHEADER := vms_idhacks.h
-$
-$	COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG
-$
-$	OPEN/WRITE SF WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM
-$	WRITE SYS$OUTPUT "%OPEN-I-CREATED,  ",F$SEARCH("WRK_SSLROOT:[VMS]OPENSSL_STARTUP.COM")," created."
-$	WRITE SF "$! Startup file for Openssl 0.9.2-RL 15-Mar-1999"
-$	WRITE SF "$!"
-$	WRITE SF "$! Do not edit this file, as it will be regenerated during next installation."
-$	WRITE SF "$! Instead, add or change SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$	WRITE SF "$!"
-$	WRITE SF "$! P1	a qualifier to DEFINE.  For example ""/SYSTEM"" to get the logical names"
-$	WRITE SF "$!	defined in the system logical name table."
-$	WRITE SF "$!"
-$	WRITE SF "$	ARCH = ""VAX"""
-$	WRITE SF "$	IF F$GETSYI(""CPU"") .GE. 128 THEN ARCH = ""ALPHA"""
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLROOT		",ROOT,".] /TRANS=CONC"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLLIB		SSLROOT:['ARCH'_LIB]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLINCLUDE	SSLROOT:[INCLUDE]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLEXE		SSLROOT:['ARCH'_EXE]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLCERTS	SSLROOT:[CERTS]"
-$	WRITE SF "$	DEFINE/NOLOG'P1	SSLPRIVATE	SSLROOT:[PRIVATE]"
-$	WRITE SF "$"
-$	WRITE SF "$!	This is program can include <openssl/{foo}.h>"
-$	WRITE SF "$	DEFINE/NOLOG'P1	OPENSSL		SSLINCLUDE:"
-$	WRITE SF "$"
-$	WRITE SF "$	IF F$SEARCH(""SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"") .NES."""" THEN -"
-$	WRITE SF "	   @SSLROOT:[VMS]OPENSSL_SYSTARTUP.COM"
-$	WRITE SF "$"
-$	WRITE SF "$	EXIT"
-$	CLOSE SF
-$
-$	COPY OPENSSL_UTILS.COM WRK_SSLROOT:[VMS]/LOG
-$
-$	EXIT
--- a/VMS/multinet_shr.opt
+++ b/VMS/multinet_shr.opt
@@ -1 +0,0 @@
-multinet:multinet_socket_library.exe/share
--- a/VMS/openssl_utils.com
+++ b/VMS/openssl_utils.com
@@ -1,38 +0,0 @@
-$!
-$!  APPS.COM
-$!  Written By:  Robert Byer
-$!               Vice-President
-$!               A-Com Computing, Inc.
-$!               byer@mail.all-net.net
-$!
-$!
-$! Slightly modified by Richard Levitte <richard@levitte.org>
-$!
-$ OPENSSL  :== $SSLEXE:OPENSSL
-$ VERIFY   :== $SSLEXE:OPENSSL VERIFY
-$ ASN1PARSE:== $SSLEXE:OPENSSL ASN1PARS
-$ REQ      :== $SSLEXE:OPENSSL REQ
-$ DGST     :== $SSLEXE:OPENSSL DGST
-$ DH       :== $SSLEXE:OPENSSL DH
-$ ENC      :== $SSLEXE:OPENSSL ENC
-$ GENDH    :== $SSLEXE:OPENSSL GENDH
-$ ERRSTR   :== $SSLEXE:OPENSSL ERRSTR
-$ CA       :== $SSLEXE:OPENSSL CA
-$ CRL      :== $SSLEXE:OPENSSL CRL
-$ RSA      :== $SSLEXE:OPENSSL RSA
-$ DSA      :== $SSLEXE:OPENSSL DSA
-$ DSAPARAM :== $SSLEXE:OPENSSL DSAPARAM
-$ X509     :== $SSLEXE:OPENSSL X509
-$ GENRSA   :== $SSLEXE:OPENSSL GENRSA
-$ GENDSA   :== $SSLEXE:OPENSSL GENDSA
-$ S_SERVER :== $SSLEXE:OPENSSL S_SERVER
-$ S_CLIENT :== $SSLEXE:OPENSSL S_CLIENT
-$ SPEED    :== $SSLEXE:OPENSSL SPEED
-$ S_TIME   :== $SSLEXE:OPENSSL S_TIME
-$ VERSION  :== $SSLEXE:OPENSSL VERSION
-$ PKCS7    :== $SSLEXE:OPENSSL PKCS7
-$ CRL2PKCS7:== $SSLEXE:OPENSSL CRL2P7
-$ SESS_ID  :== $SSLEXE:OPENSSL SESS_ID
-$ CIPHERS  :== $SSLEXE:OPENSSL CIPHERS
-$ NSEQ     :== $SSLEXE:OPENSSL NSEQ
-$ PKCS12   :== $SSLEXE:OPENSSL PKCS12
--- a/VMS/socketshr_shr.opt
+++ b/VMS/socketshr_shr.opt
@@ -1 +0,0 @@
-socketshr/share
--- a/VMS/ucx_shr_decc.opt
+++ b/VMS/ucx_shr_decc.opt
@@ -1 +0,0 @@
-sys$share:ucx$ipc_shr.exe/share
--- a/VMS/ucx_shr_decc_log.opt
+++ b/VMS/ucx_shr_decc_log.opt
@@ -1 +0,0 @@
-ucx$ipc_shr/share
--- a/VMS/ucx_shr_vaxc.opt
+++ b/VMS/ucx_shr_vaxc.opt
@@ -1 +0,0 @@
-sys$library:ucx$ipc.olb/library
--- a/VMS/vms_idhacks.h
+++ b/VMS/vms_idhacks.h
@@ -1,126 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_VMS_IDHACKS_H
-#define HEADER_VMS_IDHACKS_H
-
-#ifdef VMS
-
-/* Hack the names created with DECLARE_STACK_OF(PKCS7_SIGNER_INFO) */
-#define sk_PKCS7_SIGNER_INFO_new	sk_PKCS7_SIGINF_new
-#define sk_PKCS7_SIGNER_INFO_new_null	sk_PKCS7_SIGINF_new_null
-#define sk_PKCS7_SIGNER_INFO_free	sk_PKCS7_SIGINF_free
-#define sk_PKCS7_SIGNER_INFO_num	sk_PKCS7_SIGINF_num
-#define sk_PKCS7_SIGNER_INFO_value	sk_PKCS7_SIGINF_value
-#define sk_PKCS7_SIGNER_INFO_set	sk_PKCS7_SIGINF_set
-#define sk_PKCS7_SIGNER_INFO_zero	sk_PKCS7_SIGINF_zero
-#define sk_PKCS7_SIGNER_INFO_push	sk_PKCS7_SIGINF_push
-#define sk_PKCS7_SIGNER_INFO_unshift	sk_PKCS7_SIGINF_unshift
-#define sk_PKCS7_SIGNER_INFO_find	sk_PKCS7_SIGINF_find
-#define sk_PKCS7_SIGNER_INFO_delete	sk_PKCS7_SIGINF_delete
-#define sk_PKCS7_SIGNER_INFO_delete_ptr	sk_PKCS7_SIGINF_delete_ptr
-#define sk_PKCS7_SIGNER_INFO_insert	sk_PKCS7_SIGINF_insert
-#define sk_PKCS7_SIGNER_INFO_set_cmp_func	sk_PKCS7_SIGINF_set_cmp_func
-#define sk_PKCS7_SIGNER_INFO_dup	sk_PKCS7_SIGINF_dup
-#define sk_PKCS7_SIGNER_INFO_pop_free	sk_PKCS7_SIGINF_pop_free
-#define sk_PKCS7_SIGNER_INFO_shift	sk_PKCS7_SIGINF_shift
-#define sk_PKCS7_SIGNER_INFO_pop	sk_PKCS7_SIGINF_pop
-#define sk_PKCS7_SIGNER_INFO_sort	sk_PKCS7_SIGINF_sort
-
-/* Hack the names created with DECLARE_STACK_OF(PKCS7_RECIP_INFO) */
-#define sk_PKCS7_RECIP_INFO_new		sk_PKCS7_RECINF_new
-#define sk_PKCS7_RECIP_INFO_new_null	sk_PKCS7_RECINF_new_null
-#define sk_PKCS7_RECIP_INFO_free	sk_PKCS7_RECINF_free
-#define sk_PKCS7_RECIP_INFO_num		sk_PKCS7_RECINF_num
-#define sk_PKCS7_RECIP_INFO_value	sk_PKCS7_RECINF_value
-#define sk_PKCS7_RECIP_INFO_set		sk_PKCS7_RECINF_set
-#define sk_PKCS7_RECIP_INFO_zero	sk_PKCS7_RECINF_zero
-#define sk_PKCS7_RECIP_INFO_push	sk_PKCS7_RECINF_push
-#define sk_PKCS7_RECIP_INFO_unshift	sk_PKCS7_RECINF_unshift
-#define sk_PKCS7_RECIP_INFO_find	sk_PKCS7_RECINF_find
-#define sk_PKCS7_RECIP_INFO_delete	sk_PKCS7_RECINF_delete
-#define sk_PKCS7_RECIP_INFO_delete_ptr	sk_PKCS7_RECINF_delete_ptr
-#define sk_PKCS7_RECIP_INFO_insert	sk_PKCS7_RECINF_insert
-#define sk_PKCS7_RECIP_INFO_set_cmp_func	sk_PKCS7_RECINF_set_cmp_func
-#define sk_PKCS7_RECIP_INFO_dup		sk_PKCS7_RECINF_dup
-#define sk_PKCS7_RECIP_INFO_pop_free	sk_PKCS7_RECINF_pop_free
-#define sk_PKCS7_RECIP_INFO_shift	sk_PKCS7_RECINF_shift
-#define sk_PKCS7_RECIP_INFO_pop		sk_PKCS7_RECINF_pop
-#define sk_PKCS7_RECIP_INFO_sort	sk_PKCS7_RECINF_sort
-
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
-#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO i2d_ASN1_SET_OF_PKCS7_SIGINF
-#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO d2i_ASN1_SET_OF_PKCS7_SIGINF
-
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
-#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO i2d_ASN1_SET_OF_PKCS7_RECGINF
-#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO d2i_ASN1_SET_OF_PKCS7_RECGINF
-
-/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
-#define PEM_read_NETSCAPE_CERT_SEQUENCE		PEM_read_NS_CERT_SEQUENCE
-#define PEM_write_NETSCAPE_CERT_SEQUENCE	PEM_write_NS_CERT_SEQUENCE
-#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE	PEM_read_bio_NS_CERT_SEQUENCE
-#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE	PEM_write_bio_NS_CERT_SEQUENCE
-#define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE	PEM_write_cb_bio_NS_CERT_SEQUENCE
-
-/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
-#define PEM_read_PKCS8_PRIV_KEY_INFO		PEM_read_P8_PRIV_KEY_INFO
-#define PEM_write_PKCS8_PRIV_KEY_INFO		PEM_write_P8_PRIV_KEY_INFO
-#define PEM_read_bio_PKCS8_PRIV_KEY_INFO	PEM_read_bio_P8_PRIV_KEY_INFO
-#define PEM_write_bio_PKCS8_PRIV_KEY_INFO	PEM_write_bio_P8_PRIV_KEY_INFO
-#define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO	PEM_write_cb_bio_P8_PRIV_KEY_INFO
-
-#endif /* defined VMS */
-
-#endif /* ! defined HEADER_VMS_IDHACKS_H */
--- a/apps/.cvsignore
+++ b/apps/.cvsignore
@@ -1,4 +0,0 @@
-openssl
-Makefile.save
-der_chop
-der_chop.bak
--- a/apps/CA.com
+++ b/apps/CA.com
@@ -1,200 +0,0 @@
-$! CA - wrapper around ca to make it easier to use ... basically ca requires
-$!      some setup stuff to be done before you can use it and this makes
-$!      things easier between now and when Eric is convinced to fix it :-)
-$!
-$! CA -newca ... will setup the right stuff
-$! CA -newreq ... will generate a certificate request 
-$! CA -sign ... will sign the generated request and output 
-$!
-$! At the end of that grab newreq.pem and newcert.pem (one has the key 
-$! and the other the certificate) and cat them together and that is what
-$! you want/need ... I'll make even this a little cleaner later.
-$!
-$!
-$! 12-Jan-96 tjh    Added more things ... including CA -signcert which
-$!                  converts a certificate to a request and then signs it.
-$! 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-$!                 environment variable so this can be driven from
-$!                 a script.
-$! 25-Jul-96 eay    Cleaned up filenames some more.
-$! 11-Jun-96 eay    Fixed a few filename missmatches.
-$! 03-May-96 eay    Modified to use 'openssl cmd' instead of 'cmd'.
-$! 18-Apr-96 tjh    Original hacking
-$!
-$! Tim Hudson
-$! tjh@cryptsoft.com
-$!
-$!
-$! default ssleay.cnf file has setup as per the following
-$! demoCA ... where everything is stored
-$
-$ IF F$TYPE(SSLEAY_CONFIG) .EQS. "" THEN SSLEAY_CONFIG := SSLLIB:SSLEAY.CNF
-$
-$ DAYS   = "-days 365"
-$ REQ    = openssl + " req " + SSLEAY_CONFIG
-$ CA     = openssl + " ca " + SSLEAY_CONFIG
-$ VERIFY = openssl + " verify"
-$ X509   = openssl + " x509"
-$ echo   = "write sys$Output"
-$!
-$ s = F$PARSE(F$ENVIRONMENT("DEFAULT"),"[]") - "].;"
-$ CATOP  := 's'.demoCA
-$ CAKEY  := ]cakey.pem
-$ CACERT := ]cacert.pem
-$
-$ __INPUT := SYS$COMMAND
-$ RET = 1
-$!
-$ i = 1
-$opt_loop:
-$ if i .gt. 8 then goto opt_loop_end
-$
-$ prog_opt = F$EDIT(P'i',"lowercase")
-$
-$ IF (prog_opt .EQS. "?" .OR. prog_opt .EQS. "-h" .OR. prog_opt .EQS. "-help") 
-$ THEN
-$   echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" 
-$   exit
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-input")
-$ THEN
-$   ! Get input from somewhere other than SYS$COMMAND
-$   i = i + 1
-$   __INPUT = P'i'
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newcert")
-$ THEN
-$   ! Create a certificate.
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   REQ -new -x509 -keyout newreq.pem -out newreq.pem 'DAYS'
-$   RET=$STATUS
-$   echo "Certificate (and private key) is in newreq.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newreq")
-$ THEN
-$   ! Create a certificate request
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   REQ -new -keyout newreq.pem -out newreq.pem 'DAYS'
-$   RET=$STATUS
-$   echo "Request (and private key) is in newreq.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-newca")
-$ THEN
-$   ! If explicitly asked for or it doesn't exist then setup the directory
-$   ! structure that Eric likes to manage things.
-$   IF F$SEARCH(CATOP+"]serial.") .EQS. ""
-$   THEN
-$     CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP']
-$     CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.certs]
-$     CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.crl]
-$     CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.newcerts]
-$     CREATE /DIR /PROTECTION=OWNER:RWED 'CATOP'.private]
-$     OPEN   /WRITE ser_file 'CATOP']serial. 
-$     WRITE ser_file "01"
-$     CLOSE ser_file
-$     APPEND/NEW NL: 'CATOP']index.txt
-$   ENDIF
-$!
-$   IF F$SEARCH(CATOP+".private"+CAKEY) .EQS. ""
-$   THEN
-$     READ '__INPUT' FILE -
-	   /PROMT="CA certificate filename (or enter to create)"
-$     IF F$SEARCH(FILE) .NES. ""
-$     THEN
-$       COPY 'FILE' 'CATOP'.private'CAKEY'
-$	RET=$STATUS
-$     ELSE
-$       echo "Making CA certificate ..."
-$       DEFINE/USER SYS$INPUT '__INPUT'
-$       REQ -new -x509 -keyout 'CATOP'.private'CAKEY' -
-		       -out 'CATOP''CACERT' 'DAYS'
-$	RET=$STATUS
-$     ENDIF
-$   ENDIF
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-xsign")
-$ THEN
-$!
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -infiles newreq.pem
-$   RET=$STATUS
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF ((prog_opt .EQS. "-sign") .OR. (prog_opt .EQS. "-signreq"))
-$ THEN
-$!   
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -out newcert.pem -infiles newreq.pem
-$   RET=$STATUS
-$   type newcert.pem
-$   echo "Signed certificate is in newcert.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-signcert")
-$  THEN
-$!   
-$   echo "Cert passphrase will be requested twice - bug?"
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
-$   DEFINE/USER SYS$INPUT '__INPUT'
-$   CA -policy policy_anything -out newcert.pem -infiles tmp.pem
-y
-y
-$   type newcert.pem
-$   echo "Signed certificate is in newcert.pem"
-$   GOTO opt_loop_continue
-$ ENDIF
-$!
-$ IF (prog_opt .EQS. "-verify")
-$ THEN
-$!   
-$   i = i + 1
-$   IF (p'i' .EQS. "")
-$   THEN
-$     DEFINE/USER SYS$INPUT '__INPUT'
-$     VERIFY "-CAfile" 'CATOP''CACERT' newcert.pem
-$   ELSE
-$     j = i
-$    verify_opt_loop:
-$     IF j .GT. 8 THEN GOTO verify_opt_loop_end
-$     IF p'j' .NES. ""
-$     THEN 
-$       DEFINE/USER SYS$INPUT '__INPUT'
-$       __tmp = p'j'
-$       VERIFY "-CAfile" 'CATOP''CACERT' '__tmp'
-$       tmp=$STATUS
-$       IF tmp .NE. 0 THEN RET=tmp
-$     ENDIF
-$     j = j + 1
-$     GOTO verify_opt_loop
-$    verify_opt_loop_end:
-$   ENDIF
-$   
-$   GOTO opt_loop_end
-$ ENDIF
-$!
-$ IF (prog_opt .NES. "")
-$ THEN
-$!   
-$   echo "Unknown argument ''prog_opt'"
-$   
-$   EXIT 3
-$ ENDIF
-$
-$opt_loop_continue:
-$ i = i + 1
-$ GOTO opt_loop
-$
-$opt_loop_end:
-$ EXIT 'RET'
--- a/apps/CA.pl
+++ b/apps/CA.pl
@@ -1,153 +0,0 @@
-#!/usr/local/bin/perl
-#
-# CA - wrapper around ca to make it easier to use ... basically ca requires
-#      some setup stuff to be done before you can use it and this makes
-#      things easier between now and when Eric is convinced to fix it :-)
-#
-# CA -newca ... will setup the right stuff
-# CA -newreq ... will generate a certificate request 
-# CA -sign ... will sign the generated request and output 
-#
-# At the end of that grab newreq.pem and newcert.pem (one has the key 
-# and the other the certificate) and cat them together and that is what
-# you want/need ... I'll make even this a little cleaner later.
-#
-#
-# 12-Jan-96 tjh    Added more things ... including CA -signcert which
-#                  converts a certificate to a request and then signs it.
-# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
-#		   environment variable so this can be driven from
-#		   a script.
-# 25-Jul-96 eay    Cleaned up filenames some more.
-# 11-Jun-96 eay    Fixed a few filename missmatches.
-# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
-# 18-Apr-96 tjh    Original hacking
-#
-# Tim Hudson
-# tjh@cryptsoft.com
-#
-
-# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
-#
-#
-# Steve Henson
-# shenson@bigfoot.com
-
-# default openssl.cnf file has setup as per the following
-# demoCA ... where everything is stored
-
-$DAYS="-days 365";
-$REQ="openssl req $SSLEAY_CONFIG";
-$CA="openssl ca $SSLEAY_CONFIG";
-$VERIFY="openssl verify";
-$X509="openssl x509";
-
-$CATOP="./demoCA";
-$CAKEY="cakey.pem";
-$CACERT="cacert.pem";
-
-$DIRMODE = 0777;
-
-$RET = 0;
-
-foreach (@ARGV) {
-	if ( /^(-\?|-h|-help)$/ ) {
-	    print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
-	    exit 0;
-	} elsif (/^-newcert$/) {
-	    # create a certificate
-	    system ("$REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Certificate (and private key) is in newreq.pem\n"
-	} elsif (/^-newreq$/) {
-	    # create a certificate request
-	    system ("$REQ -new -keyout newreq.pem -out newreq.pem $DAYS");
-	    $RET=$?;
-	    print "Request (and private key) is in newreq.pem\n";
-	} elsif (/^-newca$/) {
-		# if explictly asked for or it doesn't exist then setup the
-		# directory structure that Eric likes to manage things 
-	    $NEW="1";
-	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
-		# create the directory hierarchy
-		mkdir $CATOP, $DIRMODE;
-		mkdir "${CATOP}/certs", $DIRMODE;
-		mkdir "${CATOP}/crl", $DIRMODE ;
-		mkdir "${CATOP}/newcerts", $DIRMODE;
-		mkdir "${CATOP}/private", $DIRMODE;
-		open OUT, ">${CATOP}/serial";
-		print OUT "01\n";
-		close OUT;
-		open OUT, ">${CATOP}/index.txt";
-		close OUT;
-	    }
-	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
-		print "CA certificate filename (or enter to create)\n";
-		$FILE = <STDIN>;
-
-		chop $FILE;
-
-		# ask user for existing CA certificate
-		if ($FILE) {
-		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
-		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
-		    $RET=$?;
-		} else {
-		    print "Making CA certificate ...\n";
-		    system ("$REQ -new -x509 -keyout " .
-			"${CATOP}/private/$CAKEY -out ${CATOP}/$CACERT $DAYS");
-		    $RET=$?;
-		}
-	    }
-	} elsif (/^-xsign$/) {
-	    system ("$CA -policy policy_anything -infiles newreq.pem");
-	    $RET=$?;
-	} elsif (/^(-sign|-signreq)$/) {
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles newreq.pem");
-	    $RET=$?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-signcert$/) {
-	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
-								"-out tmp.pem");
-	    system ("$CA -policy policy_anything -out newcert.pem " .
-							"-infiles tmp.pem");
-	    $RET = $?;
-	    print "Signed certificate is in newcert.pem\n";
-	} elsif (/^-verify$/) {
-	    if (shift) {
-		foreach $j (@ARGV) {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
-		    $RET=$? if ($? != 0);
-		}
-		exit $RET;
-	    } else {
-		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
-		    $RET=$?;
-	    	    exit 0;
-	    }
-	} else {
-	    print STDERR "Unknown arg $_\n";
-	    print STDERR "usage: CA -newcert|-newreq|-newca|-sign|-verify\n";
-	    exit 1;
-	}
-}
-
-exit $RET;
-
-sub cp_pem {
-my ($infile, $outfile, $bound) = @_;
-open IN, $infile;
-open OUT, ">$outfile";
-my $flag = 0;
-while (<IN>) {
-	$flag = 1 if (/^-----BEGIN.*$bound/) ;
-	print OUT $_ if ($flag);
-	if (/^-----END.*$bound/) {
-		close IN;
-		close OUT;
-		return;
-	}
-}
-}
-
--- a/apps/CA.sh
+++ b/apps/CA.sh
@@ -27,14 +27,14 @@
 # tjh@cryptsoft.com
 #

-# default openssl.cnf file has setup as per the following
+# default ssleay.cnf file has setup as per the following
 # demoCA ... where everything is stored

 DAYS="-days 365"
-REQ="openssl req $SSLEAY_CONFIG"
-CA="openssl ca $SSLEAY_CONFIG"
-VERIFY="openssl verify"
-X509="openssl x509"
+REQ="ssleay req $SSLEAY_CONFIG"
+CA="ssleay ca $SSLEAY_CONFIG"
+VERIFY="ssleay verify"
+X509="ssleay x509"

 CATOP=./demoCA
 CAKEY=./cakey.pem
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -1,5 +1,5 @@
 #
-#  apps/Makefile.ssl
+# SSLeay/apps/Makefile.ssl
 #

 DIR=		apps
@@ -7,39 +7,36 @@ TOP=		..
 CC=		cc
 INCLUDES=	-I../include
 CFLAG=		-g -static
-INSTALL_PREFIX=
 INSTALLTOP=	/usr/local/ssl
-OPENSSLDIR=	/usr/local/ssl
 MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
+MAKEDEPEND=	makedepend -f Makefile.ssl
 MAKEFILE=	Makefile.ssl
-RM=		rm -f
+RM=		/bin/rm -f

 PEX_LIBS=
 EX_LIBS= 

 CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)

-GENERAL=Makefile makeapps.com install.com
+GENERAL=Makefile

 DLIBCRYPTO=../libcrypto.a
 DLIBSSL=../libssl.a
 LIBCRYPTO=-L.. -lcrypto
 LIBSSL=-L.. -lssl

-PROGRAM= openssl
+SSLEAY= ssleay

-SCRIPTS=CA.sh CA.pl der_chop
+SCRIPTS=CA.sh der_chop

-EXE= $(PROGRAM)
+EXE= $(SSLEAY)

-E_EXE=	verify asn1pars req dgst dh enc gendh errstr ca crl \
+E_EXE=	verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
 	rsa dsa dsaparam \
-	x509 genrsa gendsa s_server s_client speed \
-	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8
+	x509 genrsa s_server s_client speed \
+	s_time version pkcs7 crl2pkcs7 sess_id ciphers

-PROGS= $(PROGRAM).c
+PROGS= $(SSLEAY).c

 A_OBJ=apps.o
 A_SRC=apps.c
@@ -47,20 +44,20 @@ S_OBJ=	s_cb.o s_socket.o
 S_SRC=	s_cb.c s_socket.c

 E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
-	pkcs7.o crl2p7.o crl.o \
+	gendsa.o pkcs7.o crl2p7.o crl.o \
 	rsa.o dsa.o dsaparam.o \
-	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
+	x509.o genrsa.o s_server.o s_client.o speed.o \
 	s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o
+	ciphers.o

 #	pem_mail.o

 E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
-	pkcs7.c crl2p7.c crl.c \
+	gendsa.c pkcs7.c crl2p7.c crl.c \
 	rsa.c dsa.c dsaparam.c \
-	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
+	x509.c genrsa.c s_server.c s_client.c speed.c \
 	s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c
+	ciphers.c

 #	pem_mail.c

@@ -87,23 +84,20 @@ sreq.o: req.c
 	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c

 files:
-	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO

-install:
-	@for i in $(EXE); \
+install: mklinks
+	@for i in $(EXE) $(SCRIPTS) mklinks; \
 	do  \
 	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
-	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
-	 done;
-	@for i in $(SCRIPTS); \
-	do  \
-	(echo installing $$i; \
-	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \
-	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
-	 done
-	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR); \
-	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+	 cp $$i $(INSTALLTOP)/bin/$$i; \
+	 chmod 755 $(INSTALLTOP)/bin/$$i ); \
+	 done; \
+	cp ssleay.cnf $(INSTALLTOP)/lib
+	chmod 644 $(INSTALLTOP)/lib/ssleay.cnf
+	cd $(INSTALLTOP)/bin; \
+	/bin/sh ./mklinks; \
+	/bin/rm -f ./mklinks

 tags:
 	ctags $(SRC)
@@ -111,21 +105,24 @@ tags:
 tests:

 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;

 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff

 depend:
-	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC)

 dclean:
-	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
 	mv -f Makefile.new $(MAKEFILE)

+errors:
+
 clean:
-	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
-	rm -f req
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+	/bin/rm -f req

 $(DLIBSSL):
 	(cd ../ssl; $(MAKE))
@@ -133,595 +130,15 @@ $(DLIBSSL):
 $(DLIBCRYPTO):
 	(cd ../crypto; $(MAKE))

-$(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
-	$(RM) $(PROGRAM)
-	$(CC) -o $(PROGRAM) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
-	@(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; sh tools/c_rehash certs)
+$(SSLEAY): progs.h $(E_OBJ) $(SSLEAY).o $(DLIBCRYPTO) $(DLIBSSL)
+	$(RM) $(SSLEAY)
+	$(CC) -o $(SSLEAY) $(CFLAGS) $(SSLEAY).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)

 progs.h:
-	$(PERL) ./progs.pl $(E_EXE) >progs.h
-	$(RM) $(PROGRAM).o
+	perl ./g_ssleay.pl $(E_EXE) >progs.h
+	$(RM) $(SSLEAY).o
+
+mklinks:
+	perl ./g_ssleay.pl $(E_EXE) >progs.h

 # DO NOT DELETE THIS LINE -- make depend depends on it.
-
-apps.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-apps.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
-apps.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
-apps.o: ../include/openssl/opensslv.h ../include/openssl/stack.h apps.h progs.h
-asn1pars.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-asn1pars.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-asn1pars.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-asn1pars.o: ../include/openssl/crypto.h ../include/openssl/des.h
-asn1pars.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-asn1pars.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
-asn1pars.o: ../include/openssl/idea.h ../include/openssl/md2.h
-asn1pars.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-asn1pars.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-asn1pars.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-asn1pars.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-asn1pars.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h
-asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-asn1pars.o: progs.h
-ca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ca.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ca.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-ca.o: ../include/openssl/des.h ../include/openssl/dh.h ../include/openssl/dsa.h
-ca.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-ca.o: ../include/openssl/err.h ../include/openssl/evp.h
-ca.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ca.o: ../include/openssl/md2.h ../include/openssl/md5.h
-ca.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ca.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ca.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ca.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ca.o: ../include/openssl/stack.h ../include/openssl/txt_db.h
-ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-ca.o: ../include/openssl/x509v3.h apps.h progs.h
-ciphers.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-ciphers.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-ciphers.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-ciphers.o: ../include/openssl/crypto.h ../include/openssl/des.h
-ciphers.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-ciphers.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-ciphers.o: ../include/openssl/err.h ../include/openssl/evp.h
-ciphers.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-ciphers.o: ../include/openssl/md2.h ../include/openssl/md5.h
-ciphers.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-ciphers.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-ciphers.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-ciphers.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-ciphers.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-ciphers.o: progs.h
-crl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-crl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-crl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-crl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-crl.o: ../include/openssl/des.h ../include/openssl/dh.h
-crl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-crl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-crl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-crl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-crl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-crl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-crl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-crl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-crl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-crl.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-crl.o: ../include/openssl/x509v3.h apps.h progs.h
-crl2p7.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-crl2p7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-crl2p7.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-crl2p7.o: ../include/openssl/crypto.h ../include/openssl/des.h
-crl2p7.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-crl2p7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
-crl2p7.o: ../include/openssl/idea.h ../include/openssl/md2.h
-crl2p7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-crl2p7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-crl2p7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-crl2p7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-crl2p7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-crl2p7.o: progs.h
-dgst.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dgst.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dgst.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dgst.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dgst.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dgst.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
-dgst.o: ../include/openssl/idea.h ../include/openssl/md2.h
-dgst.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dgst.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dgst.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dgst.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dgst.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dgst.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-dh.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dh.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dh.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dh.o: ../include/openssl/err.h ../include/openssl/evp.h
-dh.o: ../include/openssl/idea.h ../include/openssl/md2.h
-dh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dh.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dh.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dh.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-dsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsa.o: ../include/openssl/idea.h ../include/openssl/md2.h
-dsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-dsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-dsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-dsaparam.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-dsaparam.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-dsaparam.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-dsaparam.o: ../include/openssl/crypto.h ../include/openssl/des.h
-dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-dsaparam.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-dsaparam.o: ../include/openssl/err.h ../include/openssl/evp.h
-dsaparam.o: ../include/openssl/idea.h ../include/openssl/md2.h
-dsaparam.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-dsaparam.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-dsaparam.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-dsaparam.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-dsaparam.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-dsaparam.o: ../include/openssl/stack.h ../include/openssl/x509.h
-dsaparam.o: ../include/openssl/x509_vfy.h apps.h progs.h
-enc.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-enc.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-enc.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-enc.o: ../include/openssl/crypto.h ../include/openssl/des.h
-enc.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-enc.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-enc.o: ../include/openssl/err.h ../include/openssl/evp.h
-enc.o: ../include/openssl/idea.h ../include/openssl/md2.h
-enc.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-enc.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-enc.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-enc.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
-enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-errstr.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-errstr.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-errstr.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-errstr.o: ../include/openssl/crypto.h ../include/openssl/des.h
-errstr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-errstr.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-errstr.o: ../include/openssl/err.h ../include/openssl/evp.h
-errstr.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-errstr.o: ../include/openssl/md2.h ../include/openssl/md5.h
-errstr.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-errstr.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-errstr.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-errstr.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-errstr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-errstr.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-errstr.o: progs.h
-gendh.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-gendh.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-gendh.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-gendh.o: ../include/openssl/crypto.h ../include/openssl/des.h
-gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-gendh.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendh.o: ../include/openssl/idea.h ../include/openssl/md2.h
-gendh.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendh.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-gendh.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-gendh.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-gendh.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-gendh.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendh.o: ../include/openssl/stack.h ../include/openssl/x509.h
-gendh.o: ../include/openssl/x509_vfy.h apps.h progs.h
-gendsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-gendsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-gendsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-gendsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-gendsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-gendsa.o: ../include/openssl/idea.h ../include/openssl/md2.h
-gendsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-gendsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-gendsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-gendsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-gendsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-gendsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-gendsa.o: ../include/openssl/stack.h ../include/openssl/x509.h
-gendsa.o: ../include/openssl/x509_vfy.h apps.h progs.h
-genrsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-genrsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-genrsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-genrsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-genrsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-genrsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-genrsa.o: ../include/openssl/idea.h ../include/openssl/md2.h
-genrsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-genrsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-genrsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-genrsa.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-genrsa.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-genrsa.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-genrsa.o: ../include/openssl/stack.h ../include/openssl/x509.h
-genrsa.o: ../include/openssl/x509_vfy.h apps.h progs.h
-nseq.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-nseq.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-nseq.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-nseq.o: ../include/openssl/crypto.h ../include/openssl/des.h
-nseq.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-nseq.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
-nseq.o: ../include/openssl/idea.h ../include/openssl/md2.h
-nseq.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-nseq.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-nseq.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-nseq.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-nseq.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-nseq.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h
-nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-openssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-openssl.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-openssl.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-openssl.o: ../include/openssl/des.h ../include/openssl/dh.h
-openssl.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-openssl.o: ../include/openssl/evp.h ../include/openssl/idea.h
-openssl.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-openssl.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-openssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-openssl.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-openssl.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-openssl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-openssl.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-openssl.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h
-pkcs12.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs12.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs12.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs12.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs12.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-pkcs12.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs12.o: ../include/openssl/idea.h ../include/openssl/md2.h
-pkcs12.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs12.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-pkcs12.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs12.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs12.o: ../include/openssl/stack.h ../include/openssl/x509.h
-pkcs12.o: ../include/openssl/x509_vfy.h apps.h progs.h
-pkcs7.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs7.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs7.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs7.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs7.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-pkcs7.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs7.o: ../include/openssl/idea.h ../include/openssl/md2.h
-pkcs7.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs7.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-pkcs7.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-pkcs7.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-pkcs7.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h
-pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-pkcs8.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-pkcs8.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-pkcs8.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-pkcs8.o: ../include/openssl/crypto.h ../include/openssl/des.h
-pkcs8.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-pkcs8.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
-pkcs8.o: ../include/openssl/idea.h ../include/openssl/md2.h
-pkcs8.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-pkcs8.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
-pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-pkcs8.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h
-pkcs8.o: ../include/openssl/x509_vfy.h apps.h progs.h
-req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-req.o: ../include/openssl/des.h ../include/openssl/dh.h
-req.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-req.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-req.o: ../include/openssl/evp.h ../include/openssl/idea.h
-req.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-req.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-req.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-req.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-req.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-req.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-req.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-req.o: ../include/openssl/stack.h ../include/openssl/x509.h
-req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h progs.h
-rsa.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-rsa.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-rsa.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-rsa.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-rsa.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rsa.o: ../include/openssl/err.h ../include/openssl/evp.h
-rsa.o: ../include/openssl/idea.h ../include/openssl/md2.h
-rsa.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rsa.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rsa.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-rsa.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-rsa.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
-rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-s_cb.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_cb.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_cb.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_cb.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_cb.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_cb.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-s_cb.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_cb.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-s_cb.o: ../include/openssl/md2.h ../include/openssl/md5.h
-s_cb.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s_cb.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_cb.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_cb.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_cb.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h progs.h
-s_cb.o: s_apps.h
-s_client.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_client.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_client.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_client.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_client.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_client.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_client.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-s_client.o: ../include/openssl/md2.h ../include/openssl/md5.h
-s_client.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_client.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_client.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s_client.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_client.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_client.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_client.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_client.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-s_client.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_client.o: progs.h s_apps.h
-s_server.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_server.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_server.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_server.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_server.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_server.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-s_server.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_server.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-s_server.o: ../include/openssl/md2.h ../include/openssl/md5.h
-s_server.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_server.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s_server.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_server.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_server.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_server.o: progs.h s_apps.h
-s_socket.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_socket.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_socket.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_socket.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_socket.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_socket.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-s_socket.o: ../include/openssl/evp.h ../include/openssl/idea.h
-s_socket.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-s_socket.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-s_socket.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-s_socket.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-s_socket.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-s_socket.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-s_socket.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-s_socket.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-s_socket.o: ../include/openssl/sha.h ../include/openssl/ssl.h
-s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
-s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
-s_socket.o: ../include/openssl/tls1.h ../include/openssl/x509.h
-s_socket.o: ../include/openssl/x509_vfy.h apps.h progs.h s_apps.h
-s_time.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-s_time.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-s_time.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-s_time.o: ../include/openssl/crypto.h ../include/openssl/des.h
-s_time.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-s_time.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-s_time.o: ../include/openssl/err.h ../include/openssl/evp.h
-s_time.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-s_time.o: ../include/openssl/md2.h ../include/openssl/md5.h
-s_time.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-s_time.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-s_time.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-s_time.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-s_time.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-s_time.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-s_time.o: progs.h s_apps.h
-sess_id.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-sess_id.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-sess_id.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-sess_id.o: ../include/openssl/crypto.h ../include/openssl/des.h
-sess_id.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-sess_id.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-sess_id.o: ../include/openssl/err.h ../include/openssl/evp.h
-sess_id.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-sess_id.o: ../include/openssl/md2.h ../include/openssl/md5.h
-sess_id.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/rc2.h
-sess_id.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-sess_id.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-sess_id.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-sess_id.o: ../include/openssl/stack.h ../include/openssl/tls1.h
-sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-sess_id.o: progs.h
-speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-speed.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
-speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-speed.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-speed.o: ../include/openssl/err.h ../include/openssl/evp.h
-speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
-speed.o: ../include/openssl/md2.h ../include/openssl/md5.h
-speed.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-speed.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-speed.o: ../include/openssl/sha.h ../include/openssl/stack.h
-speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h
-speed.o: ./testrsa.h apps.h progs.h
-verify.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-verify.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-verify.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-verify.o: ../include/openssl/crypto.h ../include/openssl/des.h
-verify.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-verify.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-verify.o: ../include/openssl/err.h ../include/openssl/evp.h
-verify.o: ../include/openssl/idea.h ../include/openssl/md2.h
-verify.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-verify.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-verify.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-verify.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-verify.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-verify.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-verify.o: ../include/openssl/sha.h ../include/openssl/stack.h
-verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h
-verify.o: progs.h
-version.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-version.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-version.o: ../include/openssl/crypto.h ../include/openssl/des.h
-version.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-version.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-version.o: ../include/openssl/evp.h ../include/openssl/idea.h
-version.o: ../include/openssl/md2.h ../include/openssl/md5.h
-version.o: ../include/openssl/mdc2.h ../include/openssl/objects.h
-version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-version.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-version.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-version.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-version.o: ../include/openssl/sha.h ../include/openssl/stack.h apps.h progs.h
-x509.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-x509.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-x509.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-x509.o: ../include/openssl/des.h ../include/openssl/dh.h
-x509.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-x509.o: ../include/openssl/evp.h ../include/openssl/idea.h
-x509.o: ../include/openssl/lhash.h ../include/openssl/md2.h
-x509.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-x509.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-x509.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
-x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-x509.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-x509.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
-x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-x509.o: ../include/openssl/sha.h ../include/openssl/stack.h
-x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-x509.o: ../include/openssl/x509v3.h apps.h progs.h
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1,5 +1,5 @@
 /* apps/apps.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -65,13 +65,26 @@
 #include "apps.h"
 #undef NON_MAIN

-#ifdef WINDOWS
-#  include "bss_file.c"
+#ifdef WIN16
+#define APPS_WIN16
+#ifdef FLAT_BUILD
+#include "bss_file.c"
+#else
+#include "../crypto/bio/bss_file.c"
+#endif
 #endif

+#ifndef NOPROTO
 int app_init(long mesgwin);
+#else
+int app_init();
+#endif
+
 #ifdef undef /* never finished - probably never will be :-) */
-int args_from_file(char *file, int *argc, char **argv[])
+int args_from_file(file,argc,argv)
+char *file;
+int *argc;
+char **argv[];
 	{
 	FILE *fp;
 	int num,i;
@@ -149,7 +162,8 @@ int args_from_file(char *file, int *argc, char **argv[])
 	}
 #endif

-int str2fmt(char *s)
+int str2fmt(s)
+char *s;
 	{
 	if 	((*s == 'D') || (*s == 'd'))
 		return(FORMAT_ASN1);
@@ -164,7 +178,10 @@ int str2fmt(char *s)
 	}

 #if defined(MSDOS) || defined(WIN32) || defined(WIN16)
-void program_name(char *in, char *out, int size)
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
 	{
 	int i,n;
 	char *p=NULL;
@@ -201,28 +218,10 @@ void program_name(char *in, char *out, int size)
 	out[n]='\0';
 	}
 #else
-#ifdef VMS
-void program_name(char *in, char *out, int size)
-	{
-	char *p=in, *q;
-	char *chars=":]>";
-
-	while(*chars != '\0')
-		{
-		q=strrchr(p,*chars);
-		if (q > p)
-			p = q + 1;
-		chars++;
-		}
-
-	q=strrchr(p,'.');
-	if (q == NULL)
-		q = in+size;
-	strncpy(out,p,q-p);
-	out[q-p]='\0';
-	}
-#else
-void program_name(char *in, char *out, int size)
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
 	{
 	char *p;

@@ -235,25 +234,24 @@ void program_name(char *in, char *out, int size)
 	out[size-1]='\0';
 	}
 #endif
-#endif

 #ifdef WIN32
-int WIN32_rename(char *from, char *to)
+int WIN32_rename(from,to)
+char *from;
+char *to;
 	{
-#ifdef WINNT
 	int ret;
-/* Note: MoveFileEx() doesn't work under Win95, Win98 */

 	ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
 	return(ret?0:-1);
-#else
-	unlink(to);
-	return MoveFile(from, to);
-#endif
 	}
 #endif

-int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
+int chopup_args(arg,buf,argc,argv)
+ARGS *arg;
+char *buf;
+int *argc;
+char **argv[];
 	{
 	int num,len,i;
 	char *p;
@@ -319,7 +317,8 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
 	}

 #ifndef APP_INIT
-int app_init(long mesgwin)
+int app_init(mesgwin)
+long mesgwin;
 	{
 	return(1);
 	}
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -1,5 +1,5 @@
 /* apps/apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -59,14 +59,18 @@
 #ifndef HEADER_APPS_H
 #define HEADER_APPS_H

-#include "openssl/e_os.h"
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif

-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
 #include "progs.h"

-#ifdef NO_STDIO
+#ifdef WIN16
 BIO_METHOD *BIO_s_file();
 #endif

@@ -88,7 +92,7 @@ extern BIO *bio_err;
 #else

 #define MAIN(a,v)	PROG(a,v)
-#include <openssl/conf.h>
+#include "conf.h"
 extern LHASH *config;
 extern char *default_config_file;
 extern BIO *bio_err;
@@ -122,16 +126,25 @@ extern BIO *bio_err;
 #endif

 typedef struct args_st
-	{
-	char **data;
+        {
+        char **data;
 	int count;
-	} ARGS;
+        } ARGS;

+#ifndef NOPROTO
 int should_retry(int i);
 int args_from_file(char *file, int *argc, char **argv[]);
 int str2fmt(char *s);
 void program_name(char *in,char *out,int size);
 int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
+#else
+int should_retry();
+int args_from_file();
+int str2fmt();
+void program_name();
+int chopup_args();
+#endif
+
 #define FORMAT_UNDEF    0
 #define FORMAT_ASN1     1
 #define FORMAT_TEXT     2
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -1,5 +1,5 @@
 /* apps/asn1pars.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,59 +56,54 @@
 * [including the GNU Public Licence.]
 */

-/* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to 
- * add the -strparse option which parses nested binary structures
- */
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define FORMAT_UNDEF	0
+#define FORMAT_ASN1	1
+#define FORMAT_TEXT	2
+#define FORMAT_PEM	3

 /* -inform arg	- input format - default PEM (DER or PEM)
 * -in arg	- input file - default stdin
 * -i		- indent the details by depth
 * -offset	- where in the file to start
 * -length	- how many bytes to use
- * -oid file	- extra oid decription file
 */

 #undef PROG
 #define PROG	asn1parse_main

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
-	int i,badops=0,offset=0,ret=1,j;
+	int i,badops=0,offset=0,ret=1;
 	unsigned int length=0;
-	long num,tmplen;
-	BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
+	long num;
+	BIO *in=NULL,*out=NULL,*b64=NULL;
 	int informat,indent=0;
-	char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
-	unsigned char *tmpbuf;
+	char *infile,*str=NULL,*prog;
 	BUF_MEM *buf=NULL;
-	STACK *osk=NULL;
-	ASN1_TYPE *at=NULL;

+	infile=NULL;
 	informat=FORMAT_PEM;

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	prog=argv[0];
 	argc--;
 	argv++;
-	if ((osk=sk_new_null()) == NULL)
-		{
-		BIO_printf(bio_err,"Malloc failure\n");
-		goto end;
-		}
 	while (argc >= 1)
 		{
 		if 	(strcmp(*argv,"-inform") == 0)
@@ -121,20 +116,10 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			infile= *(++argv);
 			}
-		else if (strcmp(*argv,"-out") == 0)
-			{
-			if (--argc < 1) goto bad;
-			derfile= *(++argv);
-			}
 		else if (strcmp(*argv,"-i") == 0)
 			{
 			indent=1;
 			}
-		else if (strcmp(*argv,"-oid") == 0)
-			{
-			if (--argc < 1) goto bad;
-			oidfile= *(++argv);
-			}
 		else if (strcmp(*argv,"-offset") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -146,11 +131,6 @@ int MAIN(int argc, char **argv)
 			length= atoi(*(++argv));
 			if (length == 0) goto bad;
 			}
-		else if (strcmp(*argv,"-strparse") == 0)
-			{
-			if (--argc < 1) goto bad;
-			sk_push(osk,*(++argv));
-			}
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -167,15 +147,10 @@ bad:
 		BIO_printf(bio_err,"%s [options] <infile\n",prog);
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -offset arg   offset into file\n");
 		BIO_printf(bio_err," -length arg   lenth of section in file\n");
 		BIO_printf(bio_err," -i            indent entries\n");
-		BIO_printf(bio_err," -oid file     file of extra oid definitions\n");
-		BIO_printf(bio_err," -strparse offset\n");
-		BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
-		BIO_printf(bio_err,"               ASN1 blob wrappings\n");
-		BIO_printf(bio_err," -out filename output DER encoding to file\n");
 		goto end;
 		}

@@ -188,19 +163,7 @@ bad:
 		ERR_print_errors(bio_err);
 		goto end;
 		}
-	BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
-
-	if (oidfile != NULL)
-		{
-		if (BIO_read_filename(in,oidfile) <= 0)
-			{
-			BIO_printf(bio_err,"problems opening %s\n",oidfile);
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		OBJ_create_objects(in);
-		}
-
+	BIO_set_fp(out,stdout,BIO_NOCLOSE);
 	if (infile == NULL)
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 	else
@@ -212,14 +175,6 @@ bad:
 			}
 		}

-	if (derfile) {
-		if(!(derout = BIO_new_file(derfile, "wb"))) {
-			BIO_printf(bio_err,"problems opening %s\n",derfile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
-
 	if ((buf=BUF_MEM_new()) == NULL) goto end;
 	if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */

@@ -245,48 +200,7 @@ bad:
 		}
 	str=buf->data;

-	/* If any structs to parse go through in sequence */
-
-	if (sk_num(osk))
-		{
-		tmpbuf=(unsigned char *)str;
-		tmplen=num;
-		for (i=0; i<sk_num(osk); i++)
-			{
-			ASN1_TYPE *atmp;
-			j=atoi(sk_value(osk,i));
-			if (j == 0)
-				{
-				BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
-				continue;
-				}
-			tmpbuf+=j;
-			tmplen-=j;
-			atmp = at;
-			at = d2i_ASN1_TYPE(NULL,&tmpbuf,tmplen);
-			ASN1_TYPE_free(atmp);
-			if(!at)
-				{
-				BIO_printf(bio_err,"Error parsing structure\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			/* hmm... this is a little evil but it works */
-			tmpbuf=at->value.asn1_string->data;
-			tmplen=at->value.asn1_string->length;
-			}
-		str=(char *)tmpbuf;
-		num=tmplen;
-		}
-
 	if (length == 0) length=(unsigned int)num;
-	if(derout) {
-		if(BIO_write(derout, str + offset, length) != (int)length) {
-			BIO_printf(bio_err, "Error writing output\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	}
 	if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
 		{
 		ERR_print_errors(bio_err);
@@ -294,16 +208,12 @@ bad:
 		}
 	ret=0;
 end:
-	BIO_free(derout);
 	if (in != NULL) BIO_free(in);
 	if (out != NULL) BIO_free(out);
 	if (b64 != NULL) BIO_free(b64);
 	if (ret != 0)
 		ERR_print_errors(bio_err);
 	if (buf != NULL) BUF_MEM_free(buf);
-	if (at != NULL) ASN1_TYPE_free(at);
-	if (osk != NULL) sk_free(osk);
-	OBJ_cleanup();
 	EXIT(ret);
 	}

--- a/apps/bss_file.c
+++ b/apps/bss_file.c
@@ -0,0 +1,324 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define APPS_WIN16
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+	{
+	BIO_TYPE_FILE,"FILE pointer",
+	file_write,
+	file_read,
+	file_puts,
+	file_gets,
+	file_ctrl,
+	file_new,
+	file_free,
+	};
+
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+	{
+	BIO *ret;
+	FILE *file;
+
+	if ((file=fopen(filename,mode)) == NULL)
+		{
+		SYSerr(SYS_F_FOPEN,errno);
+		BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+		return(NULL);
+		}
+	if ((ret=BIO_new_fp(file,BIO_CLOSE)) == NULL)
+		{
+		fclose(file);
+		return(NULL);
+		}
+	return(ret);
+	}
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+	{
+	BIO *ret;
+
+	if ((ret=BIO_new(BIO_s_file())) == NULL)
+		return(NULL);
+	BIO_set_fp(ret,stream,close_flag);
+	return(ret);
+	}
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+
+BIO_METHOD *BIO_s_file()
+	{
+	return(&methods_filep);
+	}
+
+#else
+
+BIO_METHOD *BIO_s_file_internal_w16()
+	{
+	return(&methods_filep);
+	}
+
+#endif
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+	{
+	bi->init=0;
+	bi->num=0;
+	bi->ptr=NULL;
+	return(1);
+	}
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	if (a->shutdown)
+		{
+		if ((a->init) && (a->ptr != NULL))
+			{
+			fclose((FILE *)a->ptr);
+			a->ptr=NULL;
+			}
+		a->init=0;
+		}
+	return(1);
+	}
+	
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+
+	if (b->init && (out != NULL))
+		{
+		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+		}
+	return(ret);
+	}
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=0;
+
+	if (b->init && (in != NULL))
+		{
+		if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+			ret=inl;
+		/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+		/* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+		 * out version above can cause 'inl' write calls under
+		 * some stupid stdio implementations (VMS) */
+		}
+	return(ret);
+	}
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+	FILE *fp=(FILE *)b->ptr;
+	FILE **fpp;
+	char p[4];
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ret=(long)fseek(fp,num,0);
+		break;
+	case BIO_CTRL_EOF:
+		ret=(long)feof(fp);
+		break;
+	case BIO_CTRL_INFO:
+		ret=ftell(fp);
+		break;
+	case BIO_C_SET_FILE_PTR:
+		file_free(b);
+		b->shutdown=(int)num;
+		b->ptr=(char *)ptr;
+		b->init=1;
+		break;
+	case BIO_C_SET_FILENAME:
+		file_free(b);
+		b->shutdown=(int)num&BIO_CLOSE;
+		if (num & BIO_FP_APPEND)
+			{
+			if (num & BIO_FP_READ)
+				strcpy(p,"a+");
+			else	strcpy(p,"a");
+			}
+		else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+			strcpy(p,"r+");
+		else if (num & BIO_FP_WRITE)
+			strcpy(p,"w");
+		else if (num & BIO_FP_READ)
+			strcpy(p,"r");
+		else
+			{
+			BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+			ret=0;
+			break;
+			}
+#if defined(MSDOS) || defined(WINDOWS)
+		if (!(num & BIO_FP_TEXT))
+			strcat(p,"b");
+		else
+			strcat(p,"t");
+#endif
+		fp=fopen(ptr,p);
+		if (fp == NULL)
+			{
+			SYSerr(SYS_F_FOPEN,errno);
+			BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+			ret=0;
+			break;
+			}
+		b->ptr=(char *)fp;
+		b->init=1;
+		break;
+	case BIO_C_GET_FILE_PTR:
+		/* the ptr parameter is actually a FILE ** in this case. */
+		if (ptr != NULL)
+			{
+			fpp=(FILE **)ptr;
+			*fpp=(FILE *)b->ptr;
+			}
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=(long)b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_FLUSH:
+		fflush((FILE *)b->ptr);
+		break;
+	case BIO_CTRL_DUP:
+		ret=1;
+		break;
+
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_PUSH:
+	case BIO_CTRL_POP:
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	int ret=0;
+
+	buf[0]='\0';
+	fgets(buf,size,(FILE *)bp->ptr);
+	if (buf[0] != '\0')
+		ret=strlen(buf);
+	return(ret);
+	}
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=file_write(bp,str,n);
+	return(ret);
+	}
+
--- a/apps/c512-key.pem
+++ b/apps/c512-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
+q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
+/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
+HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
+ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
+nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
+ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+-----END RSA PRIVATE KEY-----
--- a/apps/c512-req.pem
+++ b/apps/c512-req.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i
+2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs6
+2NNtXrT8odkCAwEAATANBgkqhkiG9w0BAQQFAANBAC5JBTeji7RosqMaUIDzIW13
+oO6+kPhx9fXSpMFHIsY3aH92Milkov/2A4SuZTcnv/P6+8klmS0EaiUKcRzak4E=
+-----END CERTIFICATE REQUEST-----
--- a/apps/ca-cert.srl
+++ b/apps/ca-cert.srl
@@ -1 +1 @@
-05
+03
--- a/apps/ca.c
+++ b/apps/ca.c
--- a/apps/cert.pem
+++ b/apps/cert.pem
@@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
-BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
-VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
-Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
-YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
-DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
-tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
-sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
-19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
-----END CERTIFICATE-----
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -1,5 +1,5 @@
 /* apps/ciphers.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -59,16 +59,12 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef NO_STDIO
+#ifdef WIN16
 #define APPS_WIN16
 #endif
 #include "apps.h"
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
+#include "err.h"
+#include "ssl.h"

 #undef PROG
 #define PROG	ciphers_main
@@ -81,18 +77,19 @@ static char *ciphers_usage[]={
 NULL
 };

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int ret=1,i;
 	int verbose=0;
-	char **pp;
-	const char *p;
+	char **pp,*p;
 	int badops=0;
 	SSL_CTX *ctx=NULL;
 	SSL *ssl=NULL;
 	char *ciphers=NULL;
 	SSL_METHOD *meth=NULL;
-	STACK_OF(SSL_CIPHER) *sk;
+	STACK *sk;
 	char buf[512];
 	BIO *STDout=NULL;

@@ -170,10 +167,10 @@ int MAIN(int argc, char **argv)
 		{
 		sk=SSL_get_ciphers(ssl);

-		for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+		for (i=0; i<sk_num(sk); i++)
 			{
 			BIO_puts(STDout,SSL_CIPHER_description(
-				sk_SSL_CIPHER_value(sk,i),
+				(SSL_CIPHER *)sk_value(sk,i),
 				buf,512));
 			}
 		}
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -1,5 +1,5 @@
 /* apps/crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,11 +60,10 @@
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"

 #undef PROG
 #define PROG	crl_main
@@ -72,6 +71,11 @@
 #undef POSTFIX
 #define	POSTFIX	".rvk"

+#define FORMAT_UNDEF	0
+#define FORMAT_ASN1	1
+#define FORMAT_TEXT	2
+#define FORMAT_PEM	3
+
 static char *crl_usage[]={
 "usage: crl args\n",
 "\n",
@@ -88,24 +92,32 @@ static char *crl_usage[]={
 NULL
 };

+#ifndef NOPROTO
 static X509_CRL *load_crl(char *file, int format);
+#else
+static X509_CRL *load_crl();
+#endif
+
 static BIO *bio_out=NULL;

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	X509_CRL *x=NULL;
 	int ret=1,i,num,badops=0;
 	BIO *out=NULL;
 	int informat,outformat;
 	char *infile=NULL,*outfile=NULL;
-	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
+	char *str=NULL;
+	int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
 	char **pp,buf[256];

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	if (bio_out == NULL)
 		if ((bio_out=BIO_new(BIO_s_file())) != NULL)
@@ -136,6 +148,10 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			outformat=str2fmt(*(++argv));
 			}
+		else if (strcmp(*argv,"-text") == 0)
+			{
+			outformat=FORMAT_TEXT;
+			}
 		else if (strcmp(*argv,"-in") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -146,8 +162,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			outfile= *(++argv);
 			}
-		else if (strcmp(*argv,"-text") == 0)
-			text = 1;
 		else if (strcmp(*argv,"-hash") == 0)
 			hash= ++num;
 		else if (strcmp(*argv,"-issuer") == 0)
@@ -168,6 +182,14 @@ int MAIN(int argc, char **argv)
 		argv++;
 		}

+	if (outformat == FORMAT_TEXT)
+		{
+		num=0;
+		issuer= ++num;
+		lastupdate= ++num;
+		nextupdate= ++num;
+		}
+
 	if (badops)
 		{
 bad:
@@ -177,7 +199,6 @@ bad:
 		}

 	ERR_load_crypto_strings();
-	X509V3_add_standard_extensions();
 	x=load_crl(infile,informat);
 	if (x == NULL) { goto end; }

@@ -188,32 +209,31 @@ bad:
 			if (issuer == i)
 				{
 				X509_NAME_oneline(x->crl->issuer,buf,256);
-				BIO_printf(bio_out,"issuer= %s\n",buf);
+				fprintf(stdout,"issuer= %s\n",str);
 				}

 			if (hash == i)
 				{
-				BIO_printf(bio_out,"%08lx\n",
+				fprintf(stdout,"%08lx\n",
 					X509_NAME_hash(x->crl->issuer));
 				}
 			if (lastupdate == i)
 				{
-				BIO_printf(bio_out,"lastUpdate=");
-				ASN1_TIME_print(bio_out,x->crl->lastUpdate);
-				BIO_printf(bio_out,"\n");
+				fprintf(stdout,"lastUpdate=");
+				ASN1_UTCTIME_print(bio_out,x->crl->lastUpdate);
+				fprintf(stdout,"\n");
 				}
 			if (nextupdate == i)
 				{
-				BIO_printf(bio_out,"nextUpdate=");
-				if (x->crl->nextUpdate != NULL)
-					ASN1_TIME_print(bio_out,x->crl->nextUpdate);
-				else
-					BIO_printf(bio_out,"NONE");
-				BIO_printf(bio_out,"\n");
+				fprintf(stdout,"nextUpdate=");
+				ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+				fprintf(stdout,"\n");
 				}
 			}
 		}

+	if (noout) goto end;
+
 	out=BIO_new(BIO_s_file());
 	if (out == NULL)
 		{
@@ -232,14 +252,24 @@ bad:
 			}
 		}

-	if (text) X509_CRL_print(out, x);
-
-	if (noout) goto end;
-
 	if 	(outformat == FORMAT_ASN1)
 		i=(int)i2d_X509_CRL_bio(out,x);
 	else if (outformat == FORMAT_PEM)
 		i=PEM_write_bio_X509_CRL(out,x);
+	else if (outformat == FORMAT_TEXT)
+		{
+		X509_REVOKED *r;
+
+		while ((r=(X509_REVOKED *)sk_pop(x->crl->revoked)) != NULL)
+			{
+			fprintf(stdout,"revoked: serialNumber=");
+			i2a_ASN1_INTEGER(out,r->serialNumber);
+			fprintf(stdout," revocationDate=");
+			ASN1_UTCTIME_print(bio_out,r->revocationDate);
+			fprintf(stdout,"\n");
+			}
+		i=1;
+		}
 	else	
 		{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
@@ -248,14 +278,15 @@ bad:
 	if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
 	ret=0;
 end:
-	BIO_free(out);
-	BIO_free(bio_out);
-	X509_CRL_free(x);
-	X509V3_EXT_cleanup();
+	if (out != NULL) BIO_free(out);
+	if (bio_out != NULL) BIO_free(bio_out);
+	if (x != NULL) X509_CRL_free(x);
 	EXIT(ret);
 	}

-static X509_CRL *load_crl(char *infile, int format)
+static X509_CRL *load_crl(infile, format)
+char *infile;
+int format;
 	{
 	X509_CRL *x=NULL;
 	BIO *in=NULL;
@@ -280,7 +311,7 @@ static X509_CRL *load_crl(char *infile, int format)
 	if 	(format == FORMAT_ASN1)
 		x=d2i_X509_CRL_bio(in,NULL);
 	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
+		x=PEM_read_bio_X509_CRL(in,NULL,NULL);
 	else	{
 		BIO_printf(bio_err,"bad input format specified for input crl\n");
 		goto end;
@@ -293,7 +324,7 @@ static X509_CRL *load_crl(char *infile, int format)
 		}
 	
 end:
-	BIO_free(in);
+	if (in != NULL) BIO_free(in);
 	return(x);
 	}

--- a/apps/crl.out
+++ b/apps/crl.out
@@ -0,0 +1,8 @@
+-----BEGIN X509 CRL-----
+MIIBDjCBuTANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD
+UUxEMRkwFwYDVQQKExBNaW5jb20gUHR5LiBMdGQuMQswCQYDVQQLEwJDUzEbMBkG
+A1UEAxMSU1NMZWF5IGRlbW8gc2VydmVyFw05NzA3MDkwMDAwMjJaFw05NzA4MDgw
+MDAwMjJaMCgwEgIBARcNOTUxMDA5MjMzMjA1WjASAgEDFw05NTEyMDEwMTAwMDBa
+MA0GCSqGSIb3DQEBBAUAA0EAcEBIWVZPXxSlLMPPLfBi4s0N3lzTgskZkgO6pjZi
+oQRwh5vi5zFqDNQteGx7RTHpUYntgyoAZ87FZE0GOJgBaQ==
+-----END X509 CRL-----
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -1,5 +1,5 @@
 /* apps/crl2p7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -65,14 +65,19 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "apps.h"
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#include <openssl/objects.h>
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static int add_certs_from_file(STACK *stack, char *certfile);
+#else
+static int add_certs_from_file();
+#endif

-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
 #undef PROG
 #define PROG	crl2pkcs7_main

@@ -82,7 +87,9 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
 * -out arg	- output file - default stdout
 */

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int i,badops=0;
 	BIO *in=NULL,*out=NULL;
@@ -91,21 +98,21 @@ int MAIN(int argc, char **argv)
 	PKCS7 *p7 = NULL;
 	PKCS7_SIGNED *p7s = NULL;
 	X509_CRL *crl=NULL;
-	STACK *certflst=NULL;
-	STACK_OF(X509_CRL) *crl_stack=NULL;
-	STACK_OF(X509) *cert_stack=NULL;
+	STACK *crl_stack=NULL;
+	STACK *cert_stack=NULL;
 	int ret=1,nocrl=0;

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
+	certfile=NULL;

 	prog=argv[0];
 	argc--;
@@ -139,8 +146,7 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-certfile") == 0)
 			{
 			if (--argc < 1) goto bad;
-			if(!certflst) certflst = sk_new(NULL);
-			sk_push(certflst,*(++argv));
+			certfile= *(++argv);
 			}
 		else
 			{
@@ -159,10 +165,9 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg    input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -outform arg   output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
+		BIO_printf(bio_err," -in arg        inout file\n");
 		BIO_printf(bio_err," -out arg       output file\n");
 		BIO_printf(bio_err," -certfile arg  certificates file of chain to a trusted CA\n");
-		BIO_printf(bio_err,"                (can be used more than once)\n");
 		BIO_printf(bio_err," -nocrl         no crl to load, just certs from '-certfile'\n");
 		EXIT(1);
 		}
@@ -193,7 +198,7 @@ bad:
 		if 	(informat == FORMAT_ASN1)
 			crl=d2i_X509_CRL_bio(in,NULL);
 		else if (informat == FORMAT_PEM)
-			crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
+			crl=PEM_read_bio_X509_CRL(in,NULL,NULL);
 		else	{
 			BIO_printf(bio_err,"bad input format specified for input crl\n");
 			goto end;
@@ -213,28 +218,26 @@ bad:
 	p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);

 	if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
-	if ((crl_stack=sk_X509_CRL_new(NULL)) == NULL) goto end;
+	if ((crl_stack=sk_new(NULL)) == NULL) goto end;
 	p7s->crl=crl_stack;
 	if (crl != NULL)
 		{
-		sk_X509_CRL_push(crl_stack,crl);
+		sk_push(crl_stack,(char *)crl);
 		crl=NULL; /* now part of p7 for Freeing */
 		}

-	if ((cert_stack=sk_X509_new(NULL)) == NULL) goto end;
+	if ((cert_stack=sk_new(NULL)) == NULL) goto end;
 	p7s->cert=cert_stack;

-	if(certflst) for(i = 0; i < sk_num(certflst); i++) {
-		certfile = sk_value(certflst, i);
+	if (certfile != NULL) 
+		{
 		if (add_certs_from_file(cert_stack,certfile) < 0)
 			{
-			BIO_printf(bio_err, "error loading certificates\n");
+			BIO_printf(bio_err,"error loading certificates\n");
 			ERR_print_errors(bio_err);
 			goto end;
 			}
-	}
-
-	sk_free(certflst);
+		}

 	if (outfile == NULL)
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
@@ -281,42 +284,40 @@ end:
 *	number of certs added if successful, -1 if not.
 *----------------------------------------------------------------------
 */
-static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
+static int add_certs_from_file(stack,certfile)
+STACK *stack;
+char *certfile;
 	{
 	struct stat st;
 	BIO *in=NULL;
 	int count=0;
 	int ret= -1;
-	STACK_OF(X509_INFO) *sk=NULL;
+	STACK *sk=NULL;
 	X509_INFO *xi;

 	if ((stat(certfile,&st) != 0))
 		{
-		BIO_printf(bio_err,"unable to load the file, %s\n",certfile);
+		BIO_printf(bio_err,"unable to file the file, %s\n",certfile);
 		goto end;
 		}

 	in=BIO_new(BIO_s_file());
 	if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
 		{
-		BIO_printf(bio_err,"error opening the file, %s\n",certfile);
 		goto end;
 		}

 	/* This loads from a file, a stack of x509/crl/pkey sets */
-	sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL);
-	if (sk == NULL) {
-		BIO_printf(bio_err,"error reading the file, %s\n",certfile);
-		goto end;
-	}
+	sk=PEM_X509_INFO_read_bio(in,NULL,NULL);
+	if (sk == NULL) goto end;

 	/* scan over it and pull out the CRL's */
-	while (sk_X509_INFO_num(sk))
+	while (sk_num(sk))
 		{
-		xi=sk_X509_INFO_shift(sk);
+		xi=(X509_INFO *)sk_shift(sk);
 		if (xi->x509 != NULL)
 			{
-			sk_X509_push(stack,xi->x509);
+			sk_push(stack,(char *)xi->x509);
 			xi->x509=NULL;
 			count++;
 			}
@@ -327,7 +328,7 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
 end:
 	/* never need to Free x */
 	if (in != NULL) BIO_free(in);
-	if (sk != NULL) sk_X509_INFO_free(sk);
+	if (sk != NULL) sk_free(sk);
 	return(ret);
 	}

--- a/apps/der_chop.in
+++ b/apps/der_chop.in
@@ -42,13 +42,13 @@ $md4_cmd="md4";
 $rsa_cmd="rsa -des -inform der ";

 # this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
+$cmd="ssleay asn1parse";
+$x509_cmd="ssleay x509";
+$crl_cmd="ssleay crl";
+$rc4_cmd="ssleay rc4";
+$md2_cmd="ssleay md2";
+$md4_cmd="ssleay md4";
+$rsa_cmd="ssleay rsa -des -inform der ";

 &Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
 $depth=($opt_d =~ /^\d+$/)?$opt_d:0;
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -1,5 +1,5 @@
 /* apps/dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,12 +60,12 @@
 #include <string.h>
 #include <stdlib.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"

 #undef BUFSIZE
 #define BUFSIZE	1024*8
@@ -73,17 +73,24 @@
 #undef PROG
 #define PROG	dgst_main

+#ifndef NOPROTO
 void do_fp(unsigned char *buf,BIO *f,int sep);
-int MAIN(int argc, char **argv)
+#else
+void do_fp();
+#endif
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
 	{
 	unsigned char *buf=NULL;
 	int i,err=0;
-	const EVP_MD *md=NULL,*m;
+	EVP_MD *md=NULL,*m;
 	BIO *in=NULL,*inp;
 	BIO *bmd=NULL;
-	const char *name;
+	char *name;
 #define PROG_NAME_SIZE  16
-	char pname[PROG_NAME_SIZE];
+        char pname[PROG_NAME_SIZE];
 	int separator=0;
 	int debug=0;

@@ -96,16 +103,16 @@ int MAIN(int argc, char **argv)
 		}
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	/* first check the program name */
-	program_name(argv[0],pname,PROG_NAME_SIZE);
+        program_name(argv[0],pname,PROG_NAME_SIZE);

 	md=EVP_get_digestbyname(pname);

 	argc--;
 	argv++;
-	while (argc > 0)
+	for (i=0; i<argc; i++)
 		{
 		if ((*argv)[0] != '-') break;
 		if (strcmp(*argv,"-c") == 0)
@@ -128,19 +135,17 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"unknown option '%s'\n",*argv);
 		BIO_printf(bio_err,"options are\n");
 		BIO_printf(bio_err,"-c   to output the digest with separating colons\n");
-		BIO_printf(bio_err,"-d   to output debug info\n");
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
+		BIO_printf(bio_err,"-c   to output debug info\n");
+		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm (default)\n",
 			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
 			LN_md2,LN_md2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
 			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
 			LN_sha,LN_sha);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
 			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_ripemd160,LN_ripemd160);
 		err=1;
 		goto end;
 		}
@@ -182,7 +187,7 @@ int MAIN(int argc, char **argv)
 				}
 			printf("%s(%s)= ",name,argv[i]);
 			do_fp(buf,inp,separator);
-			(void)BIO_reset(bmd);
+			BIO_reset(bmd);
 			}
 		}
 end:
@@ -196,7 +201,10 @@ end:
 	EXIT(err);
 	}

-void do_fp(unsigned char *buf, BIO *bp, int sep)
+void do_fp(buf,bp,sep)
+unsigned char *buf;
+BIO *bp;
+int sep;
 	{
 	int len;
 	int i;
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -1,5 +1,5 @@
 /* apps/dh.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,18 +56,17 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_DH
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"

 #undef PROG
 #define PROG	dh_main
@@ -82,7 +81,9 @@
 * -C
 */

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	DH *dh=NULL;
 	int i,badops=0,text=0;
@@ -94,7 +95,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -151,10 +152,10 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -check        check the DH parameters\n");
-		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
+		BIO_printf(bio_err," -text         check the DH parameters\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -noout        no output\n");
 		goto end;
@@ -194,7 +195,7 @@ bad:
 	if	(informat == FORMAT_ASN1)
 		dh=d2i_DHparams_bio(in,NULL);
 	else if (informat == FORMAT_PEM)
-		dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
+		dh=PEM_read_bio_DHparams(in,NULL,NULL);
 	else
 		{
 		BIO_printf(bio_err,"bad input format specified\n");
@@ -309,4 +310,3 @@ end:
 	if (dh != NULL) DH_free(dh);
 	EXIT(ret);
 	}
-#endif
--- a/apps/dsa-ca.pem
+++ b/apps/dsa-ca.pem
@@ -1,14 +1,17 @@
 -----BEGIN DSA PRIVATE KEY-----
-MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
-94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
-tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
-J6zsFbSEHaQGUmfSeoM=
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
 -----END DSA PRIVATE KEY-----
 -----BEGIN CERTIFICATE REQUEST-----
 MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
--- a/apps/dsa-pca.pem
+++ b/apps/dsa-pca.pem
@@ -1,14 +1,17 @@
 -----BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
-PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
-u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
-Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
-hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
-SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
-Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
-6TicfImU7UFRn9h00j0lJQ==
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
 -----END DSA PRIVATE KEY-----
 -----BEGIN CERTIFICATE REQUEST-----
 MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -1,5 +1,5 @@
 /* apps/dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,18 +56,17 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_DSA
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"

 #undef PROG
 #define PROG	dsa_main
@@ -83,12 +82,14 @@
 * -modulus	- print the DSA public key
 */

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int ret=1;
 	DSA *dsa=NULL;
 	int i,badops=0;
-	const EVP_CIPHER *enc=NULL;
+	EVP_CIPHER *enc=NULL;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,text=0,noout=0;
 	char *infile,*outfile,*prog;
@@ -98,7 +99,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -153,7 +154,7 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -outform arg  output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
 		BIO_printf(bio_err," -des3         encrypt PEM output with ede cbc des using 168 bit key\n");
@@ -191,7 +192,7 @@ bad:
 	if	(informat == FORMAT_ASN1)
 		dsa=d2i_DSAPrivateKey_bio(in,NULL);
 	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL);
+		dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL);
 	else
 		{
 		BIO_printf(bio_err,"bad input format specified for key\n");
@@ -235,7 +236,7 @@ bad:
 	if 	(outformat == FORMAT_ASN1)
 		i=i2d_DSAPrivateKey_bio(out,dsa);
 	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL,NULL);
+		i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL);
 	else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
 		goto end;
@@ -253,4 +254,4 @@ end:
 	if (dsa != NULL) DSA_free(dsa);
 	EXIT(ret);
 	}
-#endif
+
--- a/apps/dsap.pem
+++ b/apps/dsap.pem
@@ -1,6 +0,0 @@
-----BEGIN DSA PARAMETERS-----
-MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
-GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
-t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
-ADiRffvSdhrNw5dkqdql
-----END DSA PARAMETERS-----
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -1,5 +1,5 @@
 /* apps/dsaparam.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,19 +56,18 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_DSA
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "rand.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"

 #undef PROG
 #define PROG	dsaparam_main
@@ -81,25 +80,31 @@
 * -text
 * -C
 * -noout
- * -genkey
 */

-static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
-int MAIN(int argc, char **argv)
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	DSA *dsa=NULL;
 	int i,badops=0,text=0;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,noout=0,C=0,ret=1;
 	char *infile,*outfile,*prog,*inrand=NULL;
-	int numbits= -1,num,genkey=0;
+	int numbits= -1,num;
 	char buffer[200],*randfile=NULL;

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -135,8 +140,6 @@ int MAIN(int argc, char **argv)
 			text=1;
 		else if (strcmp(*argv,"-C") == 0)
 			C=1;
-		else if (strcmp(*argv,"-genkey") == 0)
-			genkey=1;
 		else if (strcmp(*argv,"-rand") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -166,7 +169,7 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -text         check the DSA parameters\n");
 		BIO_printf(bio_err," -C            Output C code\n");
@@ -214,13 +217,12 @@ bad:

 		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
 	        BIO_printf(bio_err,"This could take some time\n");
-	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
-			dsa_cb,(char *)bio_err);
+	        dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb);
 		}
 	else if	(informat == FORMAT_ASN1)
 		dsa=d2i_DSAparams_bio(in,NULL);
 	else if (informat == FORMAT_PEM)
-		dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
+		dsa=PEM_read_bio_DSAparams(in,NULL,NULL);
 	else
 		{
 		BIO_printf(bio_err,"bad input format specified\n");
@@ -312,22 +314,6 @@ bad:
 			goto end;
 			}
 		}
-	if (genkey)
-		{
-		DSA *dsakey;
-
-		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
-		if (!DSA_generate_key(dsakey)) goto end;
-		if 	(outformat == FORMAT_ASN1)
-			i=i2d_DSAPrivateKey_bio(out,dsakey);
-		else if (outformat == FORMAT_PEM)
-			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
-		else	{
-			BIO_printf(bio_err,"bad output format specified for outfile\n");
-			goto end;
-			}
-		DSA_free(dsakey);
-		}
 	ret=0;
 end:
 	if (in != NULL) BIO_free(in);
@@ -336,7 +322,9 @@ end:
 	EXIT(ret);
 	}

-static void MS_CALLBACK dsa_cb(int p, int n, char *arg)
+static void MS_CALLBACK dsa_cb(p, n)
+int p;
+int n;
 	{
 	char c='*';

@@ -344,10 +332,9 @@ static void MS_CALLBACK dsa_cb(int p, int n, char *arg)
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
+	BIO_write(bio_err,&c,1);
+	BIO_flush(bio_err);
 #ifdef LINT
 	p=n;
 #endif
 	}
-#endif
--- a/apps/eay.c
+++ b/apps/eay.c
@@ -1,5 +1,5 @@
 /* apps/eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -62,34 +62,33 @@

 #define MONOLITH
 #define USE_SOCKETS
+#include "../e_os.h"

-#include "openssl/e_os.h"
+#include "bio.h"
+#include "stack.h"
+#include "lhash.h"

-#include <openssl/bio.h>
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
+#include "err.h"

-#include <openssl/err.h>
+#include "bn.h"

-#include <openssl/bn.h>
+#include "evp.h"

-#include <openssl/evp.h>
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"

-#include <openssl/rand.h>
-#include <openssl/conf.h>
-#include <openssl/txt_db.h>
+#include "err.h"

-#include <openssl/err.h>
-
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"

 #define MONOLITH

-#include "openssl.c"
+#include "ssleay.c"
 #include "apps.c"
 #include "asn1pars.c"
 #ifndef NO_RSA
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -1,5 +1,5 @@
 /* apps/enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,17 +60,22 @@
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#ifndef NO_MD5
-#include <openssl/md5.h>
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#ifdef NO_MD5
+#include "md5.h"
 #endif
-#include <openssl/pem.h>
+#include "pem.h"

+#ifndef NOPROTO
 int set_hex(char *in,unsigned char *out,int size);
+#else
+int set_hex();
+#endif
+
 #undef SIZE
 #undef BSIZE
 #undef PROG
@@ -79,7 +84,9 @@ int set_hex(char *in,unsigned char *out,int size);
 #define BSIZE	(8*1024)
 #define	PROG	enc_main

-int MAIN(int argc, char **argv)
+int MAIN(argc,argv)
+int argc;
+char **argv;
 	{
 	char *strbuf=NULL;
 	unsigned char *buff=NULL,*bufsize=NULL;
@@ -89,21 +96,21 @@ int MAIN(int argc, char **argv)
 	char *str=NULL;
 	char *hkey=NULL,*hiv=NULL;
 	int enc=1,printkey=0,i,base64=0;
-	int debug=0,olb64=0;
-	const EVP_CIPHER *cipher=NULL,*c;
+	int debug=0;
+	EVP_CIPHER *cipher=NULL,*c;
 	char *inf=NULL,*outf=NULL;
 	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
 #define PROG_NAME_SIZE  16
-	char pname[PROG_NAME_SIZE];
+        char pname[PROG_NAME_SIZE];

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	/* first check the program name */
-	program_name(argv[0],pname,PROG_NAME_SIZE);
+        program_name(argv[0],pname,PROG_NAME_SIZE);
 	if (strcmp(pname,"base64") == 0)
 		base64=1;

@@ -141,8 +148,6 @@ int MAIN(int argc, char **argv)
 			debug=1;
 		else if	(strcmp(*argv,"-P") == 0)
 			printkey=2;
-		else if	(strcmp(*argv,"-A") == 0)
-			olb64=1;
 		else if	(strcmp(*argv,"-a") == 0)
 			base64=1;
 		else if	(strcmp(*argv,"-base64") == 0)
@@ -232,7 +237,7 @@ bad:
 #ifndef NO_RC4
 			BIO_printf(bio_err,"rc2     :128 bit key RC2 encryption\n");
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 			BIO_printf(bio_err,"bf      :128 bit key BlowFish encryption\n");
 #endif
 #ifndef NO_RC4
@@ -270,23 +275,11 @@ bad:
 				LN_rc2_cfb64, LN_rc2_ofb64);
 			BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc);
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
 				LN_bf_ecb, LN_bf_cbc,
 				LN_bf_cfb64, LN_bf_ofb64);
 			BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
-#endif
-#ifndef NO_CAST
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_cast5_ecb, LN_cast5_cbc,
-				LN_cast5_cfb64, LN_cast5_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
-#endif
-#ifndef NO_RC5
-			BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
-				LN_rc5_ecb, LN_rc5_cbc,
-				LN_rc5_cfb64, LN_rc5_ofb64);
-			BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
 #endif
 			goto end;
 			}
@@ -470,8 +463,6 @@ bad:
 			BIO_set_callback(b64,BIO_debug_callback);
 			BIO_set_callback_arg(b64,bio_err);
 			}
-		if (olb64)
-			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
 		if (enc)
 			wbio=BIO_push(b64,wbio);
 		else
@@ -514,7 +505,10 @@ end:
 	EXIT(ret);
 	}

-int set_hex(char *in, unsigned char *out, int size)
+int set_hex(in,out,size)
+char *in;
+unsigned char *out;
+int size;
 	{
 	int i,n;
 	unsigned char j;
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -1,5 +1,5 @@
 /* apps/errstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,15 +60,17 @@
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
+#include "bio.h"
+#include "lhash.h"
+#include "err.h"
+#include "ssl.h"

 #undef PROG
 #define PROG	errstr_main

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int i,ret=0;
 	char buf[256];
@@ -78,7 +80,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	SSL_load_error_strings();

--- a/apps/f
+++ b/apps/f
@@ -0,0 +1,5 @@
+586
+2481
+
+1400
+2064
--- a/apps/g_ssleay.pl
+++ b/apps/g_ssleay.pl
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+$mkprog='mklinks';
+$rmprog='rmlinks';
+
+print "#ifndef NOPROTO\n";
+
+grep(s/^asn1pars$/asn1parse/,@ARGV);
+
+foreach (@ARGV)
+	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+print "#else\n";
+foreach (@ARGV)
+	{ printf "extern int %s_main();\n",$_; }
+print "#endif\n";
+
+
+print <<'EOF';
+
+#ifdef SSLEAY_SRC
+
+#define FUNC_TYPE_GENERAL	1
+#define FUNC_TYPE_MD		2
+#define FUNC_TYPE_CIPHER	3
+
+typedef struct {
+	int type;
+	char *name;
+	int (*func)();
+	} FUNCTION;
+
+FUNCTION functions[] = {
+EOF
+
+foreach (@ARGV)
+	{
+	push(@files,$_);
+	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
+		{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; } 
+	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
+		($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
+		{ print "#ifndef NO_RSA\n${str}#endif\n";  }
+	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
+		{ print "#ifndef NO_DSA\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
+		{ print "#ifndef NO_DH\n${str}#endif\n"; }
+	else
+		{ print $str; }
+	}
+
+foreach ("md2","md5","sha","sha1","mdc2")
+	{
+	push(@files,$_);
+	printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
+	}
+
+foreach (
+	"base64",
+	"des", "des3", "desx", "idea", "rc4", "rc2","bf",
+	"des-ecb", "des-ede",    "des-ede3",
+	"des-cbc", "des-ede-cbc","des-ede3-cbc",
+	"des-cfb", "des-ede-cfb","des-ede3-cfb",
+	"des-ofb", "des-ede-ofb","des-ede3-ofb",
+	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
+	"rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
+	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
+	{
+	push(@files,$_);
+
+	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+	if    ($_ =~ /des/)  { $t="#ifndef NO_DES\n${t}#endif\n"; }
+	elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
+	elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
+	elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
+	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+	print $t;
+	}
+
+print "\t{0,NULL,NULL}\n\t};\n";
+print "#endif\n\n";
+
+open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+	{ print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
+EOF
+close(OUT);
+chmod(0755,$mkprog);
+
+open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+	{ print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo removing $i
+/bin/rm -f $i
+done
+EOF
+close(OUT);
+chmod(0755,$rmprog);
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -1,5 +1,5 @@
 /* apps/gendh.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,27 +56,34 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_DH
 #include <stdio.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"

 #define DEFBITS	512
 #undef PROG
 #define PROG gendh_main

-static void MS_CALLBACK dh_cb(int p, int n, void *arg);
+#ifndef NOPROTO
+static void MS_CALLBACK dh_cb(int p, int n);
 static long dh_load_rand(char *names);
-int MAIN(int argc, char **argv)
+#else
+static void MS_CALLBACK dh_cb();
+static long dh_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	char buffer[200];
 	DH *dh=NULL;
@@ -90,7 +97,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	argv++;
 	argc--;
@@ -164,7 +171,7 @@ bad:

 	BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
 	BIO_printf(bio_err,"This is going to take a long time\n");
-	dh=DH_generate_parameters(num,g,dh_cb,bio_err);
+	dh=DH_generate_parameters(num,g,dh_cb);
 		
 	if (dh == NULL) goto end;

@@ -184,7 +191,9 @@ end:
 	EXIT(ret);
 	}

-static void MS_CALLBACK dh_cb(int p, int n, void *arg)
+static void MS_CALLBACK dh_cb(p, n)
+int p;
+int n;
 	{
 	char c='*';

@@ -192,14 +201,15 @@ static void MS_CALLBACK dh_cb(int p, int n, void *arg)
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
+	BIO_write(bio_err,&c,1);
+	BIO_flush(bio_err);
 #ifdef LINT
 	p=n;
 #endif
 	}

-static long dh_load_rand(char *name)
+static long dh_load_rand(name)
+char *name;
 	{
 	char *p,*n;
 	int last;
@@ -220,4 +230,5 @@ static long dh_load_rand(char *name)
 		}
 	return(tot);
 	}
-#endif
+
+
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -1,5 +1,5 @@
 /* apps/gendsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,40 +56,45 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_DSA
 #include <stdio.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"

 #define DEFBITS	512
 #undef PROG
 #define PROG gendsa_main

+#ifndef NOPROTO
 static long dsa_load_rand(char *names);
-int MAIN(int argc, char **argv)
+#else
+static long dsa_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	char buffer[200];
 	DSA *dsa=NULL;
-	int ret=1;
+	int ret=1,num=DEFBITS;
 	char *outfile=NULL;
 	char *inrand=NULL,*randfile,*dsaparams=NULL;
 	BIO *out=NULL,*in=NULL;
-	EVP_CIPHER *enc=NULL;

 	apps_startup();

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	argv++;
 	argc--;
@@ -108,19 +113,9 @@ int MAIN(int argc, char **argv)
 			}
 		else if (strcmp(*argv,"-") == 0)
 			goto bad;
-#ifndef NO_DES
-		else if (strcmp(*argv,"-des") == 0)
-			enc=EVP_des_cbc();
-		else if (strcmp(*argv,"-des3") == 0)
-			enc=EVP_des_ede3_cbc();
-#endif
-#ifndef NO_IDEA
-		else if (strcmp(*argv,"-idea") == 0)
-			enc=EVP_idea_cbc();
-#endif
-		else if (**argv != '-' && dsaparams == NULL)
+		else if (dsaparams == NULL)
 			{
-			dsaparams = *argv;
+			dsaparams= *argv;
 			}
 		else
 			goto bad;
@@ -131,31 +126,22 @@ int MAIN(int argc, char **argv)
 	if (dsaparams == NULL)
 		{
 bad:
-		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-		BIO_printf(bio_err," -out file - output the key to 'file'\n");
-#ifndef NO_DES
-		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
-		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef NO_IDEA
-		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
-#endif
+		BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");
+		BIO_printf(bio_err," -out file - output the key to 'file\n");
 		BIO_printf(bio_err," -rand file:file:...\n");
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
-		BIO_printf(bio_err," dsaparam-file\n");
-		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
 		goto end;
 		}

 	in=BIO_new(BIO_s_file());
-	if (!(BIO_read_filename(in,dsaparams)))
+	if (!(BIO_read_filename(in,"r")))
 		{
 		perror(dsaparams);
 		goto end;
 		}

-	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
+	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
 		{
 		BIO_printf(bio_err,"unable to load DSA parameter file\n");
 		goto end;
@@ -188,8 +174,8 @@ bad:
 			dsa_load_rand(inrand));
 		}

-	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-							BN_num_bits(dsa->p));
+	BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+	BIO_printf(bio_err,"This could take some time\n");
 	if (!DSA_generate_key(dsa)) goto end;

 	if (randfile == NULL)
@@ -197,7 +183,7 @@ bad:
 	else
 		RAND_write_file(randfile);

-	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL,NULL))
+	if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))
 		goto end;
 	ret=0;
 end:
@@ -208,7 +194,8 @@ end:
 	EXIT(ret);
 	}

-static long dsa_load_rand(char *name)
+static long dsa_load_rand(name)
+char *name;
 	{
 	char *p,*n;
 	int last;
@@ -229,4 +216,5 @@ static long dsa_load_rand(char *name)
 		}
 	return(tot);
 	}
-#endif
+
+
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -1,5 +1,5 @@
 /* apps/genrsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,28 +56,35 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_RSA
 #include <stdio.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"

 #define DEFBITS	512
 #undef PROG
 #define PROG genrsa_main

-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg);
+#ifndef NOPROTO
+static void MS_CALLBACK genrsa_cb(int p, int n);
 static long gr_load_rand(char *names);
-int MAIN(int argc, char **argv)
+#else
+static void MS_CALLBACK genrsa_cb();
+static long gr_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int ret=1;
 	char buffer[200];
@@ -94,7 +101,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
 	if ((out=BIO_new(BIO_s_file())) == NULL)
 		{
 		BIO_printf(bio_err,"unable to creat BIO for output\n");
@@ -194,7 +201,7 @@ bad:

 	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
 		num);
-	rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
+	rsa=RSA_generate_key(num,f4,genrsa_cb);
 		
 	if (randfile == NULL)
 		BIO_printf(bio_err,"unable to write 'random state'\n");
@@ -215,7 +222,7 @@ bad:
 		l+=rsa->e->d[i];
 		}
 	BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
-	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL,NULL))
+	if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL))
 		goto err;

 	ret=0;
@@ -227,7 +234,9 @@ err:
 	EXIT(ret);
 	}

-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
+static void MS_CALLBACK genrsa_cb(p, n)
+int p;
+int n;
 	{
 	char c='*';

@@ -235,14 +244,15 @@ static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
+	BIO_write(bio_err,&c,1);
+	BIO_flush(bio_err);
 #ifdef LINT
 	p=n;
 #endif
 	}

-static long gr_load_rand(char *name)
+static long gr_load_rand(name)
+char *name;
 	{
 	char *p,*n;
 	int last;
@@ -263,4 +273,5 @@ static long gr_load_rand(char *name)
 		}
 	return(tot);
 	}
-#endif
+
+
--- a/apps/install.com
+++ b/apps/install.com
@@ -1,69 +0,0 @@
-$! INSTALL.COM -- Installs the files in a given directory tree
-$!
-$! Author: Richard Levitte <richard@levitte.org>
-$! Time of creation: 22-MAY-1998 10:13
-$!
-$! P1	root of the directory tree
-$!
-$	IF P1 .EQS. ""
-$	THEN
-$	    WRITE SYS$OUTPUT "First argument missing."
-$	    WRITE SYS$OUTPUT "Should be the directory where you want things installed."
-$	    EXIT
-$	ENDIF
-$
-$	ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
-$	ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
-$	ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
-		   - "[000000." - "][" - "[" - "]"
-$	ROOT = ROOT_DEV + "[" + ROOT_DIR
-$
-$	DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
-$	DEFINE/NOLOG WRK_SSLVEXE WRK_SSLROOT:[VAX_EXE]
-$	DEFINE/NOLOG WRK_SSLAEXE WRK_SSLROOT:[ALPHA_EXE]
-$	DEFINE/NOLOG WRK_SSLLIB WRK_SSLROOT:[LIB]
-$
-$	IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLROOT:[000000]
-$	IF F$PARSE("WRK_SSLVEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLVEXE:
-$	IF F$PARSE("WRK_SSLAEXE:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLAEXE:
-$	IF F$PARSE("WRK_SSLLIB:") .EQS. "" THEN -
-	   CREATE/DIR/LOG WRK_SSLLIB:
-$
-$	EXE := openssl
-$
-$	VEXE_DIR := [-.VAX.EXE.APPS]
-$	AEXE_DIR := [-.AXP.EXE.APPS]
-$
-$	I = 0
-$ LOOP_EXE: 
-$	E = F$EDIT(F$ELEMENT(I, ",", EXE),"TRIM")
-$	I = I + 1
-$	IF E .EQS. "," THEN GOTO LOOP_EXE_END
-$	SET NOON
-$	IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'VEXE_DIR''E'.EXE WRK_SSLVEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLVEXE:'E'.EXE
-$	ENDIF
-$	IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
-$	THEN
-$	  COPY 'AEXE_DIR''E'.EXE WRK_SSLAEXE:'E'.EXE/log
-$	  SET FILE/PROT=W:RE WRK_SSLAEXE:'E'.EXE
-$	ENDIF
-$	SET ON
-$	GOTO LOOP_EXE
-$ LOOP_EXE_END:
-$
-$	SET NOON
-$	COPY CA.COM WRK_SSLAEXE:CA.COM/LOG
-$	SET FILE/PROT=W:RE WRK_SSLAEXE:CA.COM
-$	COPY CA.COM WRK_SSLVEXE:CA.COM/LOG
-$	SET FILE/PROT=W:RE WRK_SSLVEXE:CA.COM
-$	COPY OPENSSL-VMS.CNF WRK_SSLROOT:[000000]OPENSSL.CNF/LOG
-$	SET FILE/PROT=W:R WRK_SSLROOT:[000000]OPENSSL.CNF
-$	SET ON
-$
-$	EXIT
--- a/apps/makeapps.com
+++ b/apps/makeapps.com
--- a/apps/mklinks
+++ b/apps/mklinks
@@ -0,0 +1,7 @@
+#!/bin/sh
+for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -1,174 +0,0 @@
-/* nseq.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include "apps.h"
-
-#undef PROG
-#define PROG nseq_main
-
-static int dump_cert_text(BIO *out, X509 *x);
-
-int MAIN(int argc, char **argv)
-{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int toseq = 0;
-	X509 *x509 = NULL;
-	NETSCAPE_CERT_SEQUENCE *seq = NULL;
-	int i, ret = 1;
-	int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-	ERR_load_crypto_strings();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp (*args, "-toseq")) toseq = 1;
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		BIO_printf (bio_err, "Netscape certificate sequence utility\n");
-		BIO_printf (bio_err, "Usage nseq [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-in file  input file\n");
-		BIO_printf (bio_err, "-out file output file\n");
-		BIO_printf (bio_err, "-toseq    output NS Sequence file\n");
-		EXIT(1);
-	}
-
-	if (infile) {
-		if (!(in = BIO_new_file (infile, "r"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			goto end;
-		}
-	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "w"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			goto end;
-		}
-	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
-	if (toseq) {
-		seq = NETSCAPE_CERT_SEQUENCE_new();
-		seq->certs = sk_X509_new(NULL);
-		while((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL))) 
-		    sk_X509_push(seq->certs,x509);
-
-		if(!sk_X509_num(seq->certs))
-		{
-			BIO_printf (bio_err, "Error reading certs file %s\n", infile);
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-		PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
-		ret = 0;
-		goto end;
-	}
-
-	if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
-		BIO_printf (bio_err, "Error reading sequence file %s\n", infile);
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	for(i = 0; i < sk_X509_num(seq->certs); i++) {
-		x509 = sk_X509_value(seq->certs, i);
-		dump_cert_text(out, x509);
-		PEM_write_bio_X509(out, x509);
-	}
-	ret = 0;
-end:
-	BIO_free(in);
-	BIO_free(out);
-	NETSCAPE_CERT_SEQUENCE_free(seq);
-
-	EXIT(ret);
-}
-
-static int dump_cert_text(BIO *out, X509 *x)
-{
-	char buf[256];
-	X509_NAME_oneline(X509_get_subject_name(x),buf,256);
-	BIO_puts(out,"subject=");
-	BIO_puts(out,buf);
-
-	X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
-	BIO_puts(out,"\nissuer= ");
-	BIO_puts(out,buf);
-	BIO_puts(out,"\n");
-	return 0;
-}
-
--- a/apps/oid.cnf
+++ b/apps/oid.cnf
@@ -1,6 +0,0 @@
-2.99999.1       SET.ex1         SET x509v3 extension 1
-2.99999.2       SET.ex2         SET x509v3 extension 2
-2.99999.3       SET.ex3         SET x509v3 extension 3
-2.99999.4       SET.ex4         SET x509v3 extension 4
-2.99999.5       SET.ex5         SET x509v3 extension 5
-2.99999.6       SET.ex6         SET x509v3 extension 6
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -1,214 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= $ENV::HOME/.rnd
-oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= sys\$disk:[.demoCA	# Where everything is kept
-certs		= $dir.certs]		# Where the issued certs are kept
-crl_dir		= $dir.crl]		# Where the issued crl are kept
-database	= $dir]index.txt	# database index file.
-new_certs_dir	= $dir.newcerts]	# default place for new certs.
-
-certificate	= $dir]cacert.pem 	# The CA certificate
-serial		= $dir]serial.		# The current serial number
-crl		= $dir]crl.pem 		# The current CRL
-private_key	= $dir.private]cakey.pem# The private key
-RANDFILE	= $dir.private].rand	# private random number file
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (eg, YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 40
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-[ v3_ca]
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# RAW DER hex encoding of an extension: beware experts only!
-# 1.2.3.5=RAW:02:03
-# You can even override a supported extension:
-# basicConstraints= critical, RAW:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -1,5 +1,5 @@
-/* apps/openssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* apps/ssleay.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,42 +56,49 @@
 * [including the GNU Public Licence.]
 */

-#ifndef DEBUG
-#undef DEBUG
-#endif
+#define DEBUG

 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "crypto.h"
+#include "lhash.h"
+#include "conf.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
 #define SSLEAY	/* turn off a few special case MONOLITH macros */
 #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
 #define SSLEAY_SRC
 #include "apps.h"
 #include "s_apps.h"
-#include <openssl/err.h>
+#include "err.h"

-/*
-#ifdef WINDOWS
-#include "bss_file.c"
-#endif
-*/

+#ifndef NOPROTO
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
 static int do_cmd(LHASH *prog,int argc,char *argv[]);
+static void sig_stop(int i);
+#else
+static unsigned long MS_CALLBACK hash();
+static int MS_CALLBACK cmp();
+static LHASH *prog_init();
+static int do_cmd();
+static void sig_stop();
+#endif
+
 LHASH *config=NULL;
 char *default_config_file=NULL;

 #ifdef DEBUG
-static void sig_stop(int i)
+static void sig_stop(i)
+int i;
 	{
 	char *a=NULL;

@@ -104,7 +111,9 @@ static void sig_stop(int i)
 BIO *bio_err=NULL;
 #endif

-int main(int Argc, char *Argv[])
+int main(Argc,Argv)
+int Argc;
+char *Argv[];
 	{
 	ARGS arg;
 #define PROG_NAME_SIZE	16
@@ -134,23 +143,19 @@ int main(int Argc, char *Argv[])

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);

 	ERR_load_crypto_strings();

 	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
+	p=getenv("SSLEAY_CONF");
 	if (p == NULL)
 		{
 		strcpy(config_name,X509_get_default_cert_area());
-#ifndef VMS
-		strcat(config_name,"/");
-#endif
-		strcat(config_name,OPENSSL_CONF);
+		strcat(config_name,"/lib/");
+		strcat(config_name,SSLEAY_CONF);
 		p=config_name;
 		}

@@ -184,7 +189,7 @@ int main(int Argc, char *Argv[])
 		goto end;
 		}

-	/* ok, lets enter the old 'OpenSSL>' mode */
+	/* ok, lets enter the old 'SSLeay>' mode */
 	
 	for (;;)
 		{
@@ -197,7 +202,7 @@ int main(int Argc, char *Argv[])
 			p[0]='\0';
 			if (i++)
 				prompt=">";
-			else	prompt="OpenSSL> ";
+			else	prompt="SSLeay>";
 			fputs(prompt,stdout);
 			fflush(stdout);
 			fgets(p,n,stdin);
@@ -219,7 +224,6 @@ int main(int Argc, char *Argv[])
 			}
 		if (ret != 0)
 			BIO_printf(bio_err,"error in %s\n",argv[0]);
-		(void)BIO_flush(bio_err);
 		}
 	BIO_printf(bio_err,"bad exit\n");
 	ret=1;
@@ -234,7 +238,6 @@ end:
 	ERR_remove_state(0);

 	EVP_cleanup();
-	ERR_free_strings();

 	CRYPTO_mem_leaks(bio_err);
 	if (bio_err != NULL)
@@ -245,11 +248,10 @@ end:
 	EXIT(ret);
 	}

-#define LIST_STANDARD_COMMANDS "list-standard-commands"
-#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
-#define LIST_CIPHER_COMMANDS "list-cipher-commands"
-
-static int do_cmd(LHASH *prog, int argc, char *argv[])
+static int do_cmd(prog,argc,argv)
+LHASH *prog;
+int argc;
+char *argv[];
 	{
 	FUNCTION f,*fp;
 	int i,ret=1,tp,nl;
@@ -270,34 +272,12 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		ret= -1;
 		goto end;
 		}
-	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
-		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0))
-		{
-		int list_type;
-		BIO *bio_stdout;
-
-		if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
-			list_type = FUNC_TYPE_GENERAL;
-		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
-			list_type = FUNC_TYPE_MD;
-		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
-			list_type = FUNC_TYPE_CIPHER;
-		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-		
-		for (fp=functions; fp->name != NULL; fp++)
-			if (fp->type == list_type)
-				BIO_printf(bio_stdout, "%s\n", fp->name);
-		BIO_free(bio_stdout);
-		ret=0;
-		goto end;
-		}
 	else
 		{
-		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
+		BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
 			argv[0]);
-		BIO_printf(bio_err, "\nStandard commands");
 		i=0;
+		fp=functions;
 		tp=0;
 		for (fp=functions; fp->name != NULL; fp++)
 			{
@@ -315,43 +295,27 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 					{
 					i=1;
 					BIO_printf(bio_err,
-						"\nMessage Digest commands (see the `dgst' command for more details)\n");
+						"Message Digest commands - see the dgst command for more details\n");
 					}
 				else if (tp == FUNC_TYPE_CIPHER)
 					{
 					i=1;
-					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
+					BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
 					}
 				}
 			BIO_printf(bio_err,"%-15s",fp->name);
 			}
-		BIO_printf(bio_err,"\n\n");
+		BIO_printf(bio_err,"\nquit\n");
 		ret=0;
 		}
 end:
 	return(ret);
 	}

-static int SortFnByName(const void *_f1,const void *_f2)
-    {
-    const FUNCTION *f1=_f1;
-    const FUNCTION *f2=_f2;
-
-    if(f1->type != f2->type)
-	return f1->type-f2->type;
-    return strcmp(f1->name,f2->name);
-    }
-
-static LHASH *prog_init(void)
+static LHASH *prog_init()
 	{
 	LHASH *ret;
 	FUNCTION *f;
-	int i;
-
-	/* Purely so it looks nice when the user hits ? */
-	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
-	    ;
-	qsort(functions,i,sizeof *functions,SortFnByName);

 	if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);

@@ -360,12 +324,14 @@ static LHASH *prog_init(void)
 	return(ret);
 	}

-static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b)
+static int MS_CALLBACK cmp(a,b)
+FUNCTION *a,*b;
 	{
 	return(strncmp(a->name,b->name,8));
 	}

-static unsigned long MS_CALLBACK hash(FUNCTION *a)
+static unsigned long MS_CALLBACK hash(a)
+FUNCTION *a;
 	{
 	return(lh_strhash(a->name));
 	}
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -1,26 +1,9 @@
 #
-# OpenSSL example configuration file.
+# SSLeay example configuration file.
 # This is mostly being used for generation of certificate requests.
 #

 RANDFILE		= $ENV::HOME/.rnd
-oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		= 
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca' and 'req'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6

 ####################################################################
 [ ca ]
@@ -41,12 +24,7 @@ crl		= $dir/crl.pem 		# The current CRL
 private_key	= $dir/private/cakey.pem# The private key
 RANDFILE	= $dir/private/.rand	# private random number file

-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
+x509_extensions	= x509v3_extensions	# The extentions to add to the cert
 default_days	= 365			# how long to certify for
 default_crl_days= 30			# how long before next CRL
 default_md	= md5			# which md to use.
@@ -84,7 +62,6 @@ default_bits		= 1024
 default_keyfile 	= privkey.pem
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert

 [ req_distinguished_name ]
 countryName			= Country Name (2 letter code)
@@ -102,7 +79,7 @@ localityName			= Locality Name (eg, city)

 # we can do this but it is not needed normally :-)
 #1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
+#1.organizationName_default	= CryptSoft Pty Ltd

 organizationalUnitName		= Organizational Unit Name (eg, section)
 #organizationalUnitName_default	=
@@ -113,8 +90,6 @@ commonName_max			= 64
 emailAddress			= Email Address
 emailAddress_max		= 40

-# SET-ex3			= SET extension number 3
-
 [ req_attributes ]
 challengePassword		= A challenge password
 challengePassword_min		= 4
@@ -122,93 +97,20 @@ challengePassword_max		= 20

 unstructuredName		= An optional company name

-[ usr_cert ]
+[ x509v3_extensions ]

-# These extensions are added when 'ca' signs a request.
+nsCaRevocationUrl		= http://www.cryptsoft.com/ca-crl.pem
+nsComment			= "This is a comment"

-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType			= 0x40

-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
 #nsBaseUrl
 #nsRevocationUrl
 #nsRenewalUrl
 #nsCaPolicyUrl
 #nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType

-[ v3_ca ]
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer:always
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# RAW DER hex encoding of an extension: beware experts only!
-# 1.2.3.5=RAW:02:03
-# You can even override a supported extension:
-# basicConstraints= critical, RAW:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always,issuer:always
--- a/apps/pem_mail.c
+++ b/apps/pem_mail.c
@@ -1,5 +1,5 @@
 /* apps/pem_mail.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,14 +56,13 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_RSA
 #include <stdio.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
 #include "apps.h"

 #undef PROG
@@ -88,7 +87,9 @@ typedef struct lines_St
 	struct lines_st *next;
 	} LINES;

-int main(int argc, char **argv)
+int main(argc, argv)
+int argc;
+char **argv;
 	{
 	FILE *in;
 	RSA *rsa=NULL;
@@ -167,4 +168,3 @@ err:
 	ERR_print_errors(bio_err);
 	EXIT(1);
 	}
-#endif
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -1,703 +0,0 @@
-/* pkcs12.c */
-#if !defined(NO_DES) && !defined(NO_SHA1)
-
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/des.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-#include "apps.h"
-#define PROG pkcs12_main
-
-EVP_CIPHER *enc;
-
-
-#define NOKEYS		0x1
-#define NOCERTS 	0x2
-#define INFO		0x4
-#define CLCERTS		0x8
-#define CACERTS		0x10
-
-int get_cert_chain(X509 *cert, STACK_OF(X509) **chain);
-int dump_cert_text (BIO *out, X509 *x);
-int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options);
-int dump_certs_pkeys_bags(BIO *out, STACK *bags, char *pass, int passlen, int options);
-int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options);
-int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name);
-void hex_prin(BIO *out, unsigned char *buf, int len);
-int alg_print(BIO *x, X509_ALGOR *alg);
-int cert_load(BIO *in, STACK_OF(X509) *sk);
-int MAIN(int argc, char **argv)
-{
-    char *infile=NULL, *outfile=NULL, *keyname = NULL;	
-    char *certfile=NULL;
-    BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL;
-    char **args;
-    char *name = NULL;
-    PKCS12 *p12 = NULL;
-    char pass[50], macpass[50];
-    int export_cert = 0;
-    int options = 0;
-    int chain = 0;
-    int badarg = 0;
-    int iter = PKCS12_DEFAULT_ITER;
-    int maciter = 1;
-    int twopass = 0;
-    int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-    int ret = 1;
-    int macver = 1;
-    int noprompt = 0;
-    STACK *canames = NULL;
-    char *cpass = NULL, *mpass = NULL;
-
-    apps_startup();
-
-    enc = EVP_des_ede3_cbc();
-    if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-
-    args = argv + 1;
-
-
-    while (*args) {
-	if (*args[0] == '-') {
-		if (!strcmp (*args, "-nokeys")) options |= NOKEYS;
-		else if (!strcmp (*args, "-keyex")) keytype = KEY_EX;
-		else if (!strcmp (*args, "-keysig")) keytype = KEY_SIG;
-		else if (!strcmp (*args, "-nocerts")) options |= NOCERTS;
-		else if (!strcmp (*args, "-clcerts")) options |= CLCERTS;
-		else if (!strcmp (*args, "-cacerts")) options |= CACERTS;
-		else if (!strcmp (*args, "-noout")) options |= (NOKEYS|NOCERTS);
-		else if (!strcmp (*args, "-info")) options |= INFO;
-		else if (!strcmp (*args, "-chain")) chain = 1;
-		else if (!strcmp (*args, "-twopass")) twopass = 1;
-		else if (!strcmp (*args, "-nomacver")) macver = 0;
-		else if (!strcmp (*args, "-descert"))
-    			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-		else if (!strcmp (*args, "-export")) export_cert = 1;
-		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
-#ifndef NO_IDEA
-		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
-#endif
-		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
-		else if (!strcmp (*args, "-noiter")) iter = 1;
-		else if (!strcmp (*args, "-maciter"))
-					 maciter = PKCS12_DEFAULT_ITER;
-		else if (!strcmp (*args, "-nodes")) enc=NULL;
-		else if (!strcmp (*args, "-inkey")) {
-		    if (args[1]) {
-			args++;	
-			keyname = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-certfile")) {
-		    if (args[1]) {
-			args++;	
-			certfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-name")) {
-		    if (args[1]) {
-			args++;	
-			name = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-caname")) {
-		    if (args[1]) {
-			args++;	
-			if (!canames) canames = sk_new(NULL);
-			sk_push(canames, *args);
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-in")) {
-		    if (args[1]) {
-			args++;	
-			infile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-		    if (args[1]) {
-			args++;	
-			outfile = *args;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-envpass")) {
-		    if (args[1]) {
-			args++;	
-			if(!(cpass = getenv(*args))) {
-				BIO_printf(bio_err,
-				 "Can't read environment variable %s\n", *args);
-				goto end;
-			}
-			noprompt = 1;
-		    } else badarg = 1;
-		} else if (!strcmp (*args, "-password")) {
-		    if (args[1]) {
-			args++;	
-			cpass = *args;
-		    	noprompt = 1;
-		    } else badarg = 1;
-		} else badarg = 1;
-
-	} else badarg = 1;
-	args++;
-    }
-
-    if (badarg) {
-	BIO_printf (bio_err, "Usage: pkcs12 [options]\n");
-	BIO_printf (bio_err, "where options are\n");
-	BIO_printf (bio_err, "-export       output PKCS12 file\n");
-	BIO_printf (bio_err, "-chain        add certificate chain\n");
-	BIO_printf (bio_err, "-inkey file   private key if not infile\n");
-	BIO_printf (bio_err, "-certfile f   add all certs in f\n");
-	BIO_printf (bio_err, "-name \"name\"  use name as friendly name\n");
-	BIO_printf (bio_err, "-caname \"nm\"  use nm as CA friendly name (can be used more than once).\n");
-	BIO_printf (bio_err, "-in  infile   input filename\n");
-	BIO_printf (bio_err, "-out outfile  output filename\n");
-	BIO_printf (bio_err, "-noout        don't output anything, just verify.\n");
-	BIO_printf (bio_err, "-nomacver     don't verify MAC.\n");
-	BIO_printf (bio_err, "-nocerts      don't output certificates.\n");
-	BIO_printf (bio_err, "-clcerts      only output client certificates.\n");
-	BIO_printf (bio_err, "-cacerts      only output CA certificates.\n");
-	BIO_printf (bio_err, "-nokeys       don't output private keys.\n");
-	BIO_printf (bio_err, "-info         give info about PKCS#12 structure.\n");
-	BIO_printf (bio_err, "-des          encrypt private keys with DES\n");
-	BIO_printf (bio_err, "-des3         encrypt private keys with triple DES (default)\n");
-#ifndef NO_IDEA
-	BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
-#endif
-	BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
-	BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");
-	BIO_printf (bio_err, "-maciter      use MAC iteration\n");
-	BIO_printf (bio_err, "-twopass      separate MAC, encryption passwords\n");
-	BIO_printf (bio_err, "-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
-	BIO_printf (bio_err, "-keyex        set MS key exchange type\n");
-	BIO_printf (bio_err, "-keysig       set MS key signature type\n");
-	BIO_printf (bio_err, "-password p   set import/export password (NOT RECOMMENDED)\n");
-	BIO_printf (bio_err, "-envpass p    set import/export password from environment\n");
-    	goto end;
-    }
-
-    if(cpass) mpass = cpass;
-    else {
-	cpass = pass;
-	mpass = macpass;
-    }
-
-    ERR_load_crypto_strings();
-
-    if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
-    else in = BIO_new_file(infile, "rb");
-    if (!in) {
-	    BIO_printf(bio_err, "Error opening input file %s\n",
-						infile ? infile : "<stdin>");
-	    perror (infile);
-	    goto end;
-   }
-
-   if (certfile) {
-    	if(!(certsin = BIO_new_file(certfile, "r"))) {
-	    BIO_printf(bio_err, "Can't open certificate file %s\n", certfile);
-	    perror (certfile);
-	    goto end;
-	}
-    }
-
-    if (keyname) {
-    	if(!(inkey = BIO_new_file(keyname, "r"))) {
-	    BIO_printf(bio_err, "Can't key certificate file %s\n", keyname);
-	    perror (keyname);
-	    goto end;
-	}
-     }
-
-    if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
-    else out = BIO_new_file(outfile, "wb");
-    if (!out) {
-	BIO_printf(bio_err, "Error opening output file %s\n",
-						outfile ? outfile : "<stdout>");
-	perror (outfile);
-	goto end;
-    }
-    if (twopass) {
-	if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
-	{
-    	    BIO_printf (bio_err, "Can't read Password\n");
-    	    goto end;
-       	}
-    }
-
-if (export_cert) {
-	EVP_PKEY *key;
-	STACK *bags, *safes;
-	PKCS12_SAFEBAG *bag;
-	PKCS8_PRIV_KEY_INFO *p8;
-	PKCS7 *authsafe;
-	X509 *cert = NULL, *ucert = NULL;
-	STACK_OF(X509) *certs;
-	char *catmp;
-	int i;
-	unsigned char keyid[EVP_MAX_MD_SIZE];
-	unsigned int keyidlen = 0;
-	key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL);
-	if (!inkey) (void) BIO_reset(in);
-	if (!key) {
-		BIO_printf (bio_err, "Error loading private key\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	certs = sk_X509_new(NULL);
-
-	/* Load in all certs in input file */
-	if(!cert_load(in, certs)) {
-		BIO_printf(bio_err, "Error loading certificates from input\n");
-		ERR_print_errors(bio_err);
-		goto end;
-	}
-
-	for(i = 0; i < sk_X509_num(certs); i++) {
-		ucert = sk_X509_value(certs, i);
-		if(X509_check_private_key(ucert, key)) {
-			X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
-			break;
-		}
-	}
-
-	if(!keyidlen) {
-		BIO_printf(bio_err, "No certificate matches private key\n");
-		goto end;
-	}
-	
-	bags = sk_new (NULL);
-
-	/* Add any more certificates asked for */
-	if (certsin) {
-		if(!cert_load(certsin, certs)) {
-			BIO_printf(bio_err, "Error loading certificates from certfile\n");
-			ERR_print_errors(bio_err);
-			goto end;
-		}
-	    	BIO_free(certsin);
- 	}
-
-	/* If chaining get chain from user cert */
-	if (chain) {
-        	int vret;
-		STACK_OF(X509) *chain2;
-		vret = get_cert_chain (ucert, &chain2);
-		if (vret) {
-			BIO_printf (bio_err, "Error %s getting chain.\n",
-					X509_verify_cert_error_string(vret));
-			goto end;
-		}
-		/* Exclude verified certificate */
-		for (i = 1; i < sk_X509_num (chain2) ; i++) 
-				 sk_X509_push(certs, sk_X509_value (chain2, i));
-		sk_X509_free(chain2);
-			
-    	}
-
-	/* We now have loads of certificates: include them all */
-	for(i = 0; i < sk_X509_num(certs); i++) {
-		cert = sk_X509_value(certs, i);
-		bag = M_PKCS12_x5092certbag(cert);
-		/* If it matches private key set id */
-		if(cert == ucert) {
-			if(name) PKCS12_add_friendlyname(bag, name, -1);
-			PKCS12_add_localkeyid(bag, keyid, keyidlen);
-		} else if((catmp = sk_shift(canames))) 
-				PKCS12_add_friendlyname(bag, catmp, -1);
-		sk_push(bags, (char *)bag);
-	}
-
-	if (canames) sk_free(canames);
-
-	if(!noprompt &&
-		EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) {
-	    BIO_printf (bio_err, "Can't read Password\n");
-	    goto end;
-        }
-	if (!twopass) strcpy(macpass, pass);
-	/* Turn certbags into encrypted authsafe */
-	authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
-								 iter, bags);
-	sk_pop_free(bags, PKCS12_SAFEBAG_free);
-
-	if (!authsafe) {
-		ERR_print_errors (bio_err);
-		goto end;
-	}
-
-	safes = sk_new (NULL);
-	sk_push (safes, (char *)authsafe);
-
-	/* Make a shrouded key bag */
-	p8 = EVP_PKEY2PKCS8 (key);
-	EVP_PKEY_free(key);
-	if(keytype) PKCS8_add_keyusage(p8, keytype);
-	bag = PKCS12_MAKE_SHKEYBAG(NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
-			cpass, -1, NULL, 0, iter, p8);
-	PKCS8_PRIV_KEY_INFO_free(p8);
-        if (name) PKCS12_add_friendlyname (bag, name, -1);
-	PKCS12_add_localkeyid (bag, keyid, keyidlen);
-	bags = sk_new(NULL);
-	sk_push (bags, (char *)bag);
-	/* Turn it into unencrypted safe bag */
-	authsafe = PKCS12_pack_p7data (bags);
-	sk_pop_free(bags, PKCS12_SAFEBAG_free);
-	sk_push (safes, (char *)authsafe);
-
-	p12 = PKCS12_init (NID_pkcs7_data);
-
-	M_PKCS12_pack_authsafes (p12, safes);
-
-	sk_pop_free(safes, PKCS7_free);
-
-	PKCS12_set_mac (p12, mpass, -1, NULL, 0, maciter, NULL);
-
-	i2d_PKCS12_bio (out, p12);
-
-	PKCS12_free(p12);
-
-	ret = 0;
-	goto end;
-	
-    }
-
-    if (!(p12 = d2i_PKCS12_bio (in, NULL))) {
-	ERR_print_errors(bio_err);
-	goto end;
-    }
-
-    if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
-	BIO_printf (bio_err, "Can't read Password\n");
-	goto end;
-    }
-
-    if (!twopass) strcpy(macpass, pass);
-
-    if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
-    if(macver) {
-	if (!PKCS12_verify_mac (p12, mpass, -1)) {
-	    BIO_printf (bio_err, "Mac verify errror: invalid password?\n");
-	    ERR_print_errors (bio_err);
-	    goto end;
-	} else BIO_printf (bio_err, "MAC verified OK\n");
-    }
-
-    if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) {
-	BIO_printf(bio_err, "Error outputting keys and certificates\n");
-	ERR_print_errors (bio_err);
-	goto end;
-    }
-    PKCS12_free(p12);
-    ret = 0;
-    end:
-    BIO_free(out);
-    EXIT(ret);
-}
-
-int dump_cert_text (BIO *out, X509 *x)
-{
-	char buf[256];
-	X509_NAME_oneline(X509_get_subject_name(x),buf,256);
-	BIO_puts(out,"subject=");
-	BIO_puts(out,buf);
-
-	X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
-	BIO_puts(out,"\nissuer= ");
-	BIO_puts(out,buf);
-	BIO_puts(out,"\n");
-        return 0;
-}
-
-int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
-	     int passlen, int options)
-{
-	STACK *asafes, *bags;
-	int i, bagnid;
-	PKCS7 *p7;
-	if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0;
-	for (i = 0; i < sk_num (asafes); i++) {
-		p7 = (PKCS7 *) sk_value (asafes, i);
-		bagnid = OBJ_obj2nid (p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = M_PKCS12_unpack_p7data (p7);
-			if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n");
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			if (options & INFO) {
-				BIO_printf (bio_err, "PKCS7 Encrypted data: ");
-				alg_print (bio_err, 
-					p7->d.encrypted->enc_data->algorithm);
-			}
-			bags = M_PKCS12_unpack_p7encdata (p7, pass, passlen);
-		} else continue;
-		if (!bags) return 0;
-	    	if (!dump_certs_pkeys_bags (out, bags, pass, passlen, 
-							 options)) {
-			sk_pop_free (bags, PKCS12_SAFEBAG_free);
-			return 0;
-		}
-		sk_pop_free (bags, PKCS12_SAFEBAG_free);
-	}
-	sk_pop_free (asafes, PKCS7_free);
-	return 1;
-}
-
-int dump_certs_pkeys_bags (BIO *out, STACK *bags, char *pass,
-	     int passlen, int options)
-{
-	int i;
-	for (i = 0; i < sk_num (bags); i++) {
-		if (!dump_certs_pkeys_bag (out,
-			 (PKCS12_SAFEBAG *)sk_value (bags, i), pass, passlen,
-					 		options)) return 0;
-	}
-	return 1;
-}
-
-int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
-	     int passlen, int options)
-{
-	EVP_PKEY *pkey;
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509 *x509;
-	
-	switch (M_PKCS12_bag_type(bag))
-	{
-	case NID_keyBag:
-		if (options & INFO) BIO_printf (bio_err, "Key bag\n");
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		p8 = bag->value.keybag;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, NULL);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_pkcs8ShroudedKeyBag:
-		if (options & INFO) {
-			BIO_printf (bio_err, "Shrouded Keybag: ");
-			alg_print (bio_err, bag->value.shkeybag->algor);
-		}
-		if (options & NOKEYS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (!(p8 = M_PKCS12_decrypt_skey (bag, pass, passlen)))
-				return 0;
-		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
-		print_attribs (out, p8->attributes, "Key Attributes");
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, NULL);
-		EVP_PKEY_free(pkey);
-	break;
-
-	case NID_certBag:
-		if (options & INFO) BIO_printf (bio_err, "Certificate bag\n");
-		if (options & NOCERTS) return 1;
-                if (PKCS12_get_attr(bag, NID_localKeyID)) {
-			if (options & CACERTS) return 1;
-		} else if (options & CLCERTS) return 1;
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-								 return 1;
-		if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0;
-		dump_cert_text (out, x509);
-		PEM_write_bio_X509 (out, x509);
-		X509_free(x509);
-	break;
-
-	case NID_safeContentsBag:
-		if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n");
-		print_attribs (out, bag->attrib, "Bag Attributes");
-		return dump_certs_pkeys_bags (out, bag->value.safes, pass,
-							    passlen, options);
-					
-	default:
-		BIO_printf (bio_err, "Warning unsupported bag type: ");
-		i2a_ASN1_OBJECT (bio_err, bag->type);
-		BIO_printf (bio_err, "\n");
-		return 1;
-	break;
-	}
-	return 1;
-}
-
-/* Given a single certificate return a verified chain or NULL if error */
-
-/* Hope this is OK .... */
-
-int get_cert_chain (X509 *cert, STACK_OF(X509) **chain)
-{
-	X509_STORE *store;
-	X509_STORE_CTX store_ctx;
-	STACK_OF(X509) *chn;
-	int i;
-	X509 *x;
-	store = X509_STORE_new ();
-	X509_STORE_set_default_paths (store);
-	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
-	if (X509_verify_cert(&store_ctx) <= 0) {
-		i = X509_STORE_CTX_get_error (&store_ctx);
-		goto err;
-	}
-	chn =  sk_X509_dup(X509_STORE_CTX_get_chain (&store_ctx));
-	for (i = 0; i < sk_X509_num(chn); i++) {
-		x = sk_X509_value(chn, i);
-		CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
-	}
-	i = 0;
-	*chain = chn;
-err:
-	X509_STORE_CTX_cleanup(&store_ctx);
-	X509_STORE_free(store);
-	
-	return i;
-}	
-
-int alg_print (BIO *x, X509_ALGOR *alg)
-{
-	PBEPARAM *pbe;
-	unsigned char *p;
-	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
-	BIO_printf (bio_err, "%s, Iteration %d\n", 
-	OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), ASN1_INTEGER_get(pbe->iter));
-	PBEPARAM_free (pbe);
-	return 0;
-}
-
-/* Load all certificates from a given file */
-
-int cert_load(BIO *in, STACK_OF(X509) *sk)
-{
-	int ret;
-	X509 *cert;
-	ret = 0;
-	while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
-		ret = 1;
-		sk_X509_push(sk, cert);
-	}
-	if(ret) ERR_clear_error();
-	return ret;
-}
-
-/* Generalised attribute print: handle PKCS#8 and bag attributes */
-
-int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name)
-{
-	X509_ATTRIBUTE *attr;
-	ASN1_TYPE *av;
-	char *value;
-	int i, attr_nid;
-	if(!attrlst) {
-		BIO_printf(out, "%s: <No Attributes>\n", name);
-		return 1;
-	}
-	if(!sk_X509_ATTRIBUTE_num(attrlst)) {
-		BIO_printf(out, "%s: <Empty Attributes>\n", name);
-		return 1;
-	}
-	BIO_printf(out, "%s\n", name);
-	for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
-		attr = sk_X509_ATTRIBUTE_value(attrlst, i);
-		attr_nid = OBJ_obj2nid(attr->object);
-		BIO_printf(out, "    ");
-		if(attr_nid == NID_undef) {
-			i2a_ASN1_OBJECT (out, attr->object);
-			BIO_printf(out, ": ");
-		} else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
-
-		if(sk_ASN1_TYPE_num(attr->value.set)) {
-			av = sk_ASN1_TYPE_value(attr->value.set, 0);
-			switch(av->type) {
-				case V_ASN1_BMPSTRING:
-        			value = uni2asc(av->value.bmpstring->data,
-                                	       av->value.bmpstring->length);
-				BIO_printf(out, "%s\n", value);
-				Free(value);
-				break;
-
-				case V_ASN1_OCTET_STRING:
-				hex_prin(out, av->value.bit_string->data,
-					av->value.bit_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				case V_ASN1_BIT_STRING:
-				hex_prin(out, av->value.octet_string->data,
-					av->value.octet_string->length);
-				BIO_printf(out, "\n");	
-				break;
-
-				default:
-					BIO_printf(out, "<Unsupported tag %d>\n", av->type);
-				break;
-			}
-		} else BIO_printf(out, "<No Values>\n");
-	}
-	return 1;
-}
-
-void hex_prin(BIO *out, unsigned char *buf, int len)
-{
-	int i;
-	for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]);
-}
-
-#endif
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -1,5 +1,5 @@
 /* apps/pkcs7.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -61,12 +61,12 @@
 #include <string.h>
 #include <time.h>
 #include "apps.h"
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
+#include "err.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"

 #undef PROG
 #define PROG	pkcs7_main
@@ -81,13 +81,13 @@
 * -print_certs
 */

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	PKCS7 *p7=NULL;
 	int i,badops=0;
-#if !defined(NO_DES) || !defined(NO_IDEA)
 	EVP_CIPHER *enc=NULL;
-#endif
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat;
 	char *infile,*outfile,*prog,buf[256];
@@ -98,7 +98,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -159,7 +159,7 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -outform arg  output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -print_certs  print any certs or crl in the input\n");
 		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
@@ -195,7 +195,7 @@ bad:
 	if	(informat == FORMAT_ASN1)
 		p7=d2i_PKCS7_bio(in,NULL);
 	else if (informat == FORMAT_PEM)
-		p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
+		p7=PEM_read_bio_PKCS7(in,NULL,NULL);
 	else
 		{
 		BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
@@ -221,8 +221,8 @@ bad:

 	if (print_certs)
 		{
-		STACK_OF(X509) *certs=NULL;
-		STACK_OF(X509_CRL) *crls=NULL;
+		STACK *certs=NULL;
+		STACK *crls=NULL;

 		i=OBJ_obj2nid(p7->type);
 		switch (i)
@@ -243,9 +243,9 @@ bad:
 			{
 			X509 *x;

-			for (i=0; i<sk_X509_num(certs); i++)
+			for (i=0; i<sk_num(certs); i++)
 				{
-				x=sk_X509_value(certs,i);
+				x=(X509 *)sk_value(certs,i);

 				X509_NAME_oneline(X509_get_subject_name(x),
 					buf,256);
@@ -266,18 +266,18 @@ bad:
 			{
 			X509_CRL *crl;

-			for (i=0; i<sk_X509_CRL_num(crls); i++)
+			for (i=0; i<sk_num(crls); i++)
 				{
-				crl=sk_X509_CRL_value(crls,i);
+				crl=(X509_CRL *)sk_value(crls,i);

 				X509_NAME_oneline(crl->crl->issuer,buf,256);
 				BIO_puts(out,"issuer= ");
 				BIO_puts(out,buf);

 				BIO_puts(out,"\nlast update=");
-				ASN1_TIME_print(out,crl->crl->lastUpdate);
+				ASN1_UTCTIME_print(out,crl->crl->lastUpdate);
 				BIO_puts(out,"\nnext update=");
-				ASN1_TIME_print(out,crl->crl->nextUpdate);
+				ASN1_UTCTIME_print(out,crl->crl->nextUpdate);
 				BIO_puts(out,"\n");

 				PEM_write_bio_X509_CRL(out,crl);
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -1,274 +0,0 @@
-/* pkcs8.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-
-#include "apps.h"
-#define PROG pkcs8_main
-
-
-int MAIN(int argc, char **argv)
-{
-	char **args, *infile = NULL, *outfile = NULL;
-	BIO *in = NULL, *out = NULL;
-	int topk8 = 0;
-	int pbe_nid = -1;
-	const EVP_CIPHER *cipher = NULL;
-	int iter = PKCS12_DEFAULT_ITER;
-	int informat, outformat;
-	int p8_broken = PKCS8_OK;
-	int nocrypt = 0;
-	X509_SIG *p8;
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	EVP_PKEY *pkey;
-	char pass[50];
-	int badarg = 0;
-	if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
-	informat=FORMAT_PEM;
-	outformat=FORMAT_PEM;
-	ERR_load_crypto_strings();
-	SSLeay_add_all_algorithms();
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp(*args,"-v2")) {
-			if (args[1]) {
-				args++;
-				cipher=EVP_get_cipherbyname(*args);
-				if(!cipher) {
-					BIO_printf(bio_err,
-						 "Unknown cipher %s\n", *args);
-					badarg = 1;
-				}
-			} else badarg = 1;
-		} else if (!strcmp(*args,"-inform")) {
-			if (args[1]) {
-				args++;
-				informat=str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp(*args,"-outform")) {
-			if (args[1]) {
-				args++;
-				outformat=str2fmt(*args);
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-topk8")) topk8 = 1;
-		else if (!strcmp (*args, "-noiter")) iter = 1;
-		else if (!strcmp (*args, "-nocrypt")) nocrypt = 1;
-		else if (!strcmp (*args, "-nooct")) p8_broken = PKCS8_NO_OCTET;
-		else if (!strcmp (*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else badarg = 1;
-		} else if (!strcmp (*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else badarg = 1;
-		} else badarg = 1;
-		args++;
-	}
-
-	if (badarg) {
-		BIO_printf (bio_err, "Usage pkcs8 [options]\n");
-		BIO_printf (bio_err, "where options are\n");
-		BIO_printf (bio_err, "-in file   input file\n");
-		BIO_printf (bio_err, "-inform X  input format (DER or PEM)\n");
-		BIO_printf (bio_err, "-outform X output format (DER or PEM)\n");
-		BIO_printf (bio_err, "-out file  output file\n");
-		BIO_printf (bio_err, "-topk8     output PKCS8 file\n");
-		BIO_printf (bio_err, "-nooct     use (broken) no octet form\n");
-		BIO_printf (bio_err, "-noiter    use 1 as iteration count\n");
-		BIO_printf (bio_err, "-nocrypt   use or expect unencrypted private key\n");
-		BIO_printf (bio_err, "-v2 alg    use PKCS#5 v2.0 and cipher \"alg\"\n");
-		return (1);
-	}
-
-	if ((pbe_nid == -1) && !cipher) pbe_nid = NID_pbeWithMD5AndDES_CBC;
-
-	if (infile) {
-		if (!(in = BIO_new_file (infile, "rb"))) {
-			BIO_printf (bio_err,
-				 "Can't open input file %s\n", infile);
-			return (1);
-		}
-	} else in = BIO_new_fp (stdin, BIO_NOCLOSE);
-
-	if (outfile) {
-		if (!(out = BIO_new_file (outfile, "wb"))) {
-			BIO_printf (bio_err,
-				 "Can't open output file %s\n", outfile);
-			return (1);
-		}
-	} else out = BIO_new_fp (stdout, BIO_NOCLOSE);
-
-	if (topk8) {
-		if (!(pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL))) {
-			BIO_printf (bio_err, "Error reading key\n", outfile);
-			ERR_print_errors(bio_err);
-			return (1);
-		}
-		BIO_free(in);
-		if (!(p8inf = EVP_PKEY2PKCS8(pkey))) {
-			BIO_printf (bio_err, "Error converting key\n", outfile);
-			ERR_print_errors(bio_err);
-			return (1);
-		}
-		PKCS8_set_broken(p8inf, p8_broken);
-		if(nocrypt) {
-			if(outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
-			else if(outformat == FORMAT_ASN1)
-				i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
-			else {
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				return (1);
-			}
-		} else {
-			EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);
-			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
-					pass, strlen(pass),
-					NULL, 0, iter, p8inf))) {
-				BIO_printf (bio_err, "Error encrypting key\n",
-								 outfile);
-				ERR_print_errors(bio_err);
-				return (1);
-			}
-			if(outformat == FORMAT_PEM) 
-				PEM_write_bio_PKCS8 (out, p8);
-			else if(outformat == FORMAT_ASN1)
-				i2d_PKCS8_bio(out, p8);
-			else {
-				BIO_printf(bio_err, "Bad format specified for key\n");
-				return (1);
-			}
-			X509_SIG_free(p8);
-		}
-		PKCS8_PRIV_KEY_INFO_free (p8inf);
-		EVP_PKEY_free(pkey);
-		BIO_free(out);
-		return (0);
-	}
-
-	if(nocrypt) {
-		if(informat == FORMAT_PEM) 
-			p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
-		else if(informat == FORMAT_ASN1)
-			p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
-		else {
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
-		}
-	} else {
-		if(informat == FORMAT_PEM) 
-			p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
-		else if(informat == FORMAT_ASN1)
-			p8 = d2i_PKCS8_bio(in, NULL);
-		else {
-			BIO_printf(bio_err, "Bad format specified for key\n");
-			return (1);
-		}
-
-		if (!p8) {
-			BIO_printf (bio_err, "Error reading key\n", outfile);
-			ERR_print_errors(bio_err);
-			return (1);
-		}
-		EVP_read_pw_string(pass, 50, "Enter Password:", 0);
-		p8inf = M_PKCS8_decrypt(p8, pass, strlen(pass));
-		X509_SIG_free(p8);
-	}
-
-	if (!p8inf) {
-		BIO_printf(bio_err, "Error decrypting key\n", outfile);
-		ERR_print_errors(bio_err);
-		return (1);
-	}
-
-	if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
-		BIO_printf(bio_err, "Error converting key\n", outfile);
-		ERR_print_errors(bio_err);
-		return (1);
-	}
-	
-	if (p8inf->broken) {
-		BIO_printf(bio_err, "Warning: broken key encoding: ");
-		switch (p8inf->broken) {
-			case PKCS8_NO_OCTET:
-			BIO_printf(bio_err, "No Octet String\n");
-			break;
-
-			default:
-			BIO_printf(bio_err, "Unknown broken type\n");
-			break;
-		}
-	}
-	
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-
-	PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, NULL);
-
-	EVP_PKEY_free(pkey);
-	BIO_free(out);
-	BIO_free(in);
-
-	return (0);
-}
--- a/apps/privkey.pem
+++ b/apps/privkey.pem
@@ -1,18 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
+-----BEGIN DSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
+DEK-Info: DES-EDE3-CBC,2221AF3DAA41AB24

-6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
-Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
-F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
-XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
-jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
-vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
-JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
-PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
-POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
-gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
-8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
-Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
-dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
-----END RSA PRIVATE KEY-----
+IOx3ubYOV2SETDSWiuG4bsioEl7jA2CulYKAJvIfy8z5GI+08NwptNOUqbMhDV1s
+156KhUvBvG48uz9mxcOyHjZRD0HNixGNMXDaFJSajINFoGtmYZRc20DEoY6buzsi
+E76GK95cJHsjJsdNrdggIJRTaiLayLzsMFVDrKhmaJVTKlBpcdnFM4BEKSyD2H5N
+OllrfK6GgmlH+WVXU9AlXoy5Jm0YXT7i5bPCB5eDDL/GkTISFHZsnEYpHCrMARsw
+5V15dYEwFc6NA/psBGk1qS2CHVIOYNcfCfndR90+UCos+rMBkcQDfvxI95+L8dbS
+ONJJrUqiCHV/zYSE+aXZN001mJJLvHOW65YbgdwSOfiowcv7HPbFrGdwOOJvSEx2
+d571YvqfsaDojwR5KLgfFDSwVBwzo/mfcFeVrT9Q8LwPL4/dwwoElWTmYbSaW0uZ
+Ov73xRUbVGa5LTJoGbFVMvjpmEO2qtBsx7vq9AT8v8gDzYSuEafyC7d0h85EIfTJ
+wPlIN3xKTiqFpp/eFCkdKqNn826NoC1TgQuoCBIrJ8gZsIr1l8R+iAuGxKGPASoF
+cyqnpcqGgaaTrxnk9cX4dQ==
+-----END DSA PRIVATE KEY-----
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -1,5 +1,4 @@
-/* This file was generated by progs.pl. */
-
+#ifndef NOPROTO
 extern int verify_main(int argc,char *argv[]);
 extern int asn1parse_main(int argc,char *argv[]);
 extern int req_main(int argc,char *argv[]);
@@ -7,6 +6,7 @@ extern int dgst_main(int argc,char *argv[]);
 extern int dh_main(int argc,char *argv[]);
 extern int enc_main(int argc,char *argv[]);
 extern int gendh_main(int argc,char *argv[]);
+extern int gendsa_main(int argc,char *argv[]);
 extern int errstr_main(int argc,char *argv[]);
 extern int ca_main(int argc,char *argv[]);
 extern int crl_main(int argc,char *argv[]);
@@ -15,7 +15,6 @@ extern int dsa_main(int argc,char *argv[]);
 extern int dsaparam_main(int argc,char *argv[]);
 extern int x509_main(int argc,char *argv[]);
 extern int genrsa_main(int argc,char *argv[]);
-extern int gendsa_main(int argc,char *argv[]);
 extern int s_server_main(int argc,char *argv[]);
 extern int s_client_main(int argc,char *argv[]);
 extern int speed_main(int argc,char *argv[]);
@@ -25,11 +24,35 @@ extern int pkcs7_main(int argc,char *argv[]);
 extern int crl2pkcs7_main(int argc,char *argv[]);
 extern int sess_id_main(int argc,char *argv[]);
 extern int ciphers_main(int argc,char *argv[]);
-extern int nseq_main(int argc,char *argv[]);
-extern int pkcs12_main(int argc,char *argv[]);
-extern int pkcs8_main(int argc,char *argv[]);
+#else
+extern int verify_main();
+extern int asn1parse_main();
+extern int req_main();
+extern int dgst_main();
+extern int dh_main();
+extern int enc_main();
+extern int gendh_main();
+extern int gendsa_main();
+extern int errstr_main();
+extern int ca_main();
+extern int crl_main();
+extern int rsa_main();
+extern int dsa_main();
+extern int dsaparam_main();
+extern int x509_main();
+extern int genrsa_main();
+extern int s_server_main();
+extern int s_client_main();
+extern int speed_main();
+extern int s_time_main();
+extern int version_main();
+extern int pkcs7_main();
+extern int crl2pkcs7_main();
+extern int sess_id_main();
+extern int ciphers_main();
+#endif

-#ifdef SSLEAY_SRC  /* Defined only in openssl.c. */
+#ifdef SSLEAY_SRC

 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
@@ -44,7 +67,9 @@ typedef struct {
 FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"verify",verify_main},
 	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
+#ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"req",req_main},
+#endif
 	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
 #ifndef NO_DH
 	{FUNC_TYPE_GENERAL,"dh",dh_main},
@@ -52,9 +77,14 @@ FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"enc",enc_main},
 #ifndef NO_DH
 	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
+#endif
+#ifndef NO_DSA
+	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
 #endif
 	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
+#ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"ca",ca_main},
+#endif
 	{FUNC_TYPE_GENERAL,"crl",crl_main},
 #ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
@@ -65,13 +95,12 @@ FUNCTION functions[] = {
 #ifndef NO_DSA
 	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
 #endif
+#ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"x509",x509_main},
+#endif
 #ifndef NO_RSA
 	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
 #endif
-#ifndef NO_DSA
-	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
-#endif
 #if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
 	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
 #endif
@@ -86,20 +115,14 @@ FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
 	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
 	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
-#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(NO_SSL3))
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
 	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
 #endif
-	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
-#if !defined(NO_DES) && !defined(NO_SHA1)
-	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
-#endif
-	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
 	{FUNC_TYPE_MD,"md2",dgst_main},
 	{FUNC_TYPE_MD,"md5",dgst_main},
 	{FUNC_TYPE_MD,"sha",dgst_main},
 	{FUNC_TYPE_MD,"sha1",dgst_main},
 	{FUNC_TYPE_MD,"mdc2",dgst_main},
-	{FUNC_TYPE_MD,"rmd160",dgst_main},
 	{FUNC_TYPE_CIPHER,"base64",enc_main},
 #ifndef NO_DES
 	{FUNC_TYPE_CIPHER,"des",enc_main},
@@ -119,15 +142,9 @@ FUNCTION functions[] = {
 #ifndef NO_RC2
 	{FUNC_TYPE_CIPHER,"rc2",enc_main},
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf",enc_main},
 #endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5",enc_main},
-#endif
 #ifndef NO_DES
 	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
 #endif
@@ -188,44 +205,17 @@ FUNCTION functions[] = {
 #ifndef NO_RC2
 	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
-#endif
-#ifndef NO_CAST
-	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
-#endif
-#ifndef NO_RC5
-	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
 #endif
 	{0,NULL,NULL}
 	};
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -1,15 +1,23 @@
 #!/usr/local/bin/perl

-print "/* This file was generated by progs.pl. */\n\n";
+$mkprog='mklinks';
+$rmprog='rmlinks';
+
+print "#ifndef NOPROTO\n";

 grep(s/^asn1pars$/asn1parse/,@ARGV);

 foreach (@ARGV)
 	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+print "#else\n";
+foreach (@ARGV)
+	{ printf "extern int %s_main();\n",$_; }
+print "#endif\n";
+

 print <<'EOF';

-#ifdef SSLEAY_SRC  /* Defined only in openssl.c. */
+#ifdef SSLEAY_SRC

 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
@@ -30,7 +38,8 @@ foreach (@ARGV)
 	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
 	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
 		{ print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; } 
-	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ) 
+	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
+		($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
 		{ print "#ifndef NO_RSA\n${str}#endif\n";  }
 	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
 		{ print "#ifndef NO_DSA\n${str}#endif\n"; }
@@ -40,7 +49,7 @@ foreach (@ARGV)
 		{ print $str; }
 	}

-foreach ("md2","md5","sha","sha1","mdc2","rmd160")
+foreach ("md2","md5","sha","sha1","mdc2")
 	{
 	push(@files,$_);
 	printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
@@ -48,16 +57,14 @@ foreach ("md2","md5","sha","sha1","mdc2","rmd160")

 foreach (
 	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc2","bf","cast","rc5",
+	"des", "des3", "desx", "idea", "rc4", "rc2","bf",
 	"des-ecb", "des-ede",    "des-ede3",
 	"des-cbc", "des-ede-cbc","des-ede3-cbc",
 	"des-cfb", "des-ede-cfb","des-ede3-cfb",
 	"des-ofb", "des-ede-ofb","des-ede3-ofb",
 	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
 	"rc2-cbc", "rc2-ecb",    "rc2-cfb",  "rc2-ofb",
-	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
-	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
-	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
+	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb")
 	{
 	push(@files,$_);

@@ -66,12 +73,38 @@ foreach (
 	elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
 	elsif ($_ =~ /rc4/)  { $t="#ifndef NO_RC4\n${t}#endif\n"; }
 	elsif ($_ =~ /rc2/)  { $t="#ifndef NO_RC2\n${t}#endif\n"; }
-	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BF\n${t}#endif\n"; }
-	elsif ($_ =~ /cast/) { $t="#ifndef NO_CAST\n${t}#endif\n"; }
-	elsif ($_ =~ /rc5/)  { $t="#ifndef NO_RC5\n${t}#endif\n"; }
+	elsif ($_ =~ /bf/)   { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
 	print $t;
 	}

 print "\t{0,NULL,NULL}\n\t};\n";
 print "#endif\n\n";

+open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+	{ print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
+EOF
+close(OUT);
+chmod(0755,$mkprog);
+
+open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+	{ print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo removing $i
+/bin/rm -f $i
+done
+EOF
+close(OUT);
+chmod(0755,$rmprog);
--- a/apps/req.c
+++ b/apps/req.c
@@ -1,5 +1,5 @@
 /* apps/req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,20 +60,19 @@
 #include <stdlib.h>
 #include <time.h>
 #include <string.h>
-#ifdef NO_STDIO
+#ifdef WIN16
 #define APPS_WIN16
 #endif
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "evp.h"
+#include "rand.h"
+#include "conf.h"
+#include "err.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"

 #define SECTION		"req"

@@ -81,7 +80,6 @@
 #define KEYFILE		"default_keyfile"
 #define DISTINGUISHED_NAME	"distinguished_name"
 #define ATTRIBUTES	"attributes"
-#define V3_EXTENSIONS	"x509_extensions"

 #define DEFAULT_KEY_LENGTH	512
 #define MIN_KEY_LENGTH		384
@@ -107,16 +105,22 @@
 *		  require.  This format is wrong
 */

+#ifndef NOPROTO
 static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,int attribs);
-static int add_attribute_object(STACK_OF(X509_ATTRIBUTE) *n, char *text,
-				char *def, char *value, int nid, int min,
-				int max);
+static int add_attribute_object(STACK *n, char *text, char *def, 
+	char *value, int nid,int min,int max);
 static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
 	int nid,int min,int max);
-static void MS_CALLBACK req_cb(int p,int n,void *arg);
+static void MS_CALLBACK req_cb(int p,int n);
 static int req_fix_data(int nid,int *type,int len,int min,int max);
-static int check_end(char *str, char *end);
-static int add_oid_section(LHASH *conf);
+#else
+static int make_REQ();
+static int add_attribute_object();
+static int add_DN_object();
+static void MS_CALLBACK req_cb();
+static int req_fix_data();
+#endif
+
 #ifndef MONOLITH
 static char *default_config_file=NULL;
 static LHASH *config=NULL;
@@ -127,11 +131,11 @@ static LHASH *req_conf=NULL;
 #define TYPE_DSA	2
 #define TYPE_DH		3

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
-#ifndef NO_DSA
 	DSA *dsa_params=NULL;
-#endif
 	int ex=1,x509=0,days=30;
 	X509 *x509ss=NULL;
 	X509_REQ *req=NULL;
@@ -141,11 +145,10 @@ int MAIN(int argc, char **argv)
 	int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
 	int nodes=0,kludge=0;
 	char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
-	char *extensions = NULL;
 	EVP_CIPHER *cipher=NULL;
 	int modulus=0;
 	char *p;
-	const EVP_MD *md_alg=NULL,*digest=EVP_md5();
+	EVP_MD *md_alg=NULL,*digest=EVP_md5();
 #ifndef MONOLITH
 	MS_STATIC char config_name[256];
 #endif
@@ -157,7 +160,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -216,21 +219,16 @@ int MAIN(int argc, char **argv)
 			}
 		else if (strcmp(*argv,"-newkey") == 0)
 			{
-			int is_numeric;
-
 			if (--argc < 1) goto bad;
 			p= *(++argv);
-			is_numeric = p[0] >= '0' && p[0] <= '9';
-			if (strncmp("rsa:",p,4) == 0 || is_numeric)
+			if ((strncmp("rsa:",p,4) == 0) ||
+				((p[0] >= '0') && (p[0] <= '9')))
 				{
 				pkey_type=TYPE_RSA;
-				if(!is_numeric)
-				    p+=4;
+				p+=4;
 				newkey= atoi(p);
 				}
-			else
-#ifndef NO_DSA
-				if (strncmp("dsa:",p,4) == 0)
+			else if (strncmp("dsa:",p,4) == 0)
 				{
 				X509 *xtmp=NULL;
 				EVP_PKEY *dtmp;
@@ -242,41 +240,36 @@ int MAIN(int argc, char **argv)
 					perror(p);
 					goto end;
 					}
-				if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
+				if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
 					{
 					ERR_clear_error();
-					(void)BIO_reset(in);
-					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
+					BIO_reset(in);
+					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
 						{
 						BIO_printf(bio_err,"unable to load DSA parameters from file\n");
 						goto end;
 						}
-
 					dtmp=X509_get_pubkey(xtmp);
 					if (dtmp->type == EVP_PKEY_DSA)
 						dsa_params=DSAparams_dup(dtmp->pkey.dsa);
-					EVP_PKEY_free(dtmp);
 					X509_free(xtmp);
 					if (dsa_params == NULL)
 						{
 						BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
 						goto end;
 						}
+					
 					}
 				BIO_free(in);
 				newkey=BN_num_bits(dsa_params->p);
 				in=NULL;
 				}
-			else 
-#endif
-#ifndef NO_DH
-				if (strncmp("dh:",p,4) == 0)
+			else if (strncmp("dh:",p,4) == 0)
 				{
 				pkey_type=TYPE_DH;
 				p+=3;
 				}
 			else
-#endif
 				pkey_type=TYPE_RSA;

 			newreq=1;
@@ -326,7 +319,7 @@ bad:
 		BIO_printf(bio_err,"where options  are\n");
 		BIO_printf(bio_err," -inform arg    input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -outform arg   output format - one of DER TXT PEM\n");
-		BIO_printf(bio_err," -in arg        input file\n");
+		BIO_printf(bio_err," -in arg        inout file\n");
 		BIO_printf(bio_err," -out arg       output file\n");
 		BIO_printf(bio_err," -text          text form of request\n");
 		BIO_printf(bio_err," -noout         do not output REQ\n");
@@ -340,7 +333,7 @@ bad:
 		BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");

 		BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, md2, mdc2)\n");
-		BIO_printf(bio_err," -config file   request template file.\n");
+		BIO_printf(bio_err," -config file   request templace file.\n");
 		BIO_printf(bio_err," -new           new request.\n");
 		BIO_printf(bio_err," -x509          output a x509 structure instead of a cert. req.\n");
 		BIO_printf(bio_err," -days          number of days a x509 generated by -x509 is valid for.\n");
@@ -351,20 +344,15 @@ bad:
 		}

 	ERR_load_crypto_strings();
-	X509V3_add_standard_extensions();

 #ifndef MONOLITH
 	/* Lets load up our environment a little */
-	p=getenv("OPENSSL_CONF");
-	if (p == NULL)
-		p=getenv("SSLEAY_CONF");
+	p=getenv("SSLEAY_CONF");
 	if (p == NULL)
 		{
 		strcpy(config_name,X509_get_default_cert_area());
-#ifndef VMS
-		strcat(config_name,"/");
-#endif
-		strcat(config_name,OPENSSL_CONF);
+		strcat(config_name,"/lib/");
+		strcat(config_name,SSLEAY_CONF);
 		p=config_name;
 		}
        default_config_file=p;
@@ -394,30 +382,6 @@ bad:
 			}
 		}

-	if (req_conf != NULL)
-		{
-		p=CONF_get_string(req_conf,NULL,"oid_file");
-		if (p != NULL)
-			{
-			BIO *oid_bio;
-
-			oid_bio=BIO_new_file(p,"r");
-			if (oid_bio == NULL) 
-				{
-				/*
-				BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
-				ERR_print_errors(bio_err);
-				*/
-				}
-			else
-				{
-				OBJ_create_objects(oid_bio);
-				BIO_free(oid_bio);
-				}
-			}
-		}
-		if(!add_oid_section(req_conf)) goto end;
-
 	if ((md_alg == NULL) &&
 		((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
 		{
@@ -425,19 +389,6 @@ bad:
 			digest=md_alg;
 		}

-	extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
-	if(extensions) {
-		/* Check syntax of file */
-		X509V3_CTX ctx;
-		X509V3_set_ctx_test(&ctx);
-		X509V3_set_conf_lhash(&ctx, req_conf);
-		if(!X509V3_EXT_add_conf(req_conf, &ctx, extensions, NULL)) {
-			BIO_printf(bio_err,
-			 "Error Loading extension section %s\n", extensions);
-			goto end;
-		}
-	}
-
 	in=BIO_new(BIO_s_file());
 	out=BIO_new(BIO_s_file());
 	if ((in == NULL) || (out == NULL))
@@ -455,7 +406,7 @@ bad:
 			rsa=d2i_RSAPrivateKey_bio(in,NULL);
 		else */
 		if (keyform == FORMAT_PEM)
-			pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,NULL);
+			pkey=PEM_read_bio_PrivateKey(in,NULL,NULL);
 		else
 			{
 			BIO_printf(bio_err,"bad input format specified for X509 request\n");
@@ -512,8 +463,7 @@ bad:
 		if (pkey_type == TYPE_RSA)
 			{
 			if (!EVP_PKEY_assign_RSA(pkey,
-				RSA_generate_key(newkey,0x10001,
-					req_cb,bio_err)))
+				RSA_generate_key(newkey,0x10001,req_cb)))
 				goto end;
 			}
 		else
@@ -560,7 +510,7 @@ bad:
 		i=0;
 loop:
 		if (!PEM_write_bio_PrivateKey(out,pkey,cipher,
-			NULL,0,NULL,NULL))
+			NULL,0,NULL))
 			{
 			if ((ERR_GET_REASON(ERR_peek_error()) ==
 				PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3))
@@ -594,7 +544,7 @@ loop:
 		if	(informat == FORMAT_ASN1)
 			req=d2i_X509_REQ_bio(in,NULL);
 		else if (informat == FORMAT_PEM)
-			req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL);
+			req=PEM_read_bio_X509_REQ(in,NULL,NULL);
 		else
 			{
 			BIO_printf(bio_err,"bad input format specified for X509 request\n");
@@ -609,10 +559,8 @@ loop:

 	if (newreq || x509)
 		{
-#ifndef NO_DSA
 		if (pkey->type == EVP_PKEY_DSA)
 			digest=EVP_dss1();
-#endif

 		if (pkey == NULL)
 			{
@@ -638,12 +586,12 @@ loop:
 			}
 		if (x509)
 			{
-			EVP_PKEY *tmppkey;
-			X509V3_CTX ext_ctx;
 			if ((x509ss=X509_new()) == NULL) goto end;

-			/* Set version to V3 */
-			if(!X509_set_version(x509ss, 2)) goto end;
+			/* don't set the version number, for starters
+			 * the field is null and second, null is v0 
+			 * if (!ASN1_INTEGER_set(ci->version,0L)) goto end;
+			 */
 			ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);

 			X509_set_issuer_name(x509ss,
@@ -653,24 +601,7 @@ loop:
 				(long)60*60*24*days);
 			X509_set_subject_name(x509ss,
 				X509_REQ_get_subject_name(req));
-			tmppkey = X509_REQ_get_pubkey(req);
-			X509_set_pubkey(x509ss,tmppkey);
-			EVP_PKEY_free(tmppkey);
-
-			/* Set up V3 context struct */
-
-			X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0);
-			X509V3_set_conf_lhash(&ext_ctx, req_conf);
-
-			/* Add extensions */
-			if(extensions && !X509V3_EXT_add_conf(req_conf, 
-				 	&ext_ctx, extensions, x509ss))
-			    {
-			    BIO_printf(bio_err,
-				       "Error Loading extension section %s\n",
-				       extensions);
-			    goto end;
-			    }
+			X509_set_pubkey(x509ss,X509_REQ_get_pubkey(req));

 			if (!(i=X509_sign(x509ss,pkey,digest)))
 				goto end;
@@ -694,10 +625,7 @@ loop:
 			}

 		i=X509_REQ_verify(req,pkey);
-		if (tmp) {
-			EVP_PKEY_free(pkey);
-			pkey=NULL;
-		}
+		if (tmp) pkey=NULL;

 		if (i < 0)
 			{
@@ -754,11 +682,9 @@ loop:
 			goto end; 
 			}
 		fprintf(stdout,"Modulus=");
-#ifndef NO_RSA
 		if (pubkey->type == EVP_PKEY_RSA)
 			BN_print(out,pubkey->pkey.rsa->n);
 		else
-#endif
 			fprintf(stdout,"Wrong Algorithm type");
 		fprintf(stdout,"\n");
 		}
@@ -802,28 +728,27 @@ end:
 		ERR_print_errors(bio_err);
 		}
 	if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf);
-	BIO_free(in);
-	BIO_free(out);
-	EVP_PKEY_free(pkey);
-	X509_REQ_free(req);
-	X509_free(x509ss);
-	X509V3_EXT_cleanup();
-	OBJ_cleanup();
-#ifndef NO_DSA
+	if (in != NULL) BIO_free(in);
+	if (out != NULL) BIO_free(out);
+	if (pkey != NULL) EVP_PKEY_free(pkey);
+	if (req != NULL) X509_REQ_free(req);
+	if (x509ss != NULL) X509_free(x509ss);
 	if (dsa_params != NULL) DSA_free(dsa_params);
-#endif
 	EXIT(ex);
 	}

-static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
+static int make_REQ(req,pkey,attribs)
+X509_REQ *req;
+EVP_PKEY *pkey;
+int attribs;
 	{
-	int ret=0,i;
-	char *p,*q;
+	int ret=0,i,j;
+	unsigned char *p;
 	X509_REQ_INFO *ri;
 	char buf[100];
 	int nid,min,max;
 	char *type,*def,*tmp,*value,*tmp_attr;
-	STACK_OF(CONF_VALUE) *sk, *attr=NULL;
+	STACK *sk,*attr=NULL;
 	CONF_VALUE *v;
 	
 	tmp=CONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
@@ -866,32 +791,29 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
 	/* setup version number */
 	if (!ASN1_INTEGER_set(ri->version,0L)) goto err; /* version 1 */

-	if (sk_CONF_VALUE_num(sk))
+	if (sk_num(sk))
 		{
 		i= -1;
 start:		for (;;)
 			{
 			i++;
-			if (sk_CONF_VALUE_num(sk) <= i) break;
+			if ((int)sk_num(sk) <= i) break;

-			v=sk_CONF_VALUE_value(sk,i);
-			p=q=NULL;
+			v=(CONF_VALUE *)sk_value(sk,i);
+			p=NULL;
 			type=v->name;
-			if(!check_end(type,"_min") || !check_end(type,"_max") ||
-				!check_end(type,"_default") ||
-					 !check_end(type,"_value")) continue;
-			/* Skip past any leading X. X: X, etc to allow for
-			 * multiple instances 
-			 */
-			for(p = v->name; *p ; p++) 
-				if ((*p == ':') || (*p == ',') ||
-							 (*p == '.')) {
-					p++;
-					if(*p) type = p;
-					break;
+			for (j=0; type[j] != '\0'; j++)
+				{
+				if (	(type[j] == ':') ||
+					(type[j] == ',') ||
+					(type[j] == '.'))
+					p= (unsigned char *)&(type[j+1]);
 				}
-			/* If OBJ not recognised ignore it */
-			if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
+			if (p != NULL)
+				type=(char *)p;
+			if ((nid=OBJ_txt2nid(type)) == NID_undef)
+				goto start;
+
 			sprintf(buf,"%s_default",v->name);
 			if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
 				def="";
@@ -910,7 +832,7 @@ start:		for (;;)
 				min,max))
 				goto err;
 			}
-		if (sk_X509_NAME_ENTRY_num(ri->subject->entries) == 0)
+		if (sk_num(ri->subject->entries) == 0)
 			{
 			BIO_printf(bio_err,"error, no objects specified in config file\n");
 			goto err;
@@ -918,7 +840,7 @@ start:		for (;;)

 		if (attribs)
 			{
-			if ((attr != NULL) && (sk_CONF_VALUE_num(attr) > 0))
+			if ((attr != NULL) && (sk_num(attr) > 0))
 				{
 				BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
 				BIO_printf(bio_err,"to be sent with your certificate request\n");
@@ -928,11 +850,10 @@ start:		for (;;)
 start2:			for (;;)
 				{
 				i++;
-				if ((attr == NULL) ||
-					    (sk_CONF_VALUE_num(attr) <= i))
+				if ((attr == NULL) || ((int)sk_num(attr) <= i))
 					break;

-				v=sk_CONF_VALUE_value(attr,i);
+				v=(CONF_VALUE *)sk_value(attr,i);
 				type=v->name;
 				if ((nid=OBJ_txt2nid(type)) == NID_undef)
 					goto start2;
@@ -972,15 +893,21 @@ err:
 	return(ret);
 	}

-static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
-	     int nid, int min, int max)
+static int add_DN_object(n,text,def,value,nid,min,max)
+X509_NAME *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
 	{
 	int i,j,ret=0;
 	X509_NAME_ENTRY *ne=NULL;
 	MS_STATIC char buf[1024];

 	BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 	if (value != NULL)
 		{
 		strcpy(buf,value);
@@ -1014,9 +941,6 @@ static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
 	j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
 	if (req_fix_data(nid,&j,i,min,max) == 0)
 		goto err;
-#ifdef CHARSET_EBCDIC
-	ebcdic2ascii(buf, buf, i);
-#endif
 	if ((ne=X509_NAME_ENTRY_create_by_NID(NULL,nid,j,(unsigned char *)buf,
 		strlen(buf)))
 		== NULL) goto err;
@@ -1029,9 +953,14 @@ err:
 	return(ret);
 	}

-static int add_attribute_object(STACK_OF(X509_ATTRIBUTE) *n, char *text,
-				char *def, char *value, int nid, int min,
-				int max)
+static int add_attribute_object(n,text,def,value,nid,min,max)
+STACK *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
 	{
 	int i,z;
 	X509_ATTRIBUTE *xa=NULL;
@@ -1041,7 +970,7 @@ static int add_attribute_object(STACK_OF(X509_ATTRIBUTE) *n, char *text,

 start:
 	BIO_printf(bio_err,"%s [%s]:",text,def);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 	if (value != NULL)
 		{
 		strcpy(buf,value);
@@ -1075,7 +1004,7 @@ start:
 	/* add object plus value */
 	if ((xa=X509_ATTRIBUTE_new()) == NULL)
 		goto err;
-	if ((xa->value.set=sk_ASN1_TYPE_new_null()) == NULL)
+	if ((xa->value.set=sk_new_null()) == NULL)
 		goto err;
 	xa->set=1;

@@ -1101,12 +1030,12 @@ start:
 		{ BIO_printf(bio_err,"Malloc failure\n"); goto err; }

 	ASN1_TYPE_set(at,bs->type,(char *)bs);
-	sk_ASN1_TYPE_push(xa->value.set,at);
+	sk_push(xa->value.set,(char *)at);
 	bs=NULL;
 	at=NULL;
 	/* only one item per attribute */

-	if (!sk_X509_ATTRIBUTE_push(n,xa)) goto err;
+	if (!sk_push(n,(char *)xa)) goto err;
 	return(1);
 err:
 	if (xa != NULL) X509_ATTRIBUTE_free(xa);
@@ -1115,7 +1044,9 @@ err:
 	return(0);
 	}

-static void MS_CALLBACK req_cb(int p, int n, void *arg)
+static void MS_CALLBACK req_cb(p, n)
+int p;
+int n;
 	{
 	char c='*';

@@ -1123,14 +1054,17 @@ static void MS_CALLBACK req_cb(int p, int n, void *arg)
 	if (p == 1) c='+';
 	if (p == 2) c='*';
 	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
+	BIO_write(bio_err,&c,1);
+	BIO_flush(bio_err);
 #ifdef LINT
 	p=n;
 #endif
 	}

-static int req_fix_data(int nid, int *type, int len, int min, int max)
+static int req_fix_data(nid,type,len,min,max)
+int nid;
+int *type;
+int len,min,max;
 	{
 	if (nid == NID_pkcs9_emailAddress)
 		*type=V_ASN1_IA5STRING;
@@ -1161,37 +1095,3 @@ static int req_fix_data(int nid, int *type, int len, int min, int max)
 		}
 	return(1);
 	}
-
-/* Check if the end of a string matches 'end' */
-static int check_end(char *str, char *end)
-{
-	int elen, slen;	
-	char *tmp;
-	elen = strlen(end);
-	slen = strlen(str);
-	if(elen > slen) return 1;
-	tmp = str + slen - elen;
-	return strcmp(tmp, end);
-}
-
-static int add_oid_section(LHASH *conf)
-{	
-	char *p;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
-	if(!(sktmp = CONF_get_section(conf, p))) {
-		BIO_printf(bio_err, "problem loading oid section %s\n", p);
-		return 0;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		cnf = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
-			BIO_printf(bio_err, "problem creating object %s=%s\n",
-							 cnf->name, cnf->value);
-			return 0;
-		}
-	}
-	return 1;
-}
--- a/apps/req.pem
+++ b/apps/req.pem
@@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE REQUEST-----
-MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
-YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
-S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
-AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
-tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
-84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
-CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
-Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
-----END CERTIFICATE REQUEST-----
--- a/apps/rmlinks
+++ b/apps/rmlinks
@@ -0,0 +1,6 @@
+#!/bin/sh
+for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb 
+do
+echo removing $i
+/bin/rm -f $i
+done
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -1,5 +1,5 @@
 /* apps/rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,18 +56,17 @@
 * [including the GNU Public Licence.]
 */

-#ifndef NO_RSA
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
+#include "bio.h"
+#include "err.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"

 #undef PROG
 #define PROG	rsa_main
@@ -81,17 +80,18 @@
 * -idea	- encrypt output if PEM format
 * -text	- print a text version
 * -modulus	- print the RSA key modulus
- * -check	- verify key consistency
 */

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	int ret=1;
 	RSA *rsa=NULL;
 	int i,badops=0;
-	const EVP_CIPHER *enc=NULL;
+	EVP_CIPHER *enc=NULL;
 	BIO *in=NULL,*out=NULL;
-	int informat,outformat,text=0,check=0,noout=0;
+	int informat,outformat,text=0,noout=0;
 	char *infile,*outfile,*prog;
 	int modulus=0;

@@ -99,7 +99,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	infile=NULL;
 	outfile=NULL;
@@ -137,8 +137,6 @@ int MAIN(int argc, char **argv)
 			text=1;
 		else if (strcmp(*argv,"-modulus") == 0)
 			modulus=1;
-		else if (strcmp(*argv,"-check") == 0)
-			check=1;
 		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -156,7 +154,7 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -outform arg  output format - one of DER NET PEM\n");
-		BIO_printf(bio_err," -in arg       input file\n");
+		BIO_printf(bio_err," -in arg       inout file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -des          encrypt PEM output with cbc des\n");
 		BIO_printf(bio_err," -des3         encrypt PEM output with ede cbc des using 168 bit key\n");
@@ -166,7 +164,6 @@ bad:
 		BIO_printf(bio_err," -text         print the key in text\n");
 		BIO_printf(bio_err," -noout        don't print key out\n");
 		BIO_printf(bio_err," -modulus      print the RSA key modulus\n");
-		BIO_printf(bio_err," -check        verify key consistency\n");
 		goto end;
 		}

@@ -222,7 +219,7 @@ bad:
 		}
 #endif
 	else if (informat == FORMAT_PEM)
-		rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL,NULL);
+		rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL);
 	else
 		{
 		BIO_printf(bio_err,"bad input format specified for key\n");
@@ -261,33 +258,6 @@ bad:
 		fprintf(stdout,"\n");
 		}

-	if (check)
-		{
-		int r = RSA_check_key(rsa);
-
-		if (r == 1)
-			BIO_printf(out,"RSA key ok\n");
-		else if (r == 0)
-			{
-			long e;
-
-			while ((e = ERR_peek_error()) != 0 &&
-				ERR_GET_LIB(e) == ERR_LIB_RSA &&
-				ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY &&
-				ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE)
-				{
-				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
-				ERR_get_error(); /* remove e from error stack */
-				}
-			}
-		
-		if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
-		}
-		
 	if (noout) goto end;
 	BIO_printf(bio_err,"writing RSA private key\n");
 	if 	(outformat == FORMAT_ASN1)
@@ -312,7 +282,7 @@ bad:
 		}
 #endif
 	else if (outformat == FORMAT_PEM)
-		i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL,NULL);
+		i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL);
 	else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
 		goto end;
@@ -330,4 +300,4 @@ end:
 	if (rsa != NULL) RSA_free(rsa);
 	EXIT(ret);
 	}
-#endif
+
--- a/apps/rsa/01.pem
+++ b/apps/rsa/01.pem
@@ -1,15 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
-----END CERTIFICATE-----
--- a/apps/rsa/1.txt
+++ b/apps/rsa/1.txt
@@ -1,50 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: May 18 00:00:00 1998 GMT
-            Not After : May 18 23:59:59 1999 GMT
-        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
-                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
-                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
-                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
-                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
-                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
-                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
-                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
-                    b0:91:2d:85:ad:2a:1c:e7:f7
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md5WithRSAEncryption
-        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
-        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
-        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
-        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
-        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
-        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
-        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
-----BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
-----END CERTIFICATE-----
--- a/apps/rsa/SecureServer.pem
+++ b/apps/rsa/SecureServer.pem
@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
-----BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
--- a/apps/rsa/s.txt
+++ b/apps/rsa/s.txt
@@ -1,49 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
-----BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -1,5 +1,5 @@
 /* apps/s_apps.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,36 +56,13 @@
 * [including the GNU Public Licence.]
 */

-#include <sys/types.h>
-#if (defined(VMS) || defined(__VMS)) && !defined(FD_SET)
-/* VAX C does not defined fd_set and friends, but it's actually quite simple */
-/* These definitions are borrowed from SOCKETSHR.	/Richard Levitte */
-#define MAX_NOFILE	32
-#define	NBBY		 8		/* number of bits in a byte	*/
-
-#ifndef	FD_SETSIZE
-#define	FD_SETSIZE	MAX_NOFILE
-#endif	/* FD_SETSIZE */
-
-/* How many things we'll allow select to use. 0 if unlimited */
-#define MAXSELFD	MAX_NOFILE
-typedef int	fd_mask;	/* int here! VMS prototypes int, not long */
-#define NFDBITS	(sizeof(fd_mask) * NBBY)	/* bits per mask (power of 2!)*/
-#define NFDSHIFT 5				/* Shift based on above */
-
-typedef fd_mask fd_set;
-#define	FD_SET(n, p)	(*(p) |= (1 << ((n) % NFDBITS)))
-#define	FD_CLR(n, p)	(*(p) &= ~(1 << ((n) % NFDBITS)))
-#define	FD_ISSET(n, p)	(*(p) & (1 << ((n) % NFDBITS)))
-#define FD_ZERO(p)	memset((char *)(p), 0, sizeof(*(p)))
-#endif
-
 #define PORT            4433
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"

+#ifndef NOPROTO
 int do_accept(int acc_sock, int *sock, char **host);
-int do_server(int port, int *ret, int (*cb) (), char *context);
+int do_server(int port, int *ret, int (*cb) ());
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
 #else
@@ -102,14 +79,15 @@ int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
 int nbio_sock_error(int sock);
 int spawn(int argc, char **argv, int *in, int *out);
 int init_server(int *sock, int port);
-int init_server_long(int *sock, int port,char *ip);
 int should_retry(int i);
+int sock_err(void );
+int socket_ioctl(int, long,unsigned long *);
 void sock_cleanup(void );
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
 int host_ip(char *str, unsigned char ip[4]);

-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
+long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, char *argp,
 	int argi, long argl, long ret);

 #ifdef HEADER_SSL_H
@@ -118,3 +96,27 @@ void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret);
 void MS_CALLBACK apps_ssl_info_callback(char *s, int where, int ret);
 #endif

+#else
+int do_accept();
+int do_server();
+int MS_CALLBACK verify_callback();
+int set_cert_stuff();
+int init_client();
+int init_client_ip();
+int nbio_init_client_ip();
+int nbio_sock_error();
+int spawn();
+int init_server();
+int should_retry();
+int sock_err();
+int socket_ioctl();
+void sock_cleanup();
+int extract_port();
+int extract_host_port();
+int host_ip();
+
+long MS_CALLBACK bio_dump_cb();
+void MS_CALLBACK apps_ssl_info_callback();
+
+#endif
+
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1,5 +1,5 @@
 /* apps/s_cb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -63,15 +63,18 @@
 #include "apps.h"
 #undef NON_MAIN
 #undef USE_SOCKETS
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
 #include "s_apps.h"

 int verify_depth=0;
 int verify_error=X509_V_OK;

-int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
+/* should be X509 * but we can just have them as char *. */
+int MS_CALLBACK verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
 	{
 	char buf[256];
 	X509 *err_cert;
@@ -107,13 +110,13 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 	case X509_V_ERR_CERT_NOT_YET_VALID:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
 		BIO_printf(bio_err,"notBefore=");
-		ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+		ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
 		BIO_printf(bio_err,"\n");
 		break;
 	case X509_V_ERR_CERT_HAS_EXPIRED:
 	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
 		BIO_printf(bio_err,"notAfter=");
-		ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+		ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
 		BIO_printf(bio_err,"\n");
 		break;
 		}
@@ -121,19 +124,20 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
 	return(ok);
 	}

-int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
+int set_cert_stuff(ctx, cert_file, key_file)
+SSL_CTX *ctx;
+char *cert_file;
+char *key_file;
 	{
 	if (cert_file != NULL)
 		{
-		/*
 		SSL *ssl;
 		X509 *x509;
-		*/

 		if (SSL_CTX_use_certificate_file(ctx,cert_file,
 			SSL_FILETYPE_PEM) <= 0)
 			{
-			BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
+			BIO_printf(bio_err,"unable to set certificate file\n");
 			ERR_print_errors(bio_err);
 			return(0);
 			}
@@ -141,25 +145,18 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
 		if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
 			SSL_FILETYPE_PEM) <= 0)
 			{
-			BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
+			BIO_printf(bio_err,"unable to set public key file\n");
 			ERR_print_errors(bio_err);
 			return(0);
 			}

-		/*
-		In theory this is no longer needed 
 		ssl=SSL_new(ctx);
 		x509=SSL_get_certificate(ssl);

-		if (x509 != NULL) {
-			EVP_PKEY *pktmp;
-			pktmp = X509_get_pubkey(x509);
-			EVP_PKEY_copy_parameters(pktmp,
-						SSL_get_privatekey(ssl));
-			EVP_PKEY_free(pktmp);
-		}
+		if (x509 != NULL)
+			EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
+				SSL_get_privatekey(ssl));
 		SSL_free(ssl);
-		*/

 		/* If we are using DSA, we can copy the parameters from
 		 * the private key */
@@ -176,8 +173,13 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
 	return(1);
 	}

-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
-	     long argl, long ret)
+long MS_CALLBACK bio_dump_cb(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
 	{
 	BIO *out;

@@ -200,7 +202,10 @@ long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
 	return(ret);
 	}

-void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret)
+void MS_CALLBACK apps_ssl_info_callback(s,where,ret)
+SSL *s;
+int where;
+int ret;
 	{
 	char *str;
 	int w;
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1,5 +1,5 @@
 /* apps/s_client.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,42 +56,20 @@
 * [including the GNU Public Licence.]
 */

-#ifdef APPS_CRLF
-# include <assert.h>
-#endif
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef NO_STDIO
+#define USE_SOCKETS
+#ifdef WIN16
 #define APPS_WIN16
 #endif
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(VMS) && defined(__DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
-#define USE_SOCKETS
 #include "apps.h"
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#include "pem.h"
 #include "s_apps.h"

-#if (defined(VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-
-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
 #undef PROG
 #define PROG	s_client_main

@@ -112,16 +90,21 @@ static int c_nbio=0;
 #endif
 static int c_Pause=0;
 static int c_debug=0;
-static int c_showcerts=0;

+#ifndef NOPROTO
 static void sc_usage(void);
 static void print_stuff(BIO *berr,SSL *con,int full);
+#else
+static void sc_usage();
+static void print_stuff();
+#endif
+
 static BIO *bio_c_out=NULL;
 static int c_quiet=0;

-static void sc_usage(void)
+static void sc_usage()
 	{
-	BIO_printf(bio_err,"usage: s_client args\n");
+	BIO_printf(bio_err,"usage: client args\n");
 	BIO_printf(bio_err,"\n");
 	BIO_printf(bio_err," -host host     - use -connect instead\n");
 	BIO_printf(bio_err," -port port     - use -connect instead\n");
@@ -135,30 +118,25 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
 	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
 	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
-	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
 	BIO_printf(bio_err," -debug        - extra output\n");
 	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
 	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
 #ifdef FIONBIO
 	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
-#endif
-#ifdef APPS_CRLF /* won't be #ifdef'd in next release */
-	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
 #endif
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
-	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
-	BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
-	BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'openssl ciphers'\n");
-	BIO_printf(bio_err,"                 command to see what is available\n");
+	BIO_printf(bio_err," -cipher       - prefered cipher to use, use the 'ssleay ciphers'\n");
+	BIO_printf(bio_err,"                 command to se what is available\n");

 	}

-int MAIN(int argc, char **argv)
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
-	int off=0;
 	SSL *con=NULL,*con2=NULL;
 	int s,k,width,state=0;
 	char *cbuf=NULL,*sbuf=NULL;
@@ -171,10 +149,7 @@ int MAIN(int argc, char **argv)
 	char *cert_file=NULL,*key_file=NULL;
 	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
 	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
-#ifdef APPS_CRLF
-	int crlf=0;
-#endif
-	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
+	int write_tty,read_tty,write_ssl,read_ssl,tty_on;
 	SSL_CTX *ctx=NULL;
 	int ret=1,in_init=1,i,nbio_test=0;
 	SSL_METHOD *meth=NULL;
@@ -190,10 +165,8 @@ int MAIN(int argc, char **argv)
 #endif

 	apps_startup();
-	c_Pause=0;
 	c_quiet=0;
 	c_debug=0;
-	c_showcerts=0;

 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
@@ -244,18 +217,12 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			cert_file= *(++argv);
 			}
-#ifdef APPS_CRLF
-		else if	(strcmp(*argv,"-crlf") == 0)
-			crlf=1;
-#endif
 		else if	(strcmp(*argv,"-quiet") == 0)
 			c_quiet=1;
 		else if	(strcmp(*argv,"-pause") == 0)
 			c_Pause=1;
 		else if	(strcmp(*argv,"-debug") == 0)
 			c_debug=1;
-		else if	(strcmp(*argv,"-showcerts") == 0)
-			c_showcerts=1;
 		else if	(strcmp(*argv,"-nbio_test") == 0)
 			nbio_test=1;
 		else if	(strcmp(*argv,"-state") == 0)
@@ -267,10 +234,6 @@ int MAIN(int argc, char **argv)
 #ifndef NO_SSL3
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			meth=SSLv3_client_method();
-#endif
-#ifndef NO_TLS1
-		else if	(strcmp(*argv,"-tls1") == 0)
-			meth=TLSv1_client_method();
 #endif
 		else if (strcmp(*argv,"-bugs") == 0)
 			bugs=1;
@@ -293,12 +256,6 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			CAfile= *(++argv);
 			}
-		else if (strcmp(*argv,"-no_tls1") == 0)
-			off|=SSL_OP_NO_TLSv1;
-		else if (strcmp(*argv,"-no_ssl3") == 0)
-			off|=SSL_OP_NO_SSLv3;
-		else if (strcmp(*argv,"-no_ssl2") == 0)
-			off|=SSL_OP_NO_SSLv2;
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -345,10 +302,7 @@ bad:
 		goto end;
 		}

-	if (bugs)
-		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
-	else
-		SSL_CTX_set_options(ctx,off);
+	if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);

 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
 	if (cipher != NULL)
@@ -365,21 +319,20 @@ bad:
 	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(ctx)))
 		{
-		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
+		BIO_printf(bio_err,"error seting default verify locations\n");
 		ERR_print_errors(bio_err);
-		/* goto end; */
+		goto end;
 		}

 	SSL_load_error_strings();

 	con=(SSL *)SSL_new(ctx);
-/*	SSL_set_cipher_list(con,"RC4-MD5"); */

 re_start:

 	if (init_client(&s,host,port) == 0)
 		{
-		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
+		BIO_printf(bio_err,"connect:errno=%d\n",errno);
 		SHUTDOWN(s);
 		goto end;
 		}
@@ -390,11 +343,7 @@ re_start:
 		{
 		unsigned long l=1;
 		BIO_printf(bio_c_out,"turning on non blocking io\n");
-		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
-			{
-			ERR_print_errors(bio_err);
-			goto end;
-			}
+		socket_ioctl(s,FIONBIO,&l);
 		}
 #endif                                              
 	if (c_Pause & 0x01) con->debug=1;
@@ -437,7 +386,7 @@ re_start:
 		FD_ZERO(&readfds);
 		FD_ZERO(&writefds);

-		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
+		if (SSL_in_init(con))
 			{
 			in_init=1;
 			tty_on=0;
@@ -463,43 +412,31 @@ re_start:
 				}
 			}

-		ssl_pending = read_ssl && SSL_pending(con);
-
-		if (!ssl_pending)
-			{
 #ifndef WINDOWS
-			if (tty_on)
-				{
-				if (read_tty)  FD_SET(fileno(stdin),&readfds);
-				if (write_tty) FD_SET(fileno(stdout),&writefds);
-				}
+		if (tty_on)
+			{
+			if (read_tty)  FD_SET(fileno(stdin),&readfds);
+			if (write_tty) FD_SET(fileno(stdout),&writefds);
+			}
 #endif
-			if (read_ssl)
-				FD_SET(SSL_get_fd(con),&readfds);
-			if (write_ssl)
-				FD_SET(SSL_get_fd(con),&writefds);
+		if (read_ssl)
+			FD_SET(SSL_get_fd(con),&readfds);
+		if (write_ssl)
+			FD_SET(SSL_get_fd(con),&writefds);

-/*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
-				tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+/*		printf("mode tty(%d %d%d) ssl(%d%d)\n",
+			tty_on,read_tty,write_tty,read_ssl,write_ssl);*/

-			/* Note: under VMS with SOCKETSHR the second parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-			i=select(width,(void *)&readfds,(void *)&writefds,
-				 NULL,NULL);
-			if ( i < 0)
-				{
-				BIO_printf(bio_err,"bad select %d\n",
-				get_last_socket_error());
-				goto shut;
-				/* goto end; */
-				}
+/*		printf("pending=%d\n",SSL_pending(con)); */
+		i=select(width,&readfds,&writefds,NULL,NULL);
+		if ( i < 0)
+			{
+			BIO_printf(bio_err,"bad select %d\n",sock_err());
+			goto shut;
+			/* goto end; */
 			}

-		if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
+		if (FD_ISSET(SSL_get_fd(con),&writefds))
 			{
 			k=SSL_write(con,&(cbuf[cbuf_off]),
 				(unsigned int)cbuf_len);
@@ -552,7 +489,7 @@ re_start:
 				if ((k != 0) || (cbuf_len != 0))
 					{
 					BIO_printf(bio_err,"write:errno=%d\n",
-						get_last_socket_error());
+						errno);
 					goto shut;
 					}
 				else
@@ -567,11 +504,8 @@ re_start:
 				}
 			}
 #ifndef WINDOWS
-		else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
+		else if (FD_ISSET(fileno(stdout),&writefds))
 			{
-#ifdef CHARSET_EBCDIC
-			ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
-#endif
 			i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);

 			if (i <= 0)
@@ -590,20 +524,9 @@ re_start:
 				}
 			}
 #endif
-		else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
+		else if (FD_ISSET(SSL_get_fd(con),&readfds))
 			{
-#ifdef RENEG
-{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
-#endif
-#if 1
-			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
-#else
-/* Demo for pending and peek :-) */
-			k=SSL_read(con,sbuf,16);
-{ char zbuf[10240]; 
-printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
-}
-#endif
+			k=SSL_read(con,sbuf,BUFSIZZ);

 			switch (SSL_get_error(con,k))
 				{
@@ -632,7 +555,7 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 				BIO_printf(bio_c_out,"read X BLOCK\n");
 				break;
 			case SSL_ERROR_SYSCALL:
-				BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
+				BIO_printf(bio_err,"read:errno=%d\n",errno);
 				goto shut;
 			case SSL_ERROR_ZERO_RETURN:
 				BIO_printf(bio_c_out,"closed\n");
@@ -640,39 +563,14 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			case SSL_ERROR_SSL:
 				ERR_print_errors(bio_err);
 				goto shut;
-				/* break; */
+				break;
 				}
 			}

 #ifndef WINDOWS
 		else if (FD_ISSET(fileno(stdin),&readfds))
 			{
-#ifdef APPS_CRLF
-			if (crlf)
-				{
-				int j, lf_num;
-
-				i=read(fileno(stdin),cbuf,BUFSIZZ/2);
-				lf_num = 0;
-				/* both loops are skipped when i <= 0 */
-				for (j = 0; j < i; j++)
-					if (cbuf[j] == '\n')
-						lf_num++;
-				for (j = i-1; j >= 0; j--)
-					{
-					cbuf[j+lf_num] = cbuf[j];
-					if (cbuf[j] == '\n')
-						{
-						lf_num--;
-						i++;
-						cbuf[j+lf_num] = '\r';
-						}
-					}
-				assert(lf_num == 0);
-				}
-			else
-#endif
-				i=read(fileno(stdin),cbuf,BUFSIZZ);
+			i=read(fileno(stdin),cbuf,BUFSIZZ);

 			if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
 				{
@@ -682,21 +580,18 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240

 			if ((!c_quiet) && (cbuf[0] == 'R'))
 				{
-				BIO_printf(bio_err,"RENEGOTIATING\n");
 				SSL_renegotiate(con);
-				cbuf_len=0;
+				read_tty=0;
+				write_ssl=1;
 				}
 			else
 				{
 				cbuf_len=i;
 				cbuf_off=0;
-#ifdef CHARSET_EBCDIC
-				ebcdic2ascii(cbuf, cbuf, i);
-#endif
 				}

-			write_ssl=1;
 			read_tty=0;
+			write_ssl=1;
 			}
 #endif
 		}
@@ -719,38 +614,34 @@ end:
 	}


-static void print_stuff(BIO *bio, SSL *s, int full)
+static void print_stuff(bio,s,full)
+BIO *bio;
+SSL *s;
+int full;
 	{
-	X509 *peer=NULL;
+	X509 *peer;
 	char *p;
 	static char *space="                ";
 	char buf[BUFSIZ];
-	STACK_OF(X509) *sk;
-	STACK_OF(X509_NAME) *sk2;
+	STACK *sk;
 	SSL_CIPHER *c;
 	X509_NAME *xn;
 	int j,i;

 	if (full)
 		{
-		int got_a_chain = 0;
-
 		sk=SSL_get_peer_cert_chain(s);
 		if (sk != NULL)
 			{
-			got_a_chain = 1; /* we don't have it for SSL2 (yet) */
-
-			BIO_printf(bio,"---\nCertificate chain\n");
-			for (i=0; i<sk_X509_num(sk); i++)
+			BIO_printf(bio,"---\nCertficate chain\n");
+			for (i=0; i<sk_num(sk); i++)
 				{
-				X509_NAME_oneline(X509_get_subject_name(
-					sk_X509_value(sk,i)),buf,BUFSIZ);
+				X509_NAME_oneline(X509_get_subject_name((X509 *)
+					sk_value(sk,i)),buf,BUFSIZ);
 				BIO_printf(bio,"%2d s:%s\n",i,buf);
-				X509_NAME_oneline(X509_get_issuer_name(
-					sk_X509_value(sk,i)),buf,BUFSIZ);
+				X509_NAME_oneline(X509_get_issuer_name((X509 *)
+					sk_value(sk,i)),buf,BUFSIZ);
 				BIO_printf(bio,"   i:%s\n",buf);
-				if (c_showcerts)
-					PEM_write_bio_X509(bio,sk_X509_value(sk,i));
 				}
 			}

@@ -759,25 +650,25 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 		if (peer != NULL)
 			{
 			BIO_printf(bio,"Server certificate\n");
-			if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
-				PEM_write_bio_X509(bio,peer);
+			PEM_write_bio_X509(bio,peer);
 			X509_NAME_oneline(X509_get_subject_name(peer),
 				buf,BUFSIZ);
 			BIO_printf(bio,"subject=%s\n",buf);
 			X509_NAME_oneline(X509_get_issuer_name(peer),
 				buf,BUFSIZ);
 			BIO_printf(bio,"issuer=%s\n",buf);
+			X509_free(peer);
 			}
 		else
 			BIO_printf(bio,"no peer certificate available\n");

-		sk2=SSL_get_client_CA_list(s);
-		if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0))
+		sk=SSL_get_client_CA_list(s);
+		if ((sk != NULL) && (sk_num(sk) > 0))
 			{
 			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
-			for (i=0; i<sk_X509_NAME_num(sk2); i++)
+			for (i=0; i<sk_num(sk); i++)
 				{
-				xn=sk_X509_NAME_value(sk2,i);
+				xn=(X509_NAME *)sk_value(sk,i);
 				X509_NAME_oneline(xn,buf,sizeof(buf));
 				BIO_write(bio,buf,strlen(buf));
 				BIO_write(bio,"\n",1);
@@ -790,18 +681,13 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 		p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
 		if (p != NULL)
 			{
-			/* This works only for SSL 2.  In later protocol
-			 * versions, the client does not know what other
-			 * ciphers (in addition to the one to be used
-			 * in the current connection) the server supports. */
-
 			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
 			j=i=0;
 			while (*p)
 				{
 				if (*p == ':')
 					{
-					BIO_write(bio,space,15-j%25);
+					BIO_write(bio,space,15-j);
 					i++;
 					j=0;
 					BIO_write(bio,((i%3)?" ":"\n"),1);
@@ -825,16 +711,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 	BIO_printf(bio,"%s, Cipher is %s\n",
 		SSL_CIPHER_get_version(c),
 		SSL_CIPHER_get_name(c));
-	if (peer != NULL) {
-		EVP_PKEY *pktmp;
-		pktmp = X509_get_pubkey(peer);
-		BIO_printf(bio,"Server public key is %d bit\n",
-							 EVP_PKEY_bits(pktmp));
-		EVP_PKEY_free(pktmp);
-	}
 	SSL_SESSION_print(bio,SSL_get_session(s));
 	BIO_printf(bio,"---\n");
-	if (peer != NULL)
-		X509_free(peer);
 	}

--- a/apps/s_server.c
+++ b/apps/s_server.c
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -1,5 +1,5 @@
 /* apps/s_socket.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -61,34 +61,22 @@
 #include <string.h>
 #include <errno.h>
 #include <signal.h>
-
-/* With IPv6, it looks like Digital has mixed up the proper order of
-   recursive header file inclusion, resulting in the compiler complaining
-   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
-   is needed to have fileno() declared correctly...  So let's define u_int */
-#if defined(VMS) && defined(__DECC) && !defined(__U_INT)
-#define __U_INT
-typedef unsigned int u_int;
-#endif
-
 #define USE_SOCKETS
 #define NON_MAIN
 #include "apps.h"
 #undef USE_SOCKETS
 #undef NON_MAIN
 #include "s_apps.h"
-#include <openssl/ssl.h>
-
-#ifdef VMS
-#if (__VMS_VER < 70000000) /* FIONBIO used as a switch to enable ioctl,
-			      and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-#include <processes.h> /* for vfork() */
-#endif
+#include "ssl.h"

+#ifndef NOPROTO
 static struct hostent *GetHostByName(char *name);
 int sock_init(void );
+#else
+static struct hostent *GetHostByName();
+int sock_init();
+#endif
+
 #ifdef WIN16
 #define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
 #else
@@ -105,8 +93,11 @@ static FARPROC lpTopWndProc=NULL;
 static FARPROC lpTopHookProc=NULL;
 extern HINSTANCE _hInstance;  /* nice global CRT provides */

-static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
-	     LPARAM lParam)
+static LONG FAR PASCAL topHookProc(hwnd,message,wParam,lParam)
+HWND hwnd;
+UINT message;
+WPARAM wParam;
+LPARAM lParam;
 	{
 	if (hwnd == topWnd)
 		{
@@ -131,7 +122,7 @@ static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
 #endif /* WIN32 */
 #endif /* WINDOWS */

-void sock_cleanup(void)
+void sock_cleanup()
 	{
 #ifdef WINDOWS
 	if (wsa_init_done)
@@ -143,7 +134,7 @@ void sock_cleanup(void)
 #endif
 	}

-int sock_init(void)
+int sock_init()
 	{
 #ifdef WINDOWS
 	if (!wsa_init_done)
@@ -174,7 +165,10 @@ int sock_init(void)
 	return(1);
 	}

-int init_client(int *sock, char *host, int port)
+int init_client(sock, host, port)
+int *sock;
+char *host;
+int port;
 	{
 	unsigned char ip[4];
 	short p=0;
@@ -187,7 +181,10 @@ int init_client(int *sock, char *host, int port)
 	return(init_client_ip(sock,ip,port));
 	}

-int init_client_ip(int *sock, unsigned char ip[4], int port)
+int init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
 	{
 	unsigned long addr;
 	struct sockaddr_in them;
@@ -218,25 +215,23 @@ int init_client_ip(int *sock, unsigned char ip[4], int port)
 	return(1);
 	}

-int nbio_sock_error(int sock)
+int nbio_sock_error(sock)
+int sock;
 	{
-	int j,i;
-	int size;
+	int j,i,size;

 	size=sizeof(int);
-	/* Note: under VMS with SOCKETSHR the third parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,(void *)&size);
+	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
 	if (i < 0)
 		return(1);
 	else
 		return(j);
 	}

-int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)
+int nbio_init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
 	{
 	unsigned long addr;
 	struct sockaddr_in them;
@@ -256,9 +251,7 @@ int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)

 	if (*sock <= 0)
 		{
-#ifdef FIONBIO
 		unsigned long l=1;
-#endif

 		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
 		if (s == INVALID_SOCKET) { perror("socket"); return(0); }
@@ -269,7 +262,7 @@ int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)
 		*sock=s;

 #ifdef FIONBIO
-		BIO_socket_ioctl(s,FIONBIO,&l);
+		socket_ioctl(s,FIONBIO,&l);
 #endif
 		}
 	else
@@ -287,7 +280,10 @@ int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)
 		return(1);
 	}

-int do_server(int port, int *ret, int (*cb)(), char *context)
+int do_server(port, ret, cb)
+int port;
+int *ret;
+int (*cb)();
 	{
 	int sock;
 	char *name;
@@ -308,18 +304,20 @@ int do_server(int port, int *ret, int (*cb)(), char *context)
 			SHUTDOWN(accept_socket);
 			return(0);
 			}
-		i=(*cb)(name,sock, context);
+		i=(*cb)(name,sock);
 		if (name != NULL) Free(name);
-		SHUTDOWN2(sock);
+		SHUTDOWN(sock);
 		if (i < 0)
 			{
-			SHUTDOWN2(accept_socket);
+			SHUTDOWN(accept_socket);
 			return(i);
 			}
 		}
 	}

-int init_server_long(int *sock, int port, char *ip)
+int init_server(sock, port)
+int *sock;
+int port;
 	{
 	int ret=0;
 	struct sockaddr_in server;
@@ -330,25 +328,10 @@ int init_server_long(int *sock, int port, char *ip)
 	memset((char *)&server,0,sizeof(server));
 	server.sin_family=AF_INET;
 	server.sin_port=htons((unsigned short)port);
-	if (ip == NULL)
-		server.sin_addr.s_addr=INADDR_ANY;
-	else
-/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
-#ifndef BIT_FIELD_LIMITS
-		memcpy(&server.sin_addr.s_addr,ip,4);
-#else
-		memcpy(&server.sin_addr,ip,4);
-#endif
+	server.sin_addr.s_addr=INADDR_ANY;
 	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);

 	if (s == INVALID_SOCKET) goto err;
-#if defined SOL_SOCKET && defined SO_REUSEADDR
-		{
-		int j = 1;
-		setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
-			   (void *) &j, sizeof j);
-		}
-#endif
 	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
 		{
 #ifndef WINDOWS
@@ -356,8 +339,7 @@ int init_server_long(int *sock, int port, char *ip)
 #endif
 		goto err;
 		}
-	/* Make it 128 for linux */
-	if (listen(s,128) == -1) goto err;
+	if (listen(s,5) == -1) goto err;
 	i=0;
 	*sock=s;
 	ret=1;
@@ -369,12 +351,10 @@ err:
 	return(ret);
 	}

-int init_server(int *sock, int port)
-	{
-	return(init_server_long(sock, port, NULL));
-	}
-
-int do_accept(int acc_sock, int *sock, char **host)
+int do_accept(acc_sock, sock, host)
+int acc_sock;
+int *sock;
+char **host;
 	{
 	int ret,i;
 	struct hostent *h1,*h2;
@@ -390,12 +370,7 @@ redoit:

 	memset((char *)&from,0,sizeof(from));
 	len=sizeof(from);
-	/* Note: under VMS with SOCKETSHR the fourth parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	ret=accept(acc_sock,(struct sockaddr *)&from,(void *)&len);
+	ret=accept(acc_sock,(struct sockaddr *)&from,&len);
 	if (ret == INVALID_SOCKET)
 		{
 #ifdef WINDOWS
@@ -424,14 +399,9 @@ redoit:
 */

 	if (host == NULL) goto end;
-#ifndef BIT_FIELD_LIMITS
 	/* I should use WSAAsyncGetHostByName() under windows */
 	h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
 		sizeof(from.sin_addr.s_addr),AF_INET);
-#else
-	h1=gethostbyaddr((char *)&from.sin_addr,
-		sizeof(struct in_addr),AF_INET);
-#endif
 	if (h1 == NULL)
 		{
 		BIO_printf(bio_err,"bad gethostbyaddr\n");
@@ -465,8 +435,43 @@ end:
 	return(1);
 	}

-int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
-	     short *port_ptr)
+int socket_ioctl(fd,type,arg)
+int fd;
+long type;
+unsigned long *arg;
+	{
+	int i,err;
+#ifdef WINDOWS
+	i=ioctlsocket(fd,type,arg);
+#else
+	i=ioctl(fd,type,arg);
+#endif
+	if (i < 0)
+		{
+#ifdef WINDOWS
+		err=WSAGetLastError();
+#else
+		err=errno;
+#endif
+		BIO_printf(bio_err,"ioctl on socket failed:error %d\n",err);
+		}
+	return(i);
+	}
+
+int sock_err()
+	{
+#ifdef WINDOWS
+	return(WSAGetLastError());
+#else
+	return(errno);
+#endif
+	}
+
+int extract_host_port(str,host_ptr,ip,port_ptr)
+char *str;
+char **host_ptr;
+unsigned char *ip;
+short *port_ptr;
 	{
 	char *h,*p;

@@ -490,12 +495,14 @@ err:
 	return(0);
 	}

-int host_ip(char *str, unsigned char ip[4])
+int host_ip(str,ip)
+char *str;
+unsigned char ip[4];
 	{
 	unsigned int in[4]; 
 	int i;

-	if (sscanf(str,"%u.%u.%u.%u",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
+	if (sscanf(str,"%d.%d.%d.%d",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
 		{
 		for (i=0; i<4; i++)
 			if (in[i] > 255)
@@ -536,7 +543,9 @@ err:
 	return(0);
 	}

-int extract_port(char *str, short *port_ptr)
+int extract_port(str,port_ptr)
+char *str;
+short *port_ptr;
 	{
 	int i;
 	struct servent *s;
@@ -568,7 +577,8 @@ static struct ghbn_cache_st
 static unsigned long ghbn_hits=0L;
 static unsigned long ghbn_miss=0L;

-static struct hostent *GetHostByName(char *name)
+static struct hostent *GetHostByName(name)
+char *name;
 	{
 	struct hostent *ret;
 	int i,lowi=0;
@@ -608,7 +618,11 @@ static struct hostent *GetHostByName(char *name)
 	}

 #ifndef MSDOS
-int spawn(int argc, char **argv, int *in, int *out)
+int spawn(argc, argv, in, out)
+int argc;
+char **argv;
+int *in;
+int *out;
 	{
 	int pid;
 #define CHILD_READ	p1[0]
@@ -619,11 +633,7 @@ int spawn(int argc, char **argv, int *in, int *out)

 	if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);

-#ifdef VMS
-	if ((pid=vfork()) == 0)
-#else
 	if ((pid=fork()) == 0)
-#endif
 		{ /* child */
 		if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
 			perror("dup2");
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -1,5 +1,5 @@
 /* apps/s_time.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -56,10 +56,10 @@
 * [including the GNU Public Licence.]
 */

-#define NO_SHUTDOWN
+#undef NO_SHUTDOWN

 /*-----------------------------------------
-   s_time - SSL client connection timer program
+   cntime - SSL client connection timer program
   Written and donated by Larry Streepy <streepy@healthcare.com>
  -----------------------------------------*/

@@ -67,29 +67,26 @@
 #include <stdlib.h>
 #include <string.h>

-#if defined(NO_RSA) && !defined(NO_SSL2)
-#define NO_SSL2
-#endif
-
-#ifdef NO_STDIO
+#ifdef WIN16
 #define APPS_WIN16
 #endif
+#include "x509.h"
+#include "ssl.h"
+#include "pem.h"
 #define USE_SOCKETS
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/pem.h>
 #include "apps.h"
 #include "s_apps.h"
-#include <openssl/err.h>
+#include "err.h"
 #ifdef WIN32_STUFF
 #include "winmain.h"
 #include "wintext.h"
 #endif

-#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
+#ifndef MSDOS
 #define TIMES
 #endif

+#ifndef VMS
 #ifndef _IRIX
 #include <time.h>
 #endif
@@ -97,15 +94,15 @@
 #include <sys/types.h>
 #include <sys/times.h>
 #endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(VMS) && defined(__DECC) && !defined(__TMS)
-#undef TIMES
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
 #endif
-
 #ifndef TIMES
 #include <sys/timeb.h>
 #endif
@@ -114,8 +111,7 @@
 #include <sys/select.h>
 #endif

-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
+#ifdef sun
 #include <limits.h>
 #include <sys/param.h>
 #endif
@@ -124,7 +120,11 @@
 */
 #ifndef HZ
 #ifndef CLK_TCK
+#ifndef VMS
 #define HZ      100.0
+#else /* VMS */
+#define HZ      100.0
+#endif
 #else /* CLK_TCK */
 #define HZ ((double)CLK_TCK)
 #endif
@@ -133,7 +133,6 @@
 #undef PROG
 #define PROG s_time_main

-#undef ioctl
 #define ioctl ioctlsocket

 #define SSL_CONNECT_NAME	"localhost:4433"
@@ -151,10 +150,16 @@
 extern int verify_depth;
 extern int verify_error;

+#ifndef NOPROTO
 static void s_time_usage(void);
 static int parseArgs( int argc, char **argv );
 static SSL *doConnection( SSL *scon );
-static void s_time_init(void);
+#else
+static void s_time_usage();
+static int parseArgs();
+static SSL *doConnection();
+#endif
+

 /***********************************************************************
 * Static data declarations
@@ -175,54 +180,31 @@ static char *s_www_path=NULL;
 static long bytes_read=0; 
 static int st_bugs=0;
 static int perform=0;
+
 #ifdef FIONBIO
 static int t_nbio=0;
 #endif
+
 #ifdef WIN32
 static int exitNow = 0;		/* Set when it's time to exit main */
 #endif

-static void s_time_init(void)
-	{
-	host=SSL_CONNECT_NAME;
-	t_cert_file=NULL;
-	t_key_file=NULL;
-	CApath=NULL;
-	CAfile=NULL;
-	tm_cipher=NULL;
-	tm_verify = SSL_VERIFY_NONE;
-	maxTime = SECONDS;
-	tm_ctx=NULL;
-	s_time_meth=NULL;
-	s_www_path=NULL;
-	bytes_read=0; 
-	st_bugs=0;
-	perform=0;
-
-#ifdef FIONBIO
-	t_nbio=0;
-#endif
-#ifdef WIN32
-	exitNow = 0;		/* Set when it's time to exit main */
-#endif
-	}
-
 /***********************************************************************
 * usage - display usage message
 */
-static void s_time_usage(void)
+static void s_time_usage()
 {
 	static char umsg[] = "\
 -time arg     - max number of seconds to collect data, default %d\n\
 -verify arg   - turn on peer certificate verification, arg == depth\n\
 -cert arg     - certificate file to use, PEM format assumed\n\
-key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
-                file if not specified by this option\n\
+-key arg      - RSA file to use, PEM format assumed, in cert file if\n\
+                not specified but cert fill is.\n\
 -CApath arg   - PEM format directory of CA's\n\
 -CAfile arg   - PEM format file of CA's\n\
-cipher       - prefered cipher to use, play with 'openssl ciphers'\n\n";
+-cipher       - prefered cipher to use, play with 'ssleay ciphers'\n\n";

-	printf( "usage: s_time <args>\n\n" );
+	printf( "usage: client <args>\n\n" );

 	printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
 #ifdef FIONBIO
@@ -242,7 +224,9 @@ static void s_time_usage(void)
 *
 * Returns 0 if ok, -1 on bad args
 */
-static int parseArgs(int argc, char **argv)
+static int parseArgs(argc,argv)
+int argc;
+char **argv;
 {
    int badop = 0;

@@ -253,7 +237,6 @@ static int parseArgs(int argc, char **argv)
 #endif

 	apps_startup();
-	s_time_init();

 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
@@ -367,7 +350,8 @@ bad:
 #define START	0
 #define STOP	1

-static double tm_Time_F(int s)
+static double tm_Time_F(s)
+int s;
 	{
 	static double ret;
 #ifdef TIMES
@@ -401,7 +385,10 @@ static double tm_Time_F(int s)
 * MAIN - main processing area for client
 *			real name depends on MONOLITH
 */
-int MAIN(int argc, char **argv)
+int
+MAIN(argc,argv)
+int argc;
+char **argv;
 	{
 	double totalTime = 0.0;
 	int nConn = 0;
@@ -409,7 +396,6 @@ int MAIN(int argc, char **argv)
 	long finishtime=0;
 	int ret=1,i;
 	MS_STATIC char buf[1024*8];
-	int ver;

 #if !defined(NO_SSL2) && !defined(NO_SSL3)
 	s_time_meth=SSLv23_client_method();
@@ -426,8 +412,6 @@ int MAIN(int argc, char **argv)
 	SSLeay_add_ssl_algorithms();
 	if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);

-	SSL_CTX_set_quiet_shutdown(tm_ctx,1);
-
 	if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
 	SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
 	if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) 
@@ -438,9 +422,9 @@ int MAIN(int argc, char **argv)
 	if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
 		(!SSL_CTX_set_default_verify_paths(tm_ctx)))
 		{
-		/* BIO_printf(bio_err,"error seting default verify locations\n"); */
+		BIO_printf(bio_err,"error seting default verify locations\n");
 		ERR_print_errors(bio_err);
-		/* goto end; */
+		goto end;
 		}

 	if (tm_cipher == NULL)
@@ -487,24 +471,11 @@ int MAIN(int argc, char **argv)
 #else
 		SSL_shutdown(scon);
 #endif
-		SHUTDOWN2(SSL_get_fd(scon));
+		SHUTDOWN(SSL_get_fd(scon));

 		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
+		fputc(SSL_session_reused(scon)?'r':
+			(SSL_version(scon))+'0', stdout );
 		fflush(stdout);

 		SSL_free( scon );
@@ -541,7 +512,7 @@ next:
 #else
 	SSL_shutdown(scon);
 #endif
-	SHUTDOWN2(SSL_get_fd(scon));
+	SHUTDOWN(SSL_get_fd(scon));

 	nConn = 0;
 	totalTime = 0.0;
@@ -580,24 +551,11 @@ next:
 #else
 		SSL_shutdown(scon);
 #endif
-		SHUTDOWN2(SSL_get_fd(scon));
+		SHUTDOWN(SSL_get_fd(scon));
 	
 		nConn += 1;
-		if (SSL_session_reused(scon))
-			ver='r';
-		else
-			{
-			ver=SSL_version(scon);
-			if (ver == TLS1_VERSION)
-				ver='t';
-			else if (ver == SSL3_VERSION)
-				ver='3';
-			else if (ver == SSL2_VERSION)
-				ver='2';
-			else
-				ver='*';
-			}
-		fputc(ver,stdout);
+		fputc(SSL_session_reused(scon)?'r':
+			(SSL_version(scon))+'0', stdout );
 		fflush(stdout);
 		}
 	totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
@@ -625,7 +583,9 @@ end:
 * Returns:
 *		SSL *	= the connection pointer.
 */
-static SSL *doConnection(SSL *scon)
+static SSL *
+doConnection(scon)
+SSL *scon;
 	{
 	BIO *conn;
 	SSL *serverCon;
@@ -635,8 +595,8 @@ static SSL *doConnection(SSL *scon)
 	if ((conn=BIO_new(BIO_s_connect())) == NULL)
 		return(NULL);

-/*	BIO_set_conn_port(conn,port);*/
-	BIO_set_conn_hostname(conn,host);
+/*	BIO_set_port(conn,port);*/
+	BIO_set_hostname(conn,host);

 	if (scon == NULL)
 		serverCon=(SSL *)SSL_new(tm_ctx);
@@ -664,13 +624,7 @@ static SSL *doConnection(SSL *scon)
 			width=i+1;
 			FD_ZERO(&readfds);
 			FD_SET(i,&readfds);
-			/* Note: under VMS with SOCKETSHR the 2nd parameter
-			 * is currently of type (int *) whereas under other
-			 * systems it is (void *) if you don't have a cast it
-			 * will choke the compiler: if you do have a cast then
-			 * you can either go for (int *) or (void *).
-			 */
-			select(width,(void *)&readfds,NULL,NULL,NULL);
+			select(width,&readfds,NULL,NULL,NULL);
 			continue;
 			}
 		break;
--- a/apps/server.pem
+++ b/apps/server.pem
@@ -1,17 +1,17 @@
 issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
 subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAVICAQQwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
 BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
-VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTgwNjI5MjM1MjQwWhcNMDAwNjI4
-MjM1MjQwWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
 A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
 cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
 Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
-Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCVvvfkGSe2GHgDFfmOua4Isjb9
-JVhImWMASiOClkZlMESDJjsszg/6+d/W+8TrbObhazpl95FivXBVucbj9dudh7AO
-IZu1h1MAPlyknc9Ud816vz3FejB4qqUoaXjnlkrIgEbr/un7jSS86WOe0hRhwHkJ
-FUGcPZf9ND22Etc+AQ==
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
--- a/apps/server.srl
+++ b/apps/server.srl
@@ -1 +0,0 @@
-01
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -1,5 +1,5 @@
 /* apps/sess_id.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,37 +60,48 @@
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"

 #undef PROG
 #define PROG	sess_id_main

+#define FORMAT_UNDEF	0
+#define FORMAT_ASN1	1
+#define FORMAT_TEXT	2
+#define FORMAT_PEM	3
+
 static char *sess_id_usage[]={
-"usage: sess_id args\n",
+"usage: crl args\n",
 "\n",
 " -inform arg     - input format - default PEM (one of DER, TXT or PEM)\n",
 " -outform arg    - output format - default PEM\n",
 " -in arg         - input file - default stdin\n",
 " -out arg        - output file - default stdout\n",
 " -text           - print ssl session id details\n",
-" -cert           - output certificate \n",
+" -cert           - output certificaet \n",
 " -noout          - no CRL output\n",
-" -context arg    - set the session ID context\n",
 NULL
 };

+#ifndef NOPROTO
 static SSL_SESSION *load_sess_id(char *file, int format);
-int MAIN(int argc, char **argv)
+#else
+static SSL_SESSION *load_sess_id();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
 	{
 	SSL_SESSION *x=NULL;
 	int ret=1,i,num,badops=0;
 	BIO *out=NULL;
 	int informat,outformat;
-	char *infile=NULL,*outfile=NULL,*context=NULL;
+	char *infile=NULL,*outfile=NULL;
 	int cert=0,noout=0,text=0;
 	char **pp;

@@ -98,7 +109,7 @@ int MAIN(int argc, char **argv)

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
@@ -134,11 +145,6 @@ int MAIN(int argc, char **argv)
 			cert= ++num;
 		else if (strcmp(*argv,"-noout") == 0)
 			noout= ++num;
-		else if (strcmp(*argv,"-context") == 0)
-		    {
-		    if(--argc < 1) goto bad;
-		    context=*++argv;
-		    }
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -161,17 +167,6 @@ bad:
 	x=load_sess_id(infile,informat);
 	if (x == NULL) { goto end; }

-	if(context)
-	    {
-	    x->sid_ctx_length=strlen(context);
-	    if(x->sid_ctx_length > SSL_MAX_SID_CTX_LENGTH)
-		{
-		BIO_printf(bio_err,"Context too long\n");
-		goto end;
-		}
-	    memcpy(x->sid_ctx,context,x->sid_ctx_length);
-	    }
-
 #ifdef undef
 	/* just testing for memory leaks :-) */
 	{
@@ -264,7 +259,9 @@ end:
 	EXIT(ret);
 	}

-static SSL_SESSION *load_sess_id(char *infile, int format)
+static SSL_SESSION *load_sess_id(infile, format)
+char *infile;
+int format;
 	{
 	SSL_SESSION *x=NULL;
 	BIO *in=NULL;
@@ -289,7 +286,7 @@ static SSL_SESSION *load_sess_id(char *infile, int format)
 	if 	(format == FORMAT_ASN1)
 		x=d2i_SSL_SESSION_bio(in,NULL);
 	else if (format == FORMAT_PEM)
-		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
+		x=PEM_read_bio_SSL_SESSION(in,NULL,NULL);
 	else	{
 		BIO_printf(bio_err,"bad input format specified for input crl\n");
 		goto end;
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1,5 +1,5 @@
 /* apps/speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
@@ -60,8 +60,8 @@

 #undef SECONDS
 #define SECONDS		3	
-#define RSA_SECONDS	10
-#define DSA_SECONDS	10
+#define RSA_SECONDS	10	
+#define DSA_SECONDS	10	

 /* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
 /* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
@@ -73,19 +73,19 @@
 #include <stdlib.h>
 #include <signal.h>
 #include <string.h>
-#include <math.h>
 #include "apps.h"
-#ifdef NO_STDIO
+#ifdef WIN16
 #define APPS_WIN16
 #endif
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
+#include "crypto.h"
+#include "rand.h"
+#include "err.h"

-#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC))
+#ifndef MSDOS
 #define TIMES
 #endif

+#ifndef VMS
 #ifndef _IRIX
 #include <time.h>
 #endif
@@ -93,70 +93,56 @@
 #include <sys/types.h>
 #include <sys/times.h>
 #endif
-
-/* Depending on the VMS version, the tms structure is perhaps defined.
-   The __TMS macro will show if it was.  If it wasn't defined, we should
-   undefine TIMES, since that tells the rest of the program how things
-   should be handled.				-- Richard Levitte */
-#if defined(VMS) && defined(__DECC) && !defined(__TMS)
-#undef TIMES
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
 #endif
-
 #ifndef TIMES
 #include <sys/timeb.h>
 #endif

-#if defined(sun) || defined(__ultrix)
-#define _POSIX_SOURCE
+#ifdef sun
 #include <limits.h>
 #include <sys/param.h>
 #endif

 #ifndef NO_DES
-#include <openssl/des.h>
+#include "des.h"
 #endif
 #ifndef NO_MD2
-#include <openssl/md2.h>
+#include "md2.h"
 #endif
 #ifndef NO_MDC2
-#include <openssl/mdc2.h>
+#include "mdc2.h"
 #endif
 #ifndef NO_MD5
-#include <openssl/md5.h>
+#include "md5.h"
 #endif
-#ifndef NO_HMAC
-#include <openssl/hmac.h>
-#endif
-#include <openssl/evp.h>
-#ifndef NO_SHA
-#include <openssl/sha.h>
-#endif
-#ifndef NO_RIPEMD
-#include <openssl/ripemd.h>
+#if !defined(NO_SHA) && !defined(NO_SHA1)
+#include "sha.h"
 #endif
 #ifndef NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef NO_RC5
-#include <openssl/rc5.h>
+#include "rc4.h"
 #endif
 #ifndef NO_RC2
-#include <openssl/rc2.h>
+#include "rc2.h"
 #endif
 #ifndef NO_IDEA
-#include <openssl/idea.h>
+#include "idea.h"
 #endif
-#ifndef NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef NO_CAST
-#include <openssl/cast.h>
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
 #endif
 #ifndef NO_RSA
-#include <openssl/rsa.h>
-#include "./testrsa.h"
+#include "rsa.h"
 #endif
-#include <openssl/x509.h>
+#include "x509.h"
+#include "./testrsa.h"
 #ifndef NO_DSA
 #include "./testdsa.h"
 #endif
@@ -165,7 +151,11 @@
 #ifndef HZ
 # ifndef CLK_TCK
 #  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
-#   define HZ	100.0
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
 #  else /* _BSD_CLK_TCK_ */
 #   define HZ ((double)_BSD_CLK_TCK_)
 #  endif
@@ -175,12 +165,19 @@
 #endif

 #undef BUFSIZE
-#define BUFSIZE	((long)1024*8+1)
+#define BUFSIZE	((long)1024*8)
 int run=0;

+#ifndef NOPROTO
 static double Time_F(int s);
 static void print_message(char *s,long num,int length);
 static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
+#else
+static double Time_F();
+static void print_message();
+static void pkey_print_message();
+#endif
+
 #ifdef SIGALRM
 #if defined(__STDC__) || defined(sgi) || defined(_AIX)
 #define SIGRETTYPE void
@@ -188,8 +185,14 @@ static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
 #define SIGRETTYPE int
 #endif 

+#ifndef NOPROTO
 static SIGRETTYPE sig_done(int sig);
-static SIGRETTYPE sig_done(int sig)
+#else
+static SIGRETTYPE sig_done();
+#endif
+
+static SIGRETTYPE sig_done(sig)
+int sig;
 	{
 	signal(SIGALRM,sig_done);
 	run=0;
@@ -202,7 +205,8 @@ static SIGRETTYPE sig_done(int sig)
 #define START	0
 #define STOP	1

-static double Time_F(int s)
+static double Time_F(s)
+int s;
 	{
 	double ret;
 #ifdef TIMES
@@ -238,16 +242,19 @@ static double Time_F(int s)
 #endif
 	}

-int MAIN(int argc, char **argv)
+int MAIN(argc,argv)
+int argc;
+char **argv;
 	{
 	unsigned char *buf=NULL,*buf2=NULL;
 	int ret=1;
-#define ALGOR_NUM	14
+#define ALGOR_NUM	11
 #define SIZE_NUM	5
 #define RSA_NUM		4
 #define DSA_NUM		3
 	long count,rsa_count;
 	int i,j,k,rsa_num,rsa_num2;
+	unsigned int kk;
 #ifndef NO_MD2
 	unsigned char md2[MD2_DIGEST_LENGTH];
 #endif
@@ -256,38 +263,27 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef NO_MD5
 	unsigned char md5[MD5_DIGEST_LENGTH];
-	unsigned char hmac[MD5_DIGEST_LENGTH];
 #endif
-#ifndef NO_SHA
+#if !defined(NO_SHA) || !defined(NO_SHA1)
 	unsigned char sha[SHA_DIGEST_LENGTH];
 #endif
-#ifndef NO_RIPEMD
-	unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
-#endif
 #ifndef NO_RC4
 	RC4_KEY rc4_ks;
 #endif
-#ifndef NO_RC5
-	RC5_32_KEY rc5_ks;
-#endif
 #ifndef NO_RC2
 	RC2_KEY rc2_ks;
 #endif
 #ifndef NO_IDEA
 	IDEA_KEY_SCHEDULE idea_ks;
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	BF_KEY bf_ks;
-#endif
-#ifndef NO_CAST
-	CAST_KEY cast_ks;
 #endif
 	static unsigned char key16[16]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
 	unsigned char iv[8];
 #ifndef NO_DES
-	des_cblock *buf_as_des_cblock = NULL;
 	static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
 	static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
 	static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -296,24 +292,21 @@ int MAIN(int argc, char **argv)
 #define	D_MD2		0
 #define	D_MDC2		1
 #define	D_MD5		2
-#define	D_HMAC		3
+#define	D_SHA		3
 #define	D_SHA1		4
-#define D_RMD160	5
-#define	D_RC4		6
-#define	D_CBC_DES	7
-#define	D_EDE3_DES	8
-#define	D_CBC_IDEA	9
-#define	D_CBC_RC2	10
-#define	D_CBC_RC5	11
-#define	D_CBC_BF	12
-#define	D_CBC_CAST	13
+#define	D_RC4		5
+#define	D_CBC_DES	6
+#define	D_EDE3_DES	7
+#define	D_CBC_IDEA	8
+#define	D_CBC_RC2	9
+#define	D_CBC_BF	10
 	double d,results[ALGOR_NUM][SIZE_NUM];
 	static int lengths[SIZE_NUM]={8,64,256,1024,8*1024};
 	long c[ALGOR_NUM][SIZE_NUM];
 	static char *names[ALGOR_NUM]={
-		"md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4",
+		"md2","mdc2","md5","sha","sha1","rc4",
 		"des cbc","des ede3","idea cbc",
-		"rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"};
+		"rc2 cbc","blowfish cbc"};
 #define	R_DSA_512	0
 #define	R_DSA_1024	1
 #define	R_DSA_2048	2
@@ -321,51 +314,42 @@ int MAIN(int argc, char **argv)
 #define	R_RSA_1024	1
 #define	R_RSA_2048	2
 #define	R_RSA_4096	3
-#ifndef NO_RSA
 	RSA *rsa_key[RSA_NUM];
+	DSA *dsa_key[DSA_NUM];
 	long rsa_c[RSA_NUM][2];
+	long dsa_c[DSA_NUM][2];
+#ifndef NO_RSA
 	double rsa_results[RSA_NUM][2];
+#endif
+#ifndef NO_DSA
+	double dsa_results[DSA_NUM][2];
+#endif
 	static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
+	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
 	static unsigned char *rsa_data[RSA_NUM]=
 		{test512,test1024,test2048,test4096};
 	static int rsa_data_length[RSA_NUM]={
 		sizeof(test512),sizeof(test1024),
 		sizeof(test2048),sizeof(test4096)};
-#endif
-#ifndef NO_DSA
-	DSA *dsa_key[DSA_NUM];
-	long dsa_c[DSA_NUM][2];
-	double dsa_results[DSA_NUM][2];
-	static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
-#endif
+	int doit[ALGOR_NUM];
 	int rsa_doit[RSA_NUM];
 	int dsa_doit[DSA_NUM];
-	int doit[ALGOR_NUM];
 	int pr_header=0;

 	apps_startup();
-#ifndef NO_DSA
-	memset(dsa_key,0,sizeof(dsa_key));
-#endif

 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);

-#ifndef NO_RSA
-	memset(rsa_key,0,sizeof(rsa_key));
 	for (i=0; i<RSA_NUM; i++)
 		rsa_key[i]=NULL;
-#endif

 	if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
 		{
 		BIO_printf(bio_err,"out of memory\n");
 		goto end;
 		}
-#ifndef NO_DES
-	buf_as_des_cblock = (des_cblock *)buf;
-#endif
 	if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
 		{
 		BIO_printf(bio_err,"out of memory\n");
@@ -399,22 +383,12 @@ int MAIN(int argc, char **argv)
 			if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
 		else
 #endif
-#ifndef NO_MD5
-			if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1;
-		else
-#endif
 #ifndef NO_SHA
-			if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
-		else
-			if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1;
+			if (strcmp(*argv,"sha") == 0) doit[D_SHA]=1;
 		else
 #endif
-#ifndef NO_RIPEMD
-			if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1;
-		else
-			if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1;
+#ifndef NO_SHA1
+			if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
 		else
 #endif
 #ifndef NO_RC4
@@ -435,7 +409,7 @@ int MAIN(int argc, char **argv)
 			}
 		else
 #endif
-			if (strcmp(*argv,"openssl") == 0) 
+			if (strcmp(*argv,"ssleay") == 0) 
 			{
 			RSA_set_default_method(RSA_PKCS1_SSLeay());
 			j--;
@@ -455,26 +429,14 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
 		else
 #endif
-#ifndef NO_RC5
-		     if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1;
-		else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1;
-		else
-#endif
 #ifndef NO_IDEA
 		     if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
 		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
 		else
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
 		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
-		else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1;
-		else
-#endif
-#ifndef NO_CAST
-		     if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1;
-		else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1;
 		else
 #endif
 #ifndef NO_DES
@@ -505,20 +467,17 @@ int MAIN(int argc, char **argv)
 #endif
 			{
 			BIO_printf(bio_err,"bad value, pick one of\n");
-			BIO_printf(bio_err,"md2      mdc2	md5      hmac      sha1    rmd160\n");
+			BIO_printf(bio_err,"md2      mdc2	md5      sha      sha1\n");
 #ifndef NO_IDEA
 			BIO_printf(bio_err,"idea-cbc ");
 #endif
 #ifndef NO_RC2
 			BIO_printf(bio_err,"rc2-cbc  ");
 #endif
-#ifndef NO_RC5
-			BIO_printf(bio_err,"rc5-cbc  ");
-#endif
-#ifndef NO_BF
+#ifndef NO_RC2
 			BIO_printf(bio_err,"bf-cbc");
 #endif
-#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5)
+#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH)
 			BIO_printf(bio_err,"\n");
 #endif
 			BIO_printf(bio_err,"des-cbc  des-ede3 ");
@@ -568,14 +527,6 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err,"internal error loading RSA key number %d\n",i);
 			goto end;
 			}
-#if 0
-		else
-			{
-			BIO_printf(bio_err,"Loaded RSA key, %d bit modulus and e= 0x",BN_num_bits(rsa_key[i]->n));
-			BN_print(bio_err,rsa_key[i]->e);
-			BIO_printf(bio_err,"\n");
-			}
-#endif
 		}
 #endif

@@ -586,9 +537,9 @@ int MAIN(int argc, char **argv)
 #endif

 #ifndef NO_DES
-	des_set_key(&key,sch);
-	des_set_key(&key2,sch2);
-	des_set_key(&key3,sch3);
+	des_set_key((C_Block *)key,sch);
+	des_set_key((C_Block *)key2,sch2);
+	des_set_key((C_Block *)key3,sch3);
 #endif
 #ifndef NO_IDEA
 	idea_set_encrypt_key(key16,&idea_ks);
@@ -599,18 +550,11 @@ int MAIN(int argc, char **argv)
 #ifndef NO_RC2
 	RC2_set_key(&rc2_ks,16,key16,128);
 #endif
-#ifndef NO_RC5
-	RC5_32_set_key(&rc5_ks,16,key16,12);
-#endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	BF_set_key(&bf_ks,16,key16);
 #endif
-#ifndef NO_CAST
-	CAST_set_key(&cast_ks,16,key16);
-#endif
-#ifndef NO_RSA
+
 	memset(rsa_c,0,sizeof(rsa_c));
-#endif
 #ifndef SIGALRM
 	BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
 	count=10;
@@ -619,33 +563,29 @@ int MAIN(int argc, char **argv)
 		count*=2;
 		Time_F(START);
 		for (i=count; i; i--)
-			des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
+			des_ecb_encrypt((C_Block *)buf,(C_Block *)buf,
 				&(sch[0]),DES_ENCRYPT);
 		d=Time_F(STOP);
 		} while (d <3);
 	c[D_MD2][0]=count/10;
 	c[D_MDC2][0]=count/10;
 	c[D_MD5][0]=count;
-	c[D_HMAC][0]=count;
+	c[D_SHA][0]=count;
 	c[D_SHA1][0]=count;
-	c[D_RMD160][0]=count;
 	c[D_RC4][0]=count*5;
 	c[D_CBC_DES][0]=count;
 	c[D_EDE3_DES][0]=count/3;
 	c[D_CBC_IDEA][0]=count;
 	c[D_CBC_RC2][0]=count;
-	c[D_CBC_RC5][0]=count;
 	c[D_CBC_BF][0]=count;
-	c[D_CBC_CAST][0]=count;

 	for (i=1; i<SIZE_NUM; i++)
 		{
 		c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
 		c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
 		c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
-		c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
+		c[D_SHA][i]=c[D_SHA][0]*4*lengths[0]/lengths[i];
 		c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
-		c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
 		}
 	for (i=1; i<SIZE_NUM; i++)
 		{
@@ -658,11 +598,8 @@ int MAIN(int argc, char **argv)
 		c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
 		c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
 		c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
-		c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
 		c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
-		c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1;
 		}
-#ifndef NO_RSA
 	rsa_c[R_RSA_512][0]=count/2000;
 	rsa_c[R_RSA_512][1]=count/400;
 	for (i=1; i<RSA_NUM; i++)
@@ -673,14 +610,13 @@ int MAIN(int argc, char **argv)
 			rsa_doit[i]=0;
 		else
 			{
-			if (rsa_c[i][0] == 0)
+			if (rsa_c[i] == 0)
 				{
 				rsa_c[i][0]=1;
 				rsa_c[i][1]=20;
 				}
 			}				
 		}
-#endif

 	dsa_c[R_DSA_512][0]=count/1000;
 	dsa_c[R_DSA_512][1]=count/1000/2;
@@ -700,7 +636,7 @@ int MAIN(int argc, char **argv)
 			}				
 		}

-#define COND(d)	(count < (d))
+#define COND(d)	(count != (d))
 #define COUNT(d) (d)
 #else
 #define COND(c)	(run)
@@ -749,7 +685,7 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_MD5][j]); count++)
-				MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
+				MD5(buf,(unsigned long)lengths[j],&(md5[0]));
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_MD5],d);
@@ -758,31 +694,23 @@ int MAIN(int argc, char **argv)
 		}
 #endif

-#if !defined(NO_MD5) && !defined(NO_HMAC)
-	if (doit[D_HMAC])
+#ifndef NO_SHA
+	if (doit[D_SHA])
 		{
-		HMAC_CTX hctx;
-		HMAC_Init(&hctx,(unsigned char *)"This is a key...",
-			16,EVP_md5());
-
 		for (j=0; j<SIZE_NUM; j++)
 			{
-			print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]);
+			print_message(names[D_SHA],c[D_SHA][j],lengths[j]);
 			Time_F(START);
-			for (count=0,run=1; COND(c[D_HMAC][j]); count++)
-				{
-				HMAC_Init(&hctx,NULL,0,NULL);
-                                HMAC_Update(&hctx,buf,lengths[j]);
-                                HMAC_Final(&hctx,&(hmac[0]),NULL);
-				}
+			for (count=0,run=1; COND(c[D_SHA][j]); count++)
+				SHA(buf,(unsigned long)lengths[j],&(sha[0]));
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
-				count,names[D_HMAC],d);
-			results[D_HMAC][j]=((double)count)/d*lengths[j];
+				count,names[D_SHA],d);
+			results[D_SHA][j]=((double)count)/d*lengths[j];
 			}
 		}
 #endif
-#ifndef NO_SHA
+#ifndef NO_SHA1
 	if (doit[D_SHA1])
 		{
 		for (j=0; j<SIZE_NUM; j++)
@@ -798,22 +726,6 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
-#ifndef NO_RIPEMD
-	if (doit[D_RMD160])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_RMD160][j]); count++)
-				RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
-			d=Time_F(STOP);
-			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
-				count,names[D_RMD160],d);
-			results[D_RMD160][j]=((double)count)/d*lengths[j];
-			}
-		}
-#endif
 #ifndef NO_RC4
 	if (doit[D_RC4])
 		{
@@ -839,8 +751,10 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_CBC_DES][j]); count++)
-				des_ncbc_encrypt(buf,buf,lengths[j],sch,
-						 &iv,DES_ENCRYPT);
+				des_ncbc_encrypt((C_Block *)buf,
+					(C_Block *)buf,
+					(long)lengths[j],sch,
+					(C_Block *)&(iv[0]),DES_ENCRYPT);
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_CBC_DES],d);
@@ -855,9 +769,10 @@ int MAIN(int argc, char **argv)
 			print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++)
-				des_ede3_cbc_encrypt(buf,buf,lengths[j],
-						     sch,sch2,sch3,
-						     &iv,DES_ENCRYPT);
+				des_ede3_cbc_encrypt((C_Block *)buf,
+					(C_Block *)buf,
+					(long)lengths[j],sch,sch2,sch3,
+					(C_Block *)&(iv[0]),DES_ENCRYPT);
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_EDE3_DES],d);
@@ -875,7 +790,7 @@ int MAIN(int argc, char **argv)
 			for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
 				idea_cbc_encrypt(buf,buf,
 					(unsigned long)lengths[j],&idea_ks,
-					iv,IDEA_ENCRYPT);
+					(unsigned char *)&(iv[0]),IDEA_ENCRYPT);
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_CBC_IDEA],d);
@@ -893,7 +808,7 @@ int MAIN(int argc, char **argv)
 			for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
 				RC2_cbc_encrypt(buf,buf,
 					(unsigned long)lengths[j],&rc2_ks,
-					iv,RC2_ENCRYPT);
+					(unsigned char *)&(iv[0]),RC2_ENCRYPT);
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_CBC_RC2],d);
@@ -901,25 +816,7 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
-#ifndef NO_RC5
-	if (doit[D_CBC_RC5])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
-				RC5_32_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&rc5_ks,
-					iv,RC5_ENCRYPT);
-			d=Time_F(STOP);
-			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
-				count,names[D_CBC_RC5],d);
-			results[D_CBC_RC5][j]=((double)count)/d*lengths[j];
-			}
-		}
-#endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	if (doit[D_CBC_BF])
 		{
 		for (j=0; j<SIZE_NUM; j++)
@@ -929,7 +826,7 @@ int MAIN(int argc, char **argv)
 			for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
 				BF_cbc_encrypt(buf,buf,
 					(unsigned long)lengths[j],&bf_ks,
-					iv,BF_ENCRYPT);
+					(unsigned char *)&(iv[0]),BF_ENCRYPT);
 			d=Time_F(STOP);
 			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
 				count,names[D_CBC_BF],d);
@@ -937,35 +834,14 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
-#ifndef NO_CAST
-	if (doit[D_CBC_CAST])
-		{
-		for (j=0; j<SIZE_NUM; j++)
-			{
-			print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]);
-			Time_F(START);
-			for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
-				CAST_cbc_encrypt(buf,buf,
-					(unsigned long)lengths[j],&cast_ks,
-					iv,CAST_ENCRYPT);
-			d=Time_F(STOP);
-			BIO_printf(bio_err,"%ld %s's in %.2fs\n",
-				count,names[D_CBC_CAST],d);
-			results[D_CBC_CAST][j]=((double)count)/d*lengths[j];
-			}
-		}
-#endif

 	RAND_bytes(buf,30);
 #ifndef NO_RSA
 	for (j=0; j<RSA_NUM; j++)
 		{
 		if (!rsa_doit[j]) continue;
-		rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
-			RSA_PKCS1_PADDING);
 		pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
 			RSA_SECONDS);
-/*		RSA_blinding_on(rsa_key[j],NULL); */
 		Time_F(START);
 		for (count=0,run=1; COND(rsa_c[j][0]); count++)
 			{
@@ -985,9 +861,6 @@ int MAIN(int argc, char **argv)
 		rsa_results[j][0]=d/(double)count;
 		rsa_count=count;

-#if 1
-		rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
-			RSA_PKCS1_PADDING);
 		pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
 			RSA_SECONDS);
 		Time_F(START);
@@ -1007,7 +880,6 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
 			count,rsa_bits[j],d);
 		rsa_results[j][1]=d/(double)count;
-#endif

 		if (rsa_count <= 1)
 			{
@@ -1022,13 +894,9 @@ int MAIN(int argc, char **argv)
 #ifndef NO_DSA
 	for (j=0; j<DSA_NUM; j++)
 		{
-		unsigned int kk;
-
 		if (!dsa_doit[j]) continue;
 		DSA_generate_key(dsa_key[j]);
 /*		DSA_sign_setup(dsa_key[j],NULL); */
-		rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
-			&kk,dsa_key[j]);
 		pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
 			DSA_SECONDS);
 		Time_F(START);
@@ -1050,8 +918,6 @@ int MAIN(int argc, char **argv)
 		dsa_results[j][0]=d/(double)count;
 		rsa_count=count;

-		rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
-			kk,dsa_key[j]);
 		pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
 			DSA_SECONDS);
 		Time_F(START);
@@ -1097,10 +963,10 @@ int MAIN(int argc, char **argv)
 #ifndef NO_IDEA
 	printf("%s ",idea_options());
 #endif
-#ifndef NO_BF
+#ifndef NO_BLOWFISH
 	printf("%s ",BF_options());
 #endif
-	fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
+	fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_CFLAGS));

 	if (pr_header)
 		{
@@ -1114,7 +980,7 @@ int MAIN(int argc, char **argv)
 	for (k=0; k<ALGOR_NUM; k++)
 		{
 		if (!doit[k]) continue;
-		fprintf(stdout,"%-13s",names[k]);
+		fprintf(stdout,"%-12s",names[k]);
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			if (results[k][j] > 10000)
@@ -1129,14 +995,9 @@ int MAIN(int argc, char **argv)
 	for (k=0; k<RSA_NUM; k++)
 		{
 		if (!rsa_doit[k]) continue;
-		if (j)
-			{
-			printf("%18ssign    verify    sign/s verify/s\n"," ");
-			j=0;
-			}
-		fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f",
-			rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
-			1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
+		if (j) { printf("%18ssign    verify\n"," "); j=0; }
+		fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs",
+			rsa_bits[k],rsa_results[k][0],rsa_results[k][1]);
 		fprintf(stdout,"\n");
 		}
 #endif
@@ -1145,13 +1006,9 @@ int MAIN(int argc, char **argv)
 	for (k=0; k<DSA_NUM; k++)
 		{
 		if (!dsa_doit[k]) continue;
-		if (j)	{
-			printf("%18ssign    verify    sign/s verify/s\n"," ");
-			j=0;
-			}
-		fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f",
-			dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
-			1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
+		if (j) { printf("%18ssign    verify\n"," "); j=0; }
+		fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs",
+			dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
 		fprintf(stdout,"\n");
 		}
 #endif
@@ -1172,34 +1029,40 @@ end:
 	EXIT(ret);
 	}

-static void print_message(char *s, long num, int length)
+static void print_message(s,num,length)
+char *s;
+long num;
+int length;
 	{
 #ifdef SIGALRM
 	BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 	alarm(SECONDS);
 #else
 	BIO_printf(bio_err,"Doing %s %ld times on %d size blocks: ",s,num,length);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 #endif
 #ifdef LINT
 	num=num;
 #endif
 	}

-static void pkey_print_message(char *str, char *str2, long num, int bits,
-	     int tm)
+static void pkey_print_message(str,str2,num,bits,tm)
+char *str;
+char *str2;
+long num;
+int bits;
+int tm;
 	{
 #ifdef SIGALRM
 	BIO_printf(bio_err,"Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 	alarm(RSA_SECONDS);
 #else
 	BIO_printf(bio_err,"Doing %ld %d bit %s %s's: ",num,bits,str,str2);
-	(void)BIO_flush(bio_err);
+	BIO_flush(bio_err);
 #endif
 #ifdef LINT
 	num=num;
 #endif
 	}
-
--- a/apps/ssleay.c
+++ b/apps/ssleay.c
@@ -0,0 +1,339 @@
+/* apps/ssleay.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define DEBUG
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "crypto.h"
+#include "lhash.h"
+#include "conf.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#define SSLEAY	/* turn off a few special case MONOLITH macros */
+#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
+#define SSLEAY_SRC
+#include "apps.h"
+#include "s_apps.h"
+#include "err.h"
+
+
+#ifndef NOPROTO
+static unsigned long MS_CALLBACK hash(FUNCTION *a);
+static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
+static LHASH *prog_init(void );
+static int do_cmd(LHASH *prog,int argc,char *argv[]);
+static void sig_stop(int i);
+#else
+static unsigned long MS_CALLBACK hash();
+static int MS_CALLBACK cmp();
+static LHASH *prog_init();
+static int do_cmd();
+static void sig_stop();
+#endif
+
+LHASH *config=NULL;
+char *default_config_file=NULL;
+
+#ifdef DEBUG
+static void sig_stop(i)
+int i;
+	{
+	char *a=NULL;
+
+	*a='\0';
+	}
+#endif
+
+/* Make sure there is only one when MONOLITH is defined */
+#ifdef MONOLITH
+BIO *bio_err=NULL;
+#endif
+
+int main(Argc,Argv)
+int Argc;
+char *Argv[];
+	{
+	ARGS arg;
+#define PROG_NAME_SIZE	16
+	char pname[PROG_NAME_SIZE];
+	FUNCTION f,*fp;
+	MS_STATIC char *prompt,buf[1024],config_name[256];
+	int n,i,ret=0;
+	int argc;
+	char **argv,*p;
+	LHASH *prog=NULL;
+	long errline;
+ 
+	arg.data=NULL;
+	arg.count=0;
+
+	/* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
+	apps_startup();
+
+#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
+#ifdef SIGBUS
+	signal(SIGBUS,sig_stop);
+#endif
+#ifdef SIGSEGV
+	signal(SIGSEGV,sig_stop);
+#endif
+#endif
+
+	if (bio_err == NULL)
+		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+	ERR_load_crypto_strings();
+
+	/* Lets load up our environment a little */
+	p=getenv("SSLEAY_CONF");
+	if (p == NULL)
+		{
+		strcpy(config_name,X509_get_default_cert_area());
+		strcat(config_name,"/lib/");
+		strcat(config_name,SSLEAY_CONF);
+		p=config_name;
+		}
+
+	default_config_file=p;
+
+	config=CONF_load(config,p,&errline);
+	if (config == NULL) ERR_clear_error();
+
+	prog=prog_init();
+
+	/* first check the program name */
+	program_name(Argv[0],pname,PROG_NAME_SIZE);
+
+	f.name=pname;
+	fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+	if (fp != NULL)
+		{
+		Argv[0]=pname;
+		ret=fp->func(Argc,Argv);
+		goto end;
+		}
+
+	/* ok, now check that there are not arguments, if there are,
+	 * run with them, shifting the ssleay off the front */
+	if (Argc != 1)
+		{
+		Argc--;
+		Argv++;
+		ret=do_cmd(prog,Argc,Argv);
+		if (ret < 0) ret=0;
+		goto end;
+		}
+
+	/* ok, lets enter the old 'SSLeay>' mode */
+	
+	for (;;)
+		{
+		ret=0;
+		p=buf;
+		n=1024;
+		i=0;
+		for (;;)
+			{
+			p[0]='\0';
+			if (i++)
+				prompt=">";
+			else	prompt="SSLeay>";
+			fputs(prompt,stdout);
+			fflush(stdout);
+			fgets(p,n,stdin);
+			if (p[0] == '\0') goto end;
+			i=strlen(p);
+			if (i <= 1) break;
+			if (p[i-2] != '\\') break;
+			i-=2;
+			p+=i;
+			n-=i;
+			}
+		if (!chopup_args(&arg,buf,&argc,&argv)) break;
+
+		ret=do_cmd(prog,argc,argv);
+		if (ret < 0)
+			{
+			ret=0;
+			goto end;
+			}
+		if (ret != 0)
+			BIO_printf(bio_err,"error in %s\n",argv[0]);
+		}
+	BIO_printf(bio_err,"bad exit\n");
+	ret=1;
+end:
+	if (config != NULL)
+		{
+		CONF_free(config);
+		config=NULL;
+		}
+	if (prog != NULL) lh_free(prog);
+	if (arg.data != NULL) Free(arg.data);
+	ERR_remove_state(0);
+
+	EVP_cleanup();
+
+	CRYPTO_mem_leaks(bio_err);
+	if (bio_err != NULL)
+		{
+		BIO_free(bio_err);
+		bio_err=NULL;
+		}
+	EXIT(ret);
+	}
+
+static int do_cmd(prog,argc,argv)
+LHASH *prog;
+int argc;
+char *argv[];
+	{
+	FUNCTION f,*fp;
+	int i,ret=1,tp,nl;
+
+	if ((argc <= 0) || (argv[0] == NULL))
+		{ ret=0; goto end; }
+	f.name=argv[0];
+	fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+	if (fp != NULL)
+		{
+		ret=fp->func(argc,argv);
+		}
+	else if ((strcmp(argv[0],"quit") == 0) ||
+		(strcmp(argv[0],"q") == 0) ||
+		(strcmp(argv[0],"exit") == 0) ||
+		(strcmp(argv[0],"bye") == 0))
+		{
+		ret= -1;
+		goto end;
+		}
+	else
+		{
+		BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
+			argv[0]);
+		i=0;
+		fp=functions;
+		tp=0;
+		for (fp=functions; fp->name != NULL; fp++)
+			{
+			nl=0;
+			if (((i++) % 5) == 0)
+				{
+				BIO_printf(bio_err,"\n");
+				nl=1;
+				}
+			if (fp->type != tp)
+				{
+				tp=fp->type;
+				if (!nl) BIO_printf(bio_err,"\n");
+				if (tp == FUNC_TYPE_MD)
+					{
+					i=1;
+					BIO_printf(bio_err,
+						"Message Digest commands - see the dgst command for more details\n");
+					}
+				else if (tp == FUNC_TYPE_CIPHER)
+					{
+					i=1;
+					BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
+					}
+				}
+			BIO_printf(bio_err,"%-15s",fp->name);
+			}
+		BIO_printf(bio_err,"\nquit\n");
+		ret=0;
+		}
+end:
+	return(ret);
+	}
+
+static LHASH *prog_init()
+	{
+	LHASH *ret;
+	FUNCTION *f;
+
+	if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
+
+	for (f=functions; f->name != NULL; f++)
+		lh_insert(ret,(char *)f);
+	return(ret);
+	}
+
+static int MS_CALLBACK cmp(a,b)
+FUNCTION *a,*b;
+	{
+	return(strncmp(a->name,b->name,8));
+	}
+
+static unsigned long MS_CALLBACK hash(a)
+FUNCTION *a;
+	{
+	return(lh_strhash(a->name));
+	}
+
+#undef SSLEAY
--- a/Show More
+++ b/Show More