I almost forgot...

Time for version 0.9.5a beta2
I know it's earlier than announced. The high amount of problems in beta1 warants this, however.
2000-03-23 21:12:50 +00:00 · 2000-03-23 21:07:41 +00:00 · 2000-03-23 19:31:37 +00:00 · 2000-03-23 18:14:21 +00:00 · 2000-03-23 17:54:58 +00:00 · 2000-03-23 11:08:49 +00:00
233 changed files with 8724 additions and 23552 deletions
--- a/.cvsignore
+++ b/.cvsignore
@@ -7,5 +7,7 @@ outinc
 rehash.time
 testlog
 make.log
+maketest.log
 cctest
 cctest.c
+cctest.a
--- a/128
+++ b/128
@@ -2,7 +2,133 @@
 OpenSSL CHANGES
 _______________

- Changes between 0.9.4 and 0.9.5  [xx XXX 2000]
+ Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]
+
+  *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
+     fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
+     using the passed key: if the passed key was a private key the result
+     of X509_print(), for example, would be to print out all the private key
+     components.
+     [Steve Henson]
+
+  *) des_quad_cksum() byte order bug fix.
+     [Ulf M<>ller, using the problem description in krb4-0.9.7, where
+      the solution is attributed to Derrick J Brashear <shadow@DEMENTIA.ORG>]
+
+  *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
+     discouraged.
+     [Steve Henson, pointed out by Brian Korver <briank@cs.stanford.edu>]
+
+  *) For easily testing in shell scripts whether some command
+     'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
+     returns with exit code 0 iff no command of the given name is available.
+     'no-XXX' is printed in this case, 'XXX' otherwise.  In both cases,
+     the output goes to stdout and nothing is printed to stderr.
+     Additional arguments are always ignored.
+
+     Since for each cipher there is a command of the same name,
+     the 'no-cipher' compilation switches can be tested this way.
+
+     ('openssl no-XXX' is not able to detect pseudo-commands such
+     as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
+     [Bodo Moeller]
+
+  *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
+     [Bodo Moeller]
+
+  *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
+     is set; it will be thrown away anyway because each handshake creates
+     its own key.
+     ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
+     to parameters -- in previous versions (since OpenSSL 0.9.3) the
+     'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
+     you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
+     [Bodo Moeller]
+
+  *) New s_client option -ign_eof: EOF at stdin is ignored, and
+     'Q' and 'R' lose their special meanings (quit/renegotiate).
+     This is part of what -quiet does; unlike -quiet, -ign_eof
+     does not suppress any output.
+     [Richard Levitte]
+
+  *) Add compatibility options to the purpose and trust code. The
+     purpose X509_PURPOSE_ANY is "any purpose" which automatically
+     accepts a certificate or CA, this was the previous behaviour,
+     with all the associated security issues.
+
+     X509_TRUST_COMPAT is the old trust behaviour: only and
+     automatically trust self signed roots in certificate store. A
+     new trust setting X509_TRUST_DEFAULT is used to specify that
+     a purpose has no associated trust setting and it should instead
+     use the value in the default purpose.
+     [Steve Henson]
+
+  *) Fix the PKCS#8 DSA private key code so it decodes keys again
+     and fix a memory leak.
+     [Steve Henson]
+
+  *) In util/mkerr.pl (which implements 'make errors'), preserve
+     reason strings from the previous version of the .c file, as
+     the default to have only downcase letters (and digits) in
+     automatically generated reasons codes is not always appropriate.
+     [Bodo Moeller]
+
+  *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
+     using strerror.  Previously, ERR_reason_error_string() returned
+     library names as reason strings for SYSerr; but SYSerr is a special
+     case where small numbers are errno values, not library numbers.
+     [Bodo Moeller]
+
+  *) Add '-dsaparam' option to 'openssl dhparam' application.  This
+     converts DSA parameters into DH parameters. (When creating parameters,
+     DSA_generate_parameters is used.)
+     [Bodo Moeller]
+
+  *) Include 'length' (recommended exponent length) in C code generated
+     by 'openssl dhparam -C'.
+     [Bodo Moeller]
+
+  *) The second argument to set_label in perlasm was already being used
+     so couldn't be used as a "file scope" flag. Moved to third argument
+     which was free.
+     [Steve Henson]
+
+  *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
+     instead of RAND_bytes for encryption IVs and salts.
+     [Bodo Moeller]
+
+  *) Include RAND_status() into RAND_METHOD instead of implementing
+     it only for md_rand.c  Otherwise replacing the PRNG by calling
+     RAND_set_rand_method would be impossible.
+     [Bodo Moeller]
+
+  *) Don't let DSA_generate_key() enter an infinite loop if the random
+     number generation fails.
+     [Bodo Moeller]
+
+  *) New 'rand' application for creating pseudo-random output.
+     [Bodo Moeller]
+
+  *) Added configuration support for Linux/IA64
+     [Rolf Haberrecker <rolf@suse.de>]
+
+  *) Assembler module support for Mingw32.
+     [Ulf M<>ller]
+
+  *) Shared library support for HPUX (in shlib/).
+     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Anonymous]
+
+  *) Shared library support for Solaris gcc.
+     [Lutz Behnke <behnke@trustcenter.de>]
+
+ Changes between 0.9.4 and 0.9.5  [28 Feb 2000]
+
+  *) PKCS7_encrypt() was adding text MIME headers twice because they
+     were added manually and by SMIME_crlf_copy().
+     [Steve Henson]
+
+  *) In bntest.c don't call BN_rand with zero bits argument.
+     [Steve Henson, pointed out by Andrew W. Gray <agray@iconsinc.com>]

  *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
     case was implemented. This caused BN_div_recp() to fail occasionally.
--- a/70
+++ b/70
@@ -89,10 +89,10 @@ my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:as
 #config-string	$cc : $cflags : $unistd : $thread_cflag : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj

 my %table=(
-#"b",		"$tcc:$tflags::$tlib:$bits1:$tbn_mul::",
-#"bl-4c-2c",	"$tcc:$tflags::$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
-#"bl-4c-ri",	"$tcc:$tflags::$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
-#"b2-is-ri-dp",	"$tcc:$tflags::$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
+#"b",		"${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
+#"bl-4c-2c",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
+#"bl-4c-ri",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
+#"b2-is-ri-dp",	"${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",

 # Our development configs
 "purify",	"purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::",
@@ -100,11 +100,11 @@ my %table=(
 "debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
 "debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
-"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
+"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
 "dist",		"cc:-O::(unknown):::::",

 # Basic configs that should work on any (32 and less bit) box
@@ -117,7 +117,7 @@ my %table=(
 # surrounds it with #APP #NO_APP comment pair which (at least Solaris
 # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
 # error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}",

 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -158,7 +158,7 @@ my %table=(

 # Sunos configs, assuming sparc for the gcc one.
 ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown)::DES_UNROLL:::",
-"sunos-gcc","gcc:-O3 -mv8::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",
+"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",

 #### IRIX 5.x configs
 # -mips2 flag is added by ./config when appropriate.
@@ -266,25 +266,26 @@ my %table=(

 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "linux-mips",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
 "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
+"linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::",
 "NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
 "NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG $x86_gcc_des $x86_gcc_opts:$x86_bsdi_asm",
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
-"nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::",
-"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::",
+"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
+"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
 # NCR MP-RAS UNIX ver 02.03.01
-"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown):-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",

 # UnixWare 2.0
-"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
+"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
 "unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread::(unknown):-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",

 # UnixWare 7
@@ -320,12 +321,12 @@ my %table=(
 # DGUX, 88100.
 "dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown)::RC4_INDEX DES_UNROLL:::",
 "dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",

 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
 # SCO cc.
-"sco5-cc",  "cc:::(unknown):-lsocket:$x86_gcc_des ${x86_gcc_opts}:::", # des options?
-"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
+"sco5-cc",  "cc:::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
+"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...

 # Sinix/ReliantUNIX RM400
 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
@@ -352,8 +353,8 @@ my %table=(
 # CygWin32
 # (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl
 # and its library files in util/pl/*)
-"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
-"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
+"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",

 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown)::::::",
@@ -363,7 +364,7 @@ my %table=(

 # Some OpenBSD from Bob Beck <beck@obtuse.com>
 "OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
-"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
 "OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",

@@ -421,6 +422,7 @@ my $target="";
 my $options="";
 foreach (@ARGV)
 	{
+	s /^-no-/no-/; # some people just can't read the instructions
 	if (/^no-asm$/)
 	 	{
 		$no_asm=1;
@@ -865,9 +867,6 @@ EOF
 print <<EOF;

 Configured for $target.
-
-NOTE: OpenSSL header files were moved from <*.h> to <openssl/*.h>;
-see file INSTALL for hints on coping with compatibility problems.
 EOF

 print <<\EOF if (!$no_threads && !$threads);
@@ -938,12 +937,11 @@ sub dofile
 		{
 		grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
 		}
-	($ff=$f) =~ s/\..*$//;
-	open(OUT,">$ff.new") || die "unable to open $f:$!\n";
+	open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
 	print OUT @a;
 	close(OUT);
-	rename($f,"$ff.bak") || die "unable to rename $f\n" if -e $f;
-	rename("$ff.new",$f) || die "unable to rename $ff.new\n";
+	rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
+	rename("$f.new",$f) || die "unable to rename $f.new\n";
 	}

 sub print_table_entry
--- a/73
+++ b/73
@@ -9,12 +9,13 @@ OpenSSL  -  Frequently Asked Questions
 * Why do I get a "PRNG not seeded" error message?
 * Why does the linker complain about undefined symbols?
 * Where can I get a compiled version of OpenSSL?
+* Why can't the OpenSSH configure script detect OpenSSL?


 * Which is the current version of OpenSSL?

 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.4 was released on August 9th, 1999.
+OpenSSL 0.9.5 was released on February 28th, 2000.

 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -79,9 +80,11 @@ the popular web browsers without RSA support.

 * Is OpenSSL thread-safe?

-Yes.  On Windows and many Unix systems, OpenSSL automatically uses the
-multi-threaded versions of the standard libraries.  If your platform
-is not one of these, consult the INSTALL file.
+Yes (with limitations: an SSL connection may not concurrently be used
+by multiple threads).  On Windows and many Unix systems, OpenSSL
+automatically uses the multi-threaded versions of the standard
+libraries.  If your platform is not one of these, consult the INSTALL
+file.

 Multi-threaded applications must provide two callback functions to
 OpenSSL.  This is described in the threads(3) manpage.
@@ -103,6 +106,15 @@ application you are using.  It is likely that it never worked
 correctly.  OpenSSL 0.9.5 makes the error visible by refusing to
 perform potentially insecure encryption.

+Most components of the openssl command line tool try to use the
+file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
+for seeding the PRNG.  If this file does not exist or is too short,
+the "PRNG not seeded" error message may occur.
+Note that the command "openssl rsa" in OpenSSL 0.9.5 does not do this
+and will fail on systems without /dev/urandom when trying to
+password-encrypt an RSA key!  This is a bug in the library;
+try a later snaphost instead.
+

 * Why does the linker complain about undefined symbols?

@@ -113,7 +125,18 @@ If you used ./Configure instead of ./config, make sure that you
 selected the right target.  File formats may differ slightly between
 OS versions (for example sparcv8/sparcv9, or a.out/elf).

-If that doesn't help, you may want to try using the current snapshot.
+In case you get errors about the following symbols, use the config
+option "no-asm", as described in INSTALL:
+
+ BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt,
+ CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt,
+ RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words,
+ bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4,
+ bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3,
+ des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3,
+ des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order
+
+If none of these helps, you may want to try using the current snapshot.
 If the problem persists, please submit a bug report.


@@ -128,3 +151,43 @@ a C compiler, read the "Mingw32" section of INSTALL.W32 for information
 on how to obtain and install the free GNU C compiler.

 A number of Linux and *BSD distributions include OpenSSL.
+
+
+* Why can't the OpenSSH configure script detect OpenSSL?
+
+There is a problem with OpenSSH 1.2.2p1, in that the configure script
+can't find the installed OpenSSL libraries.  The problem is actually
+a small glitch that is easily solved with the following patch to be
+applied to the OpenSSH distribution:
+
+--- openssh-1.2.2p1/configure.in.orig	Thu Mar 23 18:56:58 2000
+++ openssh-1.2.2p1/configure.in	Thu Mar 23 18:55:05 2000
+@@ -152,10 +152,10 @@
+ AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
+ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
+ 	if test ! -z "$ssldir" ; then
+-		LIBS="$saved_LIBS -L$ssldir"
+		LIBS="$saved_LIBS -L$ssldir/lib"
+ 		CFLAGS="$CFLAGS -I$ssldir/include"
+ 		if test "x$need_dash_r" = "x1" ; then
+-			LIBS="$LIBS -R$ssldir"
+			LIBS="$LIBS -R$ssldir/lib"
+ 		fi
+ 	fi
+ 	LIBS="$LIBS -lcrypto"
+--- openssh-1.2.2p1/configure.orig	Thu Mar 23 18:55:02 2000
+++ openssh-1.2.2p1/configure	Thu Mar 23 18:57:08 2000
+@@ -1890,10 +1890,10 @@
+ echo "configure:1891: checking for OpenSSL/SSLeay directory" >&5
+ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
+ 	if test ! -z "$ssldir" ; then
+-		LIBS="$saved_LIBS -L$ssldir"
+		LIBS="$saved_LIBS -L$ssldir/lib"
+ 		CFLAGS="$CFLAGS -I$ssldir/include"
+ 		if test "x$need_dash_r" = "x1" ; then
+-			LIBS="$LIBS -R$ssldir"
+			LIBS="$LIBS -R$ssldir/lib"
+ 		fi
+ 	fi
+ 	LIBS="$LIBS -lcrypto"
+
--- a/4
+++ b/4
@@ -2,8 +2,8 @@
 INSTALLATION ON THE UNIX PLATFORM
 ---------------------------------

- [See INSTALL.W32 for instructions for compiling OpenSSL on Windows systems,
-  and INSTALL.VMS for installing on OpenVMS systems.]
+ [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described
+  in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.]

 To install OpenSSL, you will need:

--- a/INSTALL.VMS
+++ b/INSTALL.VMS
@@ -8,13 +8,43 @@ Intro:

 This file is divided in the following parts:

+  Checking the distribution	- Mandatory reading.
  Compilation			- Mandatory reading.
+  Logical names			- Mandatory reading.
  Test				- Mandatory reading.
  Installation			- Mandatory reading.
  Backward portability		- Read if it's an issue.
  Possible bugs or quirks	- A few warnings on things that
 				  may go wrong or may surprise you.
-  Report			- How to get in touch with me.
+  TODO				- Things that are to come.
+
+
+Checking the distribution:
+==========================
+
+There have been reports of places where the distribution didn't quite get
+through, for example if you've copied the tree from a NFS-mounted unix
+mount point.
+
+The easiest way to check if everything got through as it should is to check
+for oen of the following files:
+
+	[.CRYPTO]OPENSSLCONF.H_IN
+	[.CRYPTO]OPENSSLCONF_H.IN
+
+They should never exist both at once, but one of them should (preferably
+the first variant).  If you can't find any of those two, something went
+wrong.
+
+The best way to get a correct distribution is to download the gzipped tar
+file from ftp://ftp.openssl.org/source/, use GUNZIP to uncompress it and
+use VMSTAR to unpack the resulting tar file.
+
+GUNZIP is available in many places on the net.  One of the distribution
+points is the WKU software archive, ftp://ftp.wku.edu/vms/fileserv/ .
+
+VMSTAR is also available in many places on the net.  The recommended place
+to find information about it is http://www.free.lp.se/vmstar/ .


 Compilation:
--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -116,10 +116,12 @@

 * Compile OpenSSL:

-   > perl Configure Mingw32
-   > ms\mw.bat
+   > ms\mingw32

-   This will create the library and binaries in out.
+   This will create the library and binaries in out. In case any problems
+   occur, try
+   > ms\mingw32 no-asm
+   instead.

   libcrypto.a and libssl.a are the static libraries. To use the DLLs,
   link with libeay32.a and libssl32.a instead.
--- a/MacOS/GetHTTPS.src/GetHTTPS.cpp
+++ b/MacOS/GetHTTPS.src/GetHTTPS.cpp
@@ -19,6 +19,7 @@
 *				are installed!  Use the AppleScript applet in the "openssl-0.9.4" folder to do this!
 */
 /* modified to seed the PRNG */
+/* modified to use CRandomizer for seeding */


 //	Include some funky libs I've developed over time
@@ -26,14 +27,13 @@
 #include "CPStringUtils.hpp"
 #include "ErrorHandling.hpp"
 #include "MacSocket.h"
-
+#include "Randomizer.h"

 //	We use the OpenSSL implementation of SSL....
 //	This was a lot of work to finally get going, though you wouldn't know it by the results!

 #include <openssl/ssl.h>
 #include <openssl/err.h>
-#include <openssl/rand.h>

 #include <timer.h>

@@ -48,10 +48,6 @@

 OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr);

-
-
-
-
 //	My idle-wait callback.  Doesn't do much, does it?  Silly cooperative multitasking.

 OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr)
@@ -59,31 +55,33 @@ OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr)
 #pragma unused(inUserRefPtr)

 EventRecord		theEvent;
-
 	::EventAvail(everyEvent,&theEvent);
+	
+	CRandomizer *randomizer = (CRandomizer*)inUserRefPtr;
+	if (randomizer)
+		randomizer->PeriodicAction();

 	return(noErr);
 }


-
 //	Finally!

 void main(void)
 {
-OSErr				errCode;
-int					theSocket = -1;
-int					theTimeout = 30;
+	OSErr				errCode;
+	int					theSocket = -1;
+	int					theTimeout = 30;

-SSL_CTX				*ssl_ctx = nil;
-SSL					*ssl = nil;
+	SSL_CTX				*ssl_ctx = nil;
+	SSL					*ssl = nil;

-char				tempString[256];
-UnsignedWide		microTickCount;
+	char				tempString[256];
+	UnsignedWide		microTickCount;
+
+
+	CRandomizer randomizer;
 	
-#warning   -- USE A TRUE RANDOM SEED, AND ADD ENTROPY WHENEVER POSSIBLE. --
-const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*";	// Just gobbledygook
-
 	printf("OpenSSL Demo by Roy Wood, roy@centricsystems.ca\n\n");
 	
 	BailIfError(errCode = MacSocket_Startup());
@@ -92,7 +90,7 @@ const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*";	// Just gobbled

 	//	Create a socket-like object
 	
-	BailIfError(errCode = MacSocket_socket(&theSocket,false,theTimeout * 60,MyMacSocket_IdleWaitCallback,nil));
+	BailIfError(errCode = MacSocket_socket(&theSocket,false,theTimeout * 60,MyMacSocket_IdleWaitCallback,&randomizer));

 	
 	//	Set up the connect string and try to connect
@@ -118,10 +116,6 @@ const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*";	// Just gobbled
 //	ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 			

-	RAND_seed (seed, sizeof (seed));
-	Microseconds (&microTickCount);
-	RAND_add (&microTickCount, sizeof (microTickCount), 0);		// Entropy is actually > 0, needs an estimate
-
 	//	Create an SSL thingey and try to negotiate the connection
 	
 	ssl = SSL_new(ssl_ctx);
--- a/MacOS/OpenSSL.mcp.hqx
+++ b/MacOS/OpenSSL.mcp.hqx
--- a/MacOS/Randomizer.cpp
+++ b/MacOS/Randomizer.cpp
@@ -0,0 +1,476 @@
+/* 
+------- Strong random data generation on a Macintosh (pre - OS X) ------
+		
+--	GENERAL: We aim to generate unpredictable bits without explicit
+	user interaction. A general review of the problem may be found
+	in RFC 1750, "Randomness Recommendations for Security", and some
+	more discussion, of general and Mac-specific issues has appeared
+	in "Using and Creating Cryptographic- Quality Random Numbers" by
+	Jon Callas (www.merrymeet.com/jon/usingrandom.html).
+
+	The data and entropy estimates provided below are based on my
+	limited experimentation and estimates, rather than by any
+	rigorous study, and the entropy estimates tend to be optimistic.
+	They should not be considered absolute.
+
+	Some of the information being collected may be correlated in
+	subtle ways. That includes mouse positions, timings, and disk
+	size measurements. Some obvious correlations will be eliminated
+	by the programmer, but other, weaker ones may remain. The
+	reliability of the code depends on such correlations being
+	poorly understood, both by us and by potential interceptors.
+
+	This package has been planned to be used with OpenSSL, v. 0.9.5.
+	It requires the OpenSSL function RAND_add. 
+
+--	OTHER WORK: Some source code and other details have been
+	published elsewhere, but I haven't found any to be satisfactory
+	for the Mac per se:
+
+	* The Linux random number generator (by Theodore Ts'o, in
+	  drivers/char/random.c), is a carefully designed open-source
+	  crypto random number package. It collects data from a variety
+	  of sources, including mouse, keyboard and other interrupts.
+	  One nice feature is that it explicitly estimates the entropy
+	  of the data it collects. Some of its features (e.g. interrupt
+	  timing) cannot be reliably exported to the Mac without using
+	  undocumented APIs.
+
+	* Truerand by Don P. Mitchell and Matt Blaze uses variations
+	  between different timing mechanisms on the same system. This
+	  has not been tested on the Mac, but requires preemptive
+	  multitasking, and is hardware-dependent, and can't be relied
+	  on to work well if only one oscillator is present.
+
+	* Cryptlib's RNG for the Mac (RNDMAC.C by Peter Gutmann),
+	  gathers a lot of information about the machine and system
+	  environment. Unfortunately, much of it is constant from one
+	  startup to the next. In other words, the random seed could be
+	  the same from one day to the next. Some of the APIs are
+	  hardware-dependent, and not all are compatible with Carbon (OS
+	  X). Incidentally, the EGD library is based on the UNIX entropy
+	  gathering methods in cryptlib, and isn't suitable for MacOS
+	  either.
+
+	* Mozilla (and perhaps earlier versions of Netscape) uses the
+	  time of day (in seconds) and an uninitialized local variable
+	  to seed the random number generator. The time of day is known
+	  to an outside interceptor (to within the accuracy of the
+	  system clock). The uninitialized variable could easily be
+	  identical between subsequent launches of an application, if it
+	  is reached through the same path.
+
+	* OpenSSL provides the function RAND_screen(), by G. van
+	  Oosten, which hashes the contents of the screen to generate a
+	  seed. This is not useful for an extension or for an
+	  application which launches at startup time, since the screen
+	  is likely to look identical from one launch to the next. This
+	  method is also rather slow.
+
+	* Using variations in disk drive seek times has been proposed
+	  (Davis, Ihaka and Fenstermacher, world.std.com/~dtd/;
+	  Jakobsson, Shriver, Hillyer and Juels,
+	  www.bell-labs.com/user/shriver/random.html). These variations
+	  appear to be due to air turbulence inside the disk drive
+	  mechanism, and are very strongly unpredictable. Unfortunately
+	  this technique is slow, and some implementations of it may be
+	  patented (see Shriver's page above.) It of course cannot be
+	  used with a RAM disk.
+
+--	TIMING: On the 601 PowerPC the time base register is guaranteed
+	to change at least once every 10 addi instructions, i.e. 10
+	cycles. On a 60 MHz machine (slowest PowerPC) this translates to
+	a resolution of 1/6 usec. Newer machines seem to be using a 10
+	cycle resolution as well.
+	
+	For 68K Macs, the Microseconds() call may be used. See Develop
+	issue 29 on the Apple developer site
+	(developer.apple.com/dev/techsupport/develop/issue29/minow.html)
+	for information on its accuracy and resolution. The code below
+	has been tested only on PowerPC based machines.
+
+	The time from machine startup to the launch of an application in
+	the startup folder has a variance of about 1.6 msec on a new G4
+	machine with a defragmented and optimized disk, most extensions
+	off and no icons on the desktop. This can be reasonably taken as
+	a lower bound on the variance. Most of this variation is likely
+	due to disk seek time variability. The distribution of startup
+	times is probably not entirely even or uncorrelated. This needs
+	to be investigated, but I am guessing that it not a majpor
+	problem. Entropy = log2 (1600/0.166) ~= 13 bits on a 60 MHz
+	machine, ~16 bits for a 450 MHz machine.
+
+	User-launched application startup times will have a variance of
+	a second or more relative to machine startup time. Entropy >~22
+	bits.
+
+	Machine startup time is available with a 1-second resolution. It
+	is predictable to no better a minute or two, in the case of
+	people who show up punctually to work at the same time and
+	immediately start their computer. Using the scheduled startup
+	feature (when available) will cause the machine to start up at
+	the same time every day, making the value predictable. Entropy
+	>~7 bits, or 0 bits with scheduled startup.
+
+	The time of day is of course known to an outsider and thus has 0
+	entropy if the system clock is regularly calibrated.
+
+--	KEY TIMING: A  very fast typist (120 wpm) will have a typical
+	inter-key timing interval of 100 msec. We can assume a variance
+	of no less than 2 msec -- maybe. Do good typists have a constant
+	rhythm, like drummers? Since what we measure is not the
+	key-generated interrupt but the time at which the key event was
+	taken off the event queue, our resolution is roughly the time
+	between process switches, at best 1 tick (17 msec). I  therefore
+	consider this technique questionable and not very useful for
+	obtaining high entropy data on the Mac.
+
+--	MOUSE POSITION AND TIMING: The high bits of the mouse position
+	are far from arbitrary, since the mouse tends to stay in a few
+	limited areas of the screen. I am guessing that the position of
+	the mouse is arbitrary within a 6 pixel square. Since the mouse
+	stays still for long periods of time, it should be sampled only
+	after it was moved, to avoid correlated data. This gives an
+	entropy of log2(6*6) ~= 5 bits per measurement.
+
+	The time during which the mouse stays still can vary from zero
+	to, say, 5 seconds (occasionally longer). If the still time is
+	measured by sampling the mouse during null events, and null
+	events are received once per tick, its resolution is 1/60th of a
+	second, giving an entropy of log2 (60*5) ~= 8 bits per
+	measurement. Since the distribution of still times is uneven,
+	this estimate is on the high side.
+
+	For simplicity and compatibility across system versions, the
+	mouse is to be sampled explicitly (e.g. in the event loop),
+	rather than in a time manager task.
+
+--	STARTUP DISK TOTAL FILE SIZE: Varies typically by at least 20k
+	from one startup to the next, with 'minimal' computer use. Won't
+	vary at all if machine is started again immediately after
+	startup (unless virtual memory is on), but any application which
+	uses the web and caches information to disk is likely to cause
+	this much variation or more. The variation is probably not
+	random, but I don't know in what way. File sizes tend to be
+	divisible by 4 bytes since file format fields are often
+	long-aligned. Entropy > log2 (20000/4) ~= 12 bits.
+	
+--	STARTUP DISK FIRST AVAILABLE ALLOCATION BLOCK: As the volume
+	gets fragmented this could be anywhere in principle. In a
+	perfectly unfragmented volume this will be strongly correlated
+	with the total file size on the disk. With more fragmentation
+	comes less certainty. I took the variation in this value to be
+	1/8 of the total file size on the volume.
+
+--	SYSTEM REQUIREMENTS: The code here requires System 7.0 and above
+	(for Gestalt and Microseconds calls). All the calls used are
+	Carbon-compatible.
+*/
+
+/*------------------------------ Includes ----------------------------*/
+
+#include "Randomizer.h"
+
+// Mac OS API
+#include <Files.h>
+#include <Folders.h>
+#include <Events.h>
+#include <Processes.h>
+#include <Gestalt.h>
+#include <Resources.h>
+#include <LowMem.h>
+
+// Standard C library
+#include <stdlib.h>
+#include <math.h>
+
+/*---------------------- Function declarations -----------------------*/
+
+// declared in OpenSSL/crypto/rand/rand.h
+extern "C" void RAND_add (const void *buf, int num, double entropy);
+
+unsigned long GetPPCTimer (bool is601);	// Make it global if needed
+					// elsewhere
+
+/*---------------------------- Constants -----------------------------*/
+
+#define kMouseResolution 6		// Mouse position has to differ
+					// from the last one by this
+					// much to be entered
+#define kMousePositionEntropy 5.16	// log2 (kMouseResolution**2)
+#define kTypicalMouseIdleTicks 300.0	// I am guessing that a typical
+					// amount of time between mouse
+					// moves is 5 seconds
+#define kVolumeBytesEntropy 12.0	// about log2 (20000/4),
+					// assuming a variation of 20K
+					// in total file size and
+					// long-aligned file formats.
+#define kApplicationUpTimeEntropy 6.0	// Variance > 1 second, uptime
+					// in ticks  
+#define kSysStartupEntropy 7.0		// Entropy for machine startup
+					// time
+
+
+/*------------------------ Function definitions ----------------------*/
+
+CRandomizer::CRandomizer (void)
+{
+	long	result;
+	
+	mSupportsLargeVolumes =
+		(Gestalt(gestaltFSAttr, &result) == noErr) &&
+		((result & (1L << gestaltFSSupports2TBVols)) != 0);
+	
+	if (Gestalt (gestaltNativeCPUtype, &result) != noErr)
+	{
+		mIsPowerPC = false;
+		mIs601 = false;
+	}
+	else
+	{
+		mIs601 = (result == gestaltCPU601);
+		mIsPowerPC = (result >= gestaltCPU601);
+	}
+	mLastMouse.h = mLastMouse.v = -10;	// First mouse will
+						// always be recorded
+	mLastPeriodicTicks = TickCount();
+	GetTimeBaseResolution ();
+	
+	// Add initial entropy
+	AddTimeSinceMachineStartup ();
+	AddAbsoluteSystemStartupTime ();
+	AddStartupVolumeInfo ();
+	AddFiller ();
+}
+
+void CRandomizer::PeriodicAction (void)
+{
+	AddCurrentMouse ();
+	AddNow (0.0);	// Should have a better entropy estimate here
+	mLastPeriodicTicks = TickCount();
+}
+
+/*------------------------- Private Methods --------------------------*/
+
+void CRandomizer::AddCurrentMouse (void)
+{
+	Point mouseLoc;
+	unsigned long lastCheck;	// Ticks since mouse was last
+					// sampled
+
+#if TARGET_API_MAC_CARBON
+	GetGlobalMouse (&mouseLoc);
+#else
+	mouseLoc = LMGetMouseLocation();
+#endif
+	
+	if (labs (mLastMouse.h - mouseLoc.h) > kMouseResolution/2 &&
+	    labs (mLastMouse.v - mouseLoc.v) > kMouseResolution/2)
+		AddBytes (&mouseLoc, sizeof (mouseLoc),
+				kMousePositionEntropy);
+	
+	if (mLastMouse.h == mouseLoc.h && mLastMouse.v == mouseLoc.v)
+		mMouseStill ++;
+	else
+	{
+		double entropy;
+		
+		// Mouse has moved. Add the number of measurements for
+		// which it's been still. If the resolution is too
+		// coarse, assume the entropy is 0.
+
+		lastCheck = TickCount() - mLastPeriodicTicks;
+		if (lastCheck <= 0)
+			lastCheck = 1;
+		entropy = log2l
+			(kTypicalMouseIdleTicks/(double)lastCheck);
+		if (entropy < 0.0)
+			entropy = 0.0;
+		AddBytes (&mMouseStill, sizeof (mMouseStill), entropy);
+		mMouseStill = 0;
+	}
+	mLastMouse = mouseLoc;
+}
+
+void CRandomizer::AddAbsoluteSystemStartupTime (void)
+{
+	unsigned long	now;		// Time in seconds since
+					// 1/1/1904
+	GetDateTime (&now);
+	now -= TickCount() / 60;	// Time in ticks since machine
+					// startup
+	AddBytes (&now, sizeof (now), kSysStartupEntropy);
+}
+
+void CRandomizer::AddTimeSinceMachineStartup (void)
+{
+	AddNow (1.5);			// Uncertainty in app startup
+					// time is > 1.5 msec (for
+					// automated app startup).
+}
+
+void CRandomizer::AddAppRunningTime (void)
+{
+	ProcessSerialNumber PSN;
+	ProcessInfoRec		ProcessInfo;
+	
+	ProcessInfo.processInfoLength = sizeof (ProcessInfoRec);
+	ProcessInfo.processName = nil;
+	ProcessInfo.processAppSpec = nil;
+	
+	GetCurrentProcess (&PSN);
+	GetProcessInformation (&PSN, &ProcessInfo);
+
+	// Now add the amount of time in ticks that the current process
+	// has been active
+
+	AddBytes (&ProcessInfo, sizeof (ProcessInfoRec),
+			kApplicationUpTimeEntropy);
+}
+
+void CRandomizer::AddStartupVolumeInfo (void)
+{
+	short			vRefNum;
+	long			dirID;
+	XVolumeParam	pb;
+	OSErr			err;
+	
+	if (!mSupportsLargeVolumes)
+		return;
+		
+	FindFolder (kOnSystemDisk, kSystemFolderType, kDontCreateFolder,
+			&vRefNum, &dirID);
+	pb.ioVRefNum = vRefNum;
+	pb.ioCompletion = 0;
+	pb.ioNamePtr = 0;
+	pb.ioVolIndex = 0;
+	err = PBXGetVolInfoSync (&pb);
+	if (err != noErr)
+		return;
+		
+	// Base the entropy on the amount of space used on the disk and
+	// on the next available allocation block. A lot else might be
+	// unpredictable, so might as well toss the whole block in. See
+	// comments for entropy estimate justifications.
+
+	AddBytes (&pb, sizeof (pb),
+		kVolumeBytesEntropy +
+		log2l (((pb.ioVTotalBytes.hi - pb.ioVFreeBytes.hi)
+				* 4294967296.0D +
+			(pb.ioVTotalBytes.lo - pb.ioVFreeBytes.lo))
+				/ pb.ioVAlBlkSiz - 3.0));
+}
+
+/*
+	On a typical startup CRandomizer will come up with about 60
+	bits of good, unpredictable data. Assuming no more input will
+	be available, we'll need some more lower-quality data to give
+	OpenSSL the 128 bits of entropy it desires. AddFiller adds some
+	relatively predictable data into the soup.
+*/
+
+void CRandomizer::AddFiller (void)
+{
+	struct
+	{
+		ProcessSerialNumber psn;	// Front process serial
+						// number
+		RGBColor	hiliteRGBValue;	// User-selected
+						// highlight color
+		long		processCount;	// Number of active
+						// processes
+		long		cpuSpeed;	// Processor speed
+		long		totalMemory;	// Total logical memory
+						// (incl. virtual one)
+		long		systemVersion;	// OS version
+		short		resFile;	// Current resource file
+	} data;
+	
+	GetNextProcess ((ProcessSerialNumber*) kNoProcess);
+	while (GetNextProcess (&data.psn) == noErr)
+		data.processCount++;
+	GetFrontProcess (&data.psn);
+	LMGetHiliteRGB (&data.hiliteRGBValue);
+	Gestalt (gestaltProcClkSpeed, &data.cpuSpeed);
+	Gestalt (gestaltLogicalRAMSize, &data.totalMemory);
+	Gestalt (gestaltSystemVersion, &data.systemVersion);
+	data.resFile = CurResFile ();
+	
+	// Here we pretend to feed the PRNG completely random data. This
+	// is of course false, as much of the above data is predictable
+	// by an outsider. At this point we don't have any more
+	// randomness to add, but with OpenSSL we must have a 128 bit
+	// seed before we can start. We just add what we can, without a
+	// real entropy estimate, and hope for the best.
+
+	AddBytes (&data, sizeof(data), 8.0 * sizeof(data));
+	AddCurrentMouse ();
+	AddNow (1.0);
+}
+
+//-------------------  LOW LEVEL ---------------------
+
+void CRandomizer::AddBytes (void *data, long size, double entropy)
+{
+	RAND_add (data, size, entropy * 0.125);	// Convert entropy bits
+						// to bytes
+}
+
+void CRandomizer::AddNow (double millisecondUncertainty)
+{
+	long time = SysTimer();
+	AddBytes (&time, sizeof (time), log2l (millisecondUncertainty *
+			mTimebaseTicksPerMillisec));
+}
+
+//----------------- TIMING SUPPORT ------------------
+
+void CRandomizer::GetTimeBaseResolution (void)
+{	
+#ifdef __powerc
+	long speed;
+	
+	// gestaltProcClkSpeed available on System 7.5.2 and above
+	if (Gestalt (gestaltProcClkSpeed, &speed) != noErr)
+		// Only PowerPCs running pre-7.5.2 are 60-80 MHz
+		// machines.
+		mTimebaseTicksPerMillisec =  6000.0D;
+	// Assume 10 cycles per clock update, as in 601 spec. Seems true
+	// for later chips as well.
+	mTimebaseTicksPerMillisec = speed / 1.0e4D;
+#else
+	// 68K VIA-based machines (see Develop Magazine no. 29)
+	mTimebaseTicksPerMillisec = 783.360D;
+#endif
+}
+
+unsigned long CRandomizer::SysTimer (void)	// returns the lower 32
+						// bit of the chip timer
+{
+#ifdef __powerc
+	return GetPPCTimer (mIs601);
+#else
+	UnsignedWide usec;
+	Microseconds (&usec);
+	return usec.lo;
+#endif
+}
+
+#ifdef __powerc
+// The timebase is available through mfspr on 601, mftb on later chips.
+// Motorola recommends that an 601 implementation map mftb to mfspr
+// through an exception, but I haven't tested to see if MacOS actually
+// does this. We only sample the lower 32 bits of the timer (i.e. a
+// few minutes of resolution)
+
+asm unsigned long GetPPCTimer (register bool is601)
+{
+	cmplwi	is601, 0	// Check if 601
+	bne	_601		// if non-zero goto _601
+	mftb  	r3		// Available on 603 and later.
+	blr			// return with result in r3
+_601:
+	mfspr r3, spr5  	// Available on 601 only.
+				// blr inserted automatically
+}
+#endif
--- a/MacOS/Randomizer.h
+++ b/MacOS/Randomizer.h
@@ -0,0 +1,43 @@
+
+//	Gathers unpredictable system data to be used for generating
+//	random bits
+
+#include <MacTypes.h>
+
+class CRandomizer
+{
+public:
+	CRandomizer (void);
+	void PeriodicAction (void);
+	
+private:
+
+	// Private calls
+
+	void		AddTimeSinceMachineStartup (void);
+	void		AddAbsoluteSystemStartupTime (void);
+	void		AddAppRunningTime (void);
+	void		AddStartupVolumeInfo (void);
+	void		AddFiller (void);
+
+	void		AddCurrentMouse (void);
+	void		AddNow (double millisecondUncertainty);
+	void		AddBytes (void *data, long size, double entropy);
+	
+	void		GetTimeBaseResolution (void);
+	unsigned long	SysTimer (void);
+
+	// System Info	
+	bool		mSupportsLargeVolumes;
+	bool		mIsPowerPC;
+	bool		mIs601;
+	
+	// Time info
+	double		mTimebaseTicksPerMillisec;
+	unsigned long	mLastPeriodicTicks;
+	
+	// Mouse info
+	long		mSamplePeriod;
+	Point		mLastMouse;
+	long		mMouseStill;
+};
--- a/MacOS/buildinf.h
+++ b/MacOS/buildinf.h
@@ -1,5 +1,5 @@
 #ifndef MK1MF_BUILD
 #  define CFLAGS	"-DB_ENDIAN"
 #  define PLATFORM	"macos"
-#  define DATE		"Sat Dec 18 23:10 MEST 1999"
+#  define DATE		"Sun Feb 27 19:44:16 MET 2000"
 #endif
--- a/MacOS/opensslconf.h
+++ b/MacOS/opensslconf.h
@@ -112,6 +112,5 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
 #endif /* HEADER_DES_LOCL_H */

 #ifndef __POWERPC__
-#define SHA_XARRAY
+#define MD32_XARRAY
 #endif
-
--- a/Makefile.org
+++ b/Makefile.org
@@ -28,8 +28,6 @@ OPENSSLDIR=/usr/local/ssl
 # DEVRANDOM - Give this the value of the 'random device' if your OS supports
 #           one.  32 bytes will be read from this when the random
 #           number generator is initalised.
-# SSL_ALLOW_ADH - define if you want the server to be able to use the
-#           SSLv3 anon-DH ciphers.
 # SSL_FORBID_ENULL - define if you want the server to be not able to use the
 #           NULL encryption ciphers.
 #
@@ -368,21 +366,28 @@ install_docs:
 		$(INSTALL_PREFIX)$(MANDIR)/man7
 	@echo installing man 1 and man 5
 	@for i in doc/apps/*.pod; do \
-		(cd `dirname $$i`; \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
+		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
-			 --release=$(VERSION) `basename $$i` \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
+			 --release=$(VERSION) `basename $$i`) \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
 	@echo installing man 3 and man 7
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
-		(cd `dirname $$i`; \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
+		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i` \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
+			--release=$(VERSION) `basename $$i`) \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done

+shlib: all
+	if [ ! -d shlib_dir ] ; then mkdir shlib_dir ; else rm -f shlib_dir/* ; fi
+	cd shlib_dir ; ar -x ../libcrypto.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libcrypto.so.0.9 \
+            -o ./libcrypto.so.0.9.4 && rm *.o
+	cd shlib_dir ; ar -x ../libssl.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libssl.so.0.9 \
+            -o ./libssl.so.0.9.4 && rm *.o
+
 # DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/9
+++ b/9
@@ -5,6 +5,15 @@
  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.

+  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
+
+      o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
+      o Shared library support for HPUX and Solaris-gcc
+      o Support of Linux/IA64
+      o Assembler support for Mingw32
+      o New 'rand' application
+      o New way to check for existence of algorithms from scripts
+
  Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:

      o S/MIME support in new 'smime' command
--- a/9
+++ b/9
@@ -1,5 +1,5 @@

- OpenSSL 0.9.5-dev  xx XXX 2000
+ OpenSSL 0.9.5a-beta2  23 Mar 2000

 Copyright (c) 1998-2000 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -11,9 +11,10 @@
 The OpenSSL Project is a collaborative effort to develop a robust,
 commercial-grade, fully featured, and Open Source toolkit implementing the
 Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols with full-strength cryptography world-wide. The project is managed
- by a worldwide community of volunteers that use the Internet to communicate,
- plan, and develop the OpenSSL toolkit and its related documentation. 
+ protocols as well as a full-strength general purpose cryptography library.
+ The project is managed by a worldwide community of volunteers that use the
+ Internet to communicate, plan, and develop the OpenSSL toolkit and its
+ related documentation. 

 OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
 and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
--- a/27
+++ b/27
@@ -1,21 +1,20 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/02/27 01:15:18 $
+  ______________                           $Date: 2000/03/21 20:42:35 $

  DEVELOPMENT STATE

-    o  OpenSSL 0.9.5:  Under development...
-                       0.9.5-beta1 is available.
-                         Debian GNU/Linux 2.1 - test passed
-                         Mingw32 egcs 1.1.2   - test passed
-                         FreeBSD 3.0-RELEASE  - test passed
-                         FreeBSD 3.2-RELEASE  - test passed
-                         solaris-sparcv9-cc   - test passed
-                         solaris-sparcv9-gcc  - test passed
-                         hpux-parisc-gcc      - test passed
-                         AIX 4.3 (aix-cc)     - test passed
-                         VC++                 - test passed
-                       Proposed release time: Monday, February 28th 2000
+    o  OpenSSL 0.9.5a: Under development...
+                       0.9.5a-beta1 is available.
+                        sunos-gcc                       - failed (ssize_t)
+                        ultrix-gcc, ultrix-cc           - failed (ssize_t)
+                        sco5-cc                         - bc fails in test
+			VC-Win32 (MSVC6SP3, nasm)       - failed (fixed) 
+			FreeBSD-elf (i686-pc-freebsd3.2)- failed (fixed)
+			HPUX (hpux-parisc-cc w/ +02)	- passed
+			OpenBSD-x86			- passed
+			solaris-sparcv9-cc		- passed
+    o  OpenSSL 0.9.5:  Released on February 28th, 2000
    o  OpenSSL 0.9.4:  Released on August   09th, 1999
    o  OpenSSL 0.9.3a: Released on May      29th, 1999
    o  OpenSSL 0.9.3:  Released on May      25th, 1999
@@ -26,9 +25,7 @@

  AVAILABLE PATCHES

-    o shared libraries <behnke@trustcenter.de>
    o CA.pl patch (Damien Miller)
-    o FreeBSD 3.0 changes (Richard Levitte)

  IN PROGRESS

--- a/21
+++ b/21
@@ -665,7 +665,7 @@ $rc5_obj      = asm/r586-elf.o

 *** debug-levitte-linux-elf
 $cc           = gcc
-$cflags       = -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
+$cflags       = -DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -1292,6 +1292,23 @@ $rc4_obj      = asm/rx86-elf.o
 $rmd160_obj   = asm/rm86-elf.o
 $rc5_obj      = asm/r586-elf.o

+*** linux-ia64
+$cc           = gcc
+$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$unistd       = 
+$thread_cflag = (unknown)
+$lflags       = 
+$bn_ops       = SIXTY_FOUR_BIT_LONG
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
+
 *** linux-mips
 $cc           = gcc
 $cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
@@ -1668,7 +1685,7 @@ $rc5_obj      =

 *** sunos-gcc
 $cc           = gcc
-$cflags       = -O3 -mv8
+$cflags       = -O3 -mv8 -Dssize_t=int
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = 
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -38,7 +38,7 @@ E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
 	ca crl rsa dsa dsaparam \
 	x509 genrsa gendsa s_server s_client speed \
 	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 spkac smime
+	pkcs8 spkac smime rand

 PROGS= $(PROGRAM).c

@@ -54,18 +54,14 @@ E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
 	rsa.o dsa.o dsaparam.o \
 	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
 	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o
-
-#	pem_mail.o
+	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o

 E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
 	pkcs7.c crl2p7.c crl.c \
 	rsa.c dsa.c dsaparam.c \
 	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
 	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c
-
-#	pem_mail.c
+	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c

 SRC=$(E_SRC)

@@ -537,6 +533,23 @@ pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h
 pkcs8.o: ../include/openssl/x509_vfy.h apps.h
+rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h
+rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
+rand.o: ../include/openssl/err.h ../include/openssl/evp.h
+rand.o: ../include/openssl/idea.h ../include/openssl/md2.h
+rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rand.o: ../include/openssl/stack.h ../include/openssl/x509.h
+rand.o: ../include/openssl/x509_vfy.h apps.h
 req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -734,11 +747,12 @@ speed.o: ./testrsa.h apps.h
 spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-spkac.o: ../include/openssl/crypto.h ../include/openssl/des.h
-spkac.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-spkac.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
-spkac.o: ../include/openssl/idea.h ../include/openssl/md2.h
+spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+spkac.o: ../include/openssl/des.h ../include/openssl/dh.h
+spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
+spkac.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h
 spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
 spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -56,7 +56,7 @@
 * [including the GNU Public Licence.]
 */
 /* ====================================================================
- * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -109,7 +109,9 @@
 *
 */

+#define NON_MAIN
 #include "apps.h"
+#undef NON_MAIN
 #include <openssl/bio.h>
 #include <openssl/rand.h>

@@ -162,7 +164,7 @@ long app_RAND_load_files(char *name)
 	char *p,*n;
 	int last;
 	long tot=0;
-    int egd;
+	int egd;
 	
 	for (;;)
 		{
@@ -174,9 +176,9 @@ long app_RAND_load_files(char *name)
 		name=p+1;
 		if (*n == '\0') break;

-        egd=RAND_egd(n);
+		egd=RAND_egd(n);
 		if (egd > 0) tot+=egd;
-		tot+=RAND_load_file(n,1024L*1024L);
+		tot+=RAND_load_file(n,-1);
 		if (last) break;
 		}
 	if (tot > 512)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1662,7 +1662,7 @@ again2:
 					}
 				if (j < 0)
 					{
-					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str == NULL)?"NULL":(char *)str->data),((str2 == NULL)?"NULL":(char *)str2->data));
+					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str2 == NULL)?"NULL":(char *)str2->data),((str == NULL)?"NULL":(char *)str->data));
 					goto err;
 					}
 				}
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -1,4 +1,5 @@
 /* apps/dh.c */
+/* obsoleted by dhparam.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -234,8 +235,8 @@ bad:
 			}
 		if (i & DH_CHECK_P_NOT_PRIME)
 			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_STRONG_PRIME)
-			printf("p value is not a strong prime\n");
+		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+			printf("p value is not a safe prime\n");
 		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
 			printf("unable to check the generator value\n");
 		if (i & DH_NOT_SUITABLE_GENERATOR)
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -55,6 +55,59 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */

 #ifndef NO_DH
 #include <stdio.h>
@@ -69,6 +122,10 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>

+#ifndef NO_DSA
+#include <openssl/dsa.h>
+#endif
+
 #undef PROG
 #define PROG	dhparam_main

@@ -78,6 +135,7 @@
 * -outform arg - output format - default PEM
 * -in arg	- input file - default stdin
 * -out arg	- output file - default stdout
+ * -dsaparam  - read or generate DSA parameters, convert to DH
 * -check	- check the parameters are ok
 * -noout
 * -text
@@ -92,6 +150,9 @@ int MAIN(int argc, char **argv)
 	{
 	DH *dh=NULL;
 	int i,badops=0,text=0;
+#ifndef NO_DSA
+	int dsaparam=0;
+#endif
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,check=0,noout=0,C=0,ret=1;
 	char *infile,*outfile,*prog;
@@ -138,6 +199,10 @@ int MAIN(int argc, char **argv)
 			check=1;
 		else if (strcmp(*argv,"-text") == 0)
 			text=1;
+#ifndef NO_DSA
+		else if (strcmp(*argv,"-dsaparam") == 0)
+			dsaparam=1;
+#endif
 		else if (strcmp(*argv,"-C") == 0)
 			C=1;
 		else if (strcmp(*argv,"-noout") == 0)
@@ -166,13 +231,16 @@ bad:
 		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
 		BIO_printf(bio_err," -in arg       input file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
+#ifndef NO_DSA
+		BIO_printf(bio_err," -dsaparam     read or generate DSA parameters, convert to DH\n");
+#endif
 		BIO_printf(bio_err," -check        check the DH parameters\n");
 		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
 		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
 		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
-		BIO_printf(bio_err," -rand file:file:...\n");
+		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"               the random number generator\n");
 		BIO_printf(bio_err," -noout        no output\n");
@@ -181,8 +249,25 @@ bad:

 	ERR_load_crypto_strings();

-	if(g && !num) num = DEFBITS;
-	else if(num && !g) g = 2;
+	if (g && !num)
+		num = DEFBITS;
+
+#ifndef NO_DSA
+	if (dsaparam)
+		{
+		if (g)
+			{
+			BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
+			goto end;
+			}
+		}
+	else
+#endif
+		{
+		/* DH parameters */
+		if (num && !g)
+			g = 2;
+		}

 	if(num) {

@@ -194,11 +279,40 @@ bad:
 			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 				app_RAND_load_files(inrand));

-		BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
-		BIO_printf(bio_err,"This is going to take a long time\n");
-		dh=DH_generate_parameters(num,g,dh_cb,bio_err);
+#ifndef NO_DSA
+		if (dsaparam)
+			{
+			DSA *dsa;
 			
-		if (dh == NULL) goto end;
+			BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+	        dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err);
+			if (dsa == NULL)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+
+			dh = DSA_dup_DH(dsa);
+			DSA_free(dsa);
+			if (dh == NULL)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}
+		else
+#endif
+			{
+			BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
+			BIO_printf(bio_err,"This is going to take a long time\n");
+			dh=DH_generate_parameters(num,g,dh_cb,bio_err);
+			
+			if (dh == NULL)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}

 		app_RAND_write_file(NULL, bio_err);
 	} else {
@@ -220,24 +334,56 @@ bad:
 				}
 			}

-		if	(informat == FORMAT_ASN1)
-			dh=d2i_DHparams_bio(in,NULL);
-		else if (informat == FORMAT_PEM)
-			dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-		else
+		if	(informat != FORMAT_ASN1 && informat != FORMAT_PEM)
 			{
 			BIO_printf(bio_err,"bad input format specified\n");
 			goto end;
 			}
-		if (dh == NULL)
+
+#ifndef NO_DSA
+		if (dsaparam)
 			{
-			BIO_printf(bio_err,"unable to load DH parameters\n");
-			ERR_print_errors(bio_err);
-			goto end;
+			DSA *dsa;
+			
+			if (informat == FORMAT_ASN1)
+				dsa=d2i_DSAparams_bio(in,NULL);
+			else /* informat == FORMAT_PEM */
+				dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
+			
+			if (dsa == NULL)
+				{
+				BIO_printf(bio_err,"unable to load DSA parameters\n");
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			
+			dh = DSA_dup_DH(dsa);
+			DSA_free(dsa);
+			if (dh == NULL)
+				{
+				ERR_print_errors(bio_err);
+				goto end;
+				}
 			}
-
+		else
+#endif
+			{
+			if (informat == FORMAT_ASN1)
+				dh=d2i_DHparams_bio(in,NULL);
+			else /* informat == FORMAT_PEM */
+				dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
+			
+			if (dh == NULL)
+				{
+				BIO_printf(bio_err,"unable to load DH parameters\n");
+				ERR_print_errors(bio_err);
+				goto end;
+				}
+			}
+		
+		/* dh != NULL */
 	}
-
+	
 	out=BIO_new(BIO_s_file());
 	if (out == NULL)
 		{
@@ -255,7 +401,6 @@ bad:
 			}
 		}

-	

 	if (text)
 		{
@@ -271,8 +416,8 @@ bad:
 			}
 		if (i & DH_CHECK_P_NOT_PRIME)
 			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_STRONG_PRIME)
-			printf("p value is not a strong prime\n");
+		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+			printf("p value is not a safe prime\n");
 		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
 			printf("unable to check the generator value\n");
 		if (i & DH_NOT_SUITABLE_GENERATOR)
@@ -293,25 +438,29 @@ bad:
 			perror("Malloc");
 			goto end;
 			}
+		printf("#ifndef HEADER_DH_H\n"
+		       "#include <openssl/dh.h>\n"
+		       "#endif\n");
+		printf("DH *get_dh%d()\n\t{\n",bits);
+
 		l=BN_bn2bin(dh->p,data);
-		printf("static unsigned char dh%d_p[]={",bits);
+		printf("\tstatic unsigned char dh%d_p[]={",bits);
 		for (i=0; i<l; i++)
 			{
-			if ((i%12) == 0) printf("\n\t");
+			if ((i%12) == 0) printf("\n\t\t");
 			printf("0x%02X,",data[i]);
 			}
-		printf("\n\t};\n");
+		printf("\n\t\t};\n");

 		l=BN_bn2bin(dh->g,data);
-		printf("static unsigned char dh%d_g[]={",bits);
+		printf("\tstatic unsigned char dh%d_g[]={",bits);
 		for (i=0; i<l; i++)
 			{
-			if ((i%12) == 0) printf("\n\t");
+			if ((i%12) == 0) printf("\n\t\t");
 			printf("0x%02X,",data[i]);
 			}
-		printf("\n\t};\n\n");
+		printf("\n\t\t};\n");

-		printf("DH *get_dh%d()\n\t{\n",bits);
 		printf("\tDH *dh;\n\n");
 		printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
 		printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
@@ -319,7 +468,9 @@ bad:
 		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
 			bits,bits);
 		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\treturn(NULL);\n");
+		printf("\t\t{ DH_free(dh); return(NULL); }\n");
+		if (dh->length)
+			printf("\tdh->length = %d;\n", dh->length);
 		printf("\treturn(dh);\n\t}\n");
 		Free(data);
 		}
@@ -350,6 +501,7 @@ end:
 	EXIT(ret);
 	}

+/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
 static void MS_CALLBACK dh_cb(int p, int n, void *arg)
 	{
 	char c='*';
--- a/apps/eay.c
+++ b/apps/eay.c
@@ -1,131 +0,0 @@
-/* apps/eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define MONOLITH
-#define USE_SOCKETS
-
-#include "openssl/e_os.h"
-
-#include <openssl/bio.h>
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-
-#include <openssl/err.h>
-
-#include <openssl/bn.h>
-
-#include <openssl/evp.h>
-
-#include <openssl/rand.h>
-#include <openssl/conf.h>
-#include <openssl/txt_db.h>
-
-#include <openssl/err.h>
-
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-#define MONOLITH
-
-#include "openssl.c"
-#include "apps.c"
-#include "asn1pars.c"
-#ifndef NO_RSA
-#include "ca.c"
-#include "genrsa.c"
-#include "req.c"
-#include "rsa.c"
-#endif
-#ifndef NO_DH
-#include "gendh.c"
-#include "dh.c"
-#endif
-#include "crl.c"
-#include "crl2p7.c"
-#include "dgst.c"
-#include "enc.c"
-#include "errstr.c"
-#if !defined(NO_SSL2) || !defined(NO_SSL3)
-#ifndef NO_SOCK
-#include "s_cb.c"
-#include "s_client.c"
-#include "s_server.c"
-#include "s_socket.c"
-#include "s_time.c"
-#endif
-#endif
-#include "speed.c"
-#include "verify.c"
-#include "version.c"
-#include "x509.c"
-#include "ciphers.c"
-#include "sess_id.c"
-#include "pkcs7.c"
-#ifndef NO_DSA
-#include "dsaparam.c"
-#include "dsa.c"
-#include "gendsa.c"
-#endif
-
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -1,4 +1,5 @@
 /* apps/gendh.c */
+/* obsoleted by dhparam.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -127,7 +128,7 @@ bad:
 		BIO_printf(bio_err," -2    use 2 as the generator value\n");
 	/*	BIO_printf(bio_err," -3    use 3 as the generator value\n"); */
 		BIO_printf(bio_err," -5    use 5 as the generator value\n");
-		BIO_printf(bio_err," -rand file:file:...\n");
+		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
 		goto end;
@@ -159,7 +160,7 @@ bad:
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));

-	BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
+	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
 	BIO_printf(bio_err,"This is going to take a long time\n");
 	dh=DH_generate_parameters(num,g,dh_cb,bio_err);
 		
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -145,7 +145,7 @@ bad:
 #ifndef NO_IDEA
 		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
-		BIO_printf(bio_err," -rand file:file:...\n");
+		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
 		BIO_printf(bio_err," dsaparam-file\n");
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -154,7 +154,7 @@ bad:
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
 		BIO_printf(bio_err," -3              use 3 for the E value\n");
-		BIO_printf(bio_err," -rand file:file:...\n");
+		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"                 the random number generator\n");
 		goto err;
--- a/apps/makeapps.com
+++ b/apps/makeapps.com
@@ -157,13 +157,13 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
 	      "RSA;DSA;DSAPARAM;"+-
 	      "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
 	      "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
-	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME"
+	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND"
 $ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
 	       CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
 	       RSA.OBJ,DSA.OBJ,DSAPARAM.OBJ,-
 	       X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
 	       S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
-	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ
+	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
     TCPIP_PROGRAMS = ",OPENSSL,"
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -56,13 +56,10 @@
 * [including the GNU Public Licence.]
 */

-#ifndef DEBUG
-#undef DEBUG
-#endif
-
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
+#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
 #include <openssl/lhash.h>
@@ -71,18 +68,11 @@
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
 #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
-#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
 #include "apps.h"
 #include "progs.h"
 #include "s_apps.h"
 #include <openssl/err.h>

-/*
-#ifdef WINDOWS
-#include "bss_file.c"
-#endif
-*/
-
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
@@ -90,15 +80,6 @@ static int do_cmd(LHASH *prog,int argc,char *argv[]);
 LHASH *config=NULL;
 char *default_config_file=NULL;

-#ifdef DEBUG
-static void sig_stop(int i)
-	{
-	char *a=NULL;
-
-	*a='\0';
-	}
-#endif
-
 /* Make sure there is only one when MONOLITH is defined */
 #ifdef MONOLITH
 BIO *bio_err=NULL;
@@ -120,15 +101,6 @@ int main(int Argc, char *Argv[])
 	arg.data=NULL;
 	arg.count=0;

-#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
-#ifdef SIGBUS
-	signal(SIGBUS,sig_stop);
-#endif
-#ifdef SIGSEGV
-	signal(SIGSEGV,sig_stop);
-#endif
-#endif
-
 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);

 	apps_startup();
@@ -234,13 +206,7 @@ end:

 	EVP_cleanup();
 	ERR_free_strings();
-
-#ifdef LEVITTE_DEBUG
-	CRYPTO_push_info("Just to make sure I get a memory leak I can see :-)");
-	(void)Malloc(1024);
-	CRYPTO_pop_info();
-#endif
-
+	
 	CRYPTO_mem_leaks(bio_err);
 	if (bio_err != NULL)
 		{
@@ -267,6 +233,18 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		{
 		ret=fp->func(argc,argv);
 		}
+	else if ((strncmp(argv[0],"no-",3)) == 0)
+		{
+		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
+		f.name=argv[0]+3;
+		ret = (lh_retrieve(prog,&f) != NULL);
+		if (!ret)
+			BIO_printf(bio_stdout, "%s\n", argv[0]);
+		else
+			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
+		BIO_free(bio_stdout);
+		goto end;
+		}
 	else if ((strcmp(argv[0],"quit") == 0) ||
 		(strcmp(argv[0],"q") == 0) ||
 		(strcmp(argv[0],"exit") == 0) ||
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -265,7 +265,7 @@ int MAIN(int argc, char **argv)
 	BIO_printf (bio_err, "-password p   set import/export password source\n");
 	BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
 	BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
-	BIO_printf(bio_err,  "-rand file:file:...\n");
+	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
 	BIO_printf(bio_err,  "              the random number generator\n");
    	goto end;
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -33,6 +33,7 @@ extern int pkcs12_main(int argc,char *argv[]);
 extern int pkcs8_main(int argc,char *argv[]);
 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
+extern int rand_main(int argc,char *argv[]);

 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
@@ -103,6 +104,7 @@ FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
 	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
 	{FUNC_TYPE_GENERAL,"smime",smime_main},
+	{FUNC_TYPE_GENERAL,"rand",rand_main},
 	{FUNC_TYPE_MD,"md2",dgst_main},
 	{FUNC_TYPE_MD,"md5",dgst_main},
 	{FUNC_TYPE_MD,"sha",dgst_main},
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -0,0 +1,140 @@
+/* apps/rand.c */
+
+#include "apps.h"
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+#undef PROG
+#define PROG rand_main
+
+/* -out file         - write to file
+ * -rand file:file   - PRNG seed files
+ * -base64           - encode output
+ * num               - write 'num' bytes
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+	{
+	int i, r, ret = 1;
+	int badopt;
+	char *outfile = NULL;
+	char *inrand = NULL;
+	int base64 = 0;
+	BIO *out = NULL;
+	int num = -1;
+
+	apps_startup();
+
+	if (bio_err == NULL)
+		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+
+	badopt = 0;
+	i = 0;
+	while (!badopt && argv[++i] != NULL)
+		{
+		if (strcmp(argv[i], "-out") == 0)
+			{
+			if ((argv[i+1] != NULL) && (outfile == NULL))
+				outfile = argv[++i];
+			else
+				badopt = 1;
+			}
+		else if (strcmp(argv[i], "-rand") == 0)
+			{
+			if ((argv[i+1] != NULL) && (inrand == NULL))
+				inrand = argv[++i];
+			else
+				badopt = 1;
+			}
+		else if (strcmp(argv[i], "-base64") == 0)
+			{
+			if (!base64)
+				base64 = 1;
+			else
+				badopt = 1;
+			}
+		else if (isdigit(argv[i][0]))
+			{
+			if (num < 0)
+				{
+				r = sscanf(argv[i], "%d", &num);
+				if (r == 0 || num < 0)
+					badopt = 1;
+				}
+			else
+				badopt = 1;
+			}
+		else
+			badopt = 1;
+		}
+
+	if (num < 0)
+		badopt = 1;
+	
+	if (badopt) 
+		{
+		BIO_printf(bio_err, "Usage: rand [options] num\n");
+		BIO_printf(bio_err, "where options are\n");
+		BIO_printf(bio_err, "-out file            - write to file\n");
+		BIO_printf(bio_err, "-rand file%cfile%c...  - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err, "-base64              - encode output\n");
+		goto err;
+		}
+
+	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+	if (inrand != NULL)
+		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+			app_RAND_load_files(inrand));
+
+	out = BIO_new(BIO_s_file());
+	if (out == NULL)
+		goto err;
+	if (outfile != NULL)
+		r = BIO_write_filename(out, outfile);
+	else
+		r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+	if (r <= 0)
+		goto err;
+
+	if (base64)
+		{
+		BIO *b64 = BIO_new(BIO_f_base64());
+		if (b64 == NULL)
+			goto err;
+		out = BIO_push(b64, out);
+		}
+	
+	while (num > 0) 
+		{
+		unsigned char buf[4096];
+		int chunk;
+
+		chunk = num;
+		if (chunk > sizeof buf)
+			chunk = sizeof buf;
+		r = RAND_bytes(buf, chunk);
+		if (r <= 0)
+			goto err;
+		BIO_write(out, buf, chunk);
+		num -= chunk;
+		}
+	BIO_flush(out);
+
+	app_RAND_write_file(NULL, bio_err);
+	ret = 0;
+	
+err:
+	ERR_print_errors(bio_err);
+	if (out)
+		BIO_free_all(out);
+	EXIT(ret);
+	}
--- a/apps/req.c
+++ b/apps/req.c
@@ -878,8 +878,8 @@ end:
 	EVP_PKEY_free(pkey);
 	X509_REQ_free(req);
 	X509_free(x509ss);
-	if(passin) Free(passin);
-	if(passout) Free(passout);
+	if(passargin && passin) Free(passin);
+	if(passargout && passout) Free(passout);
 	OBJ_cleanup();
 #ifndef NO_DSA
 	if (dsa_params != NULL) DSA_free(dsa_params);
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -179,7 +179,6 @@ bad:
 		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -in arg         input file\n");
 		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err," -in arg         input file\n");
 		BIO_printf(bio_err," -out arg        output file\n");
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
--- a/apps/rsa/01.pem
+++ b/apps/rsa/01.pem
@@ -1,15 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
-----END CERTIFICATE-----
--- a/apps/rsa/1.txt
+++ b/apps/rsa/1.txt
@@ -1,50 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
-        Signature Algorithm: md5WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: May 18 00:00:00 1998 GMT
-            Not After : May 18 23:59:59 1999 GMT
-        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1024 bit)
-                Modulus (1024 bit):
-                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
-                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
-                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
-                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
-                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
-                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
-                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
-                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
-                    b0:91:2d:85:ad:2a:1c:e7:f7
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md5WithRSAEncryption
-        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
-        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
-        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
-        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
-        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
-        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
-        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
-----BEGIN CERTIFICATE-----
-MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
-MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
-BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
-cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
-qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
-MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
-gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
-LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
-Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
-Pjrmw2eSgbdmmdumWAcNPVbV
-----END CERTIFICATE-----
--- a/apps/rsa/SecureServer.pem
+++ b/apps/rsa/SecureServer.pem
@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
-----BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
--- a/apps/rsa/s.txt
+++ b/apps/rsa/s.txt
@@ -1,49 +0,0 @@
-issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
-        Signature Algorithm: md2WithRSAEncryption
-        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Validity
-            Not Before: Nov  9 00:00:00 1994 GMT
-            Not After : Jan  7 23:59:59 2010 GMT
-        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (1000 bit)
-                Modulus (1000 bit):
-                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
-                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
-                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
-                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
-                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
-                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
-                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
-                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
-                    dd:2d:d6:c8:1e:7b
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: md2WithRSAEncryption
-        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
-        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
-        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
-        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
-        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
-        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
-        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
-----BEGIN CERTIFICATE-----
-MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
-A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
-VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
-MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
-BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
-dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
-ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
-0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
-uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
-hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
-YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
-1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -84,7 +84,6 @@ typedef fd_mask fd_set;
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"

-int do_accept(int acc_sock, int *sock, char **host);
 int do_server(int port, int *ret, int (*cb) (), char *context);
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
@@ -97,17 +96,9 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_stuff(char *ctx, char *cert_file, char *key_file);
 #endif
 int init_client(int *sock, char *server, int port);
-int init_client_ip(int *sock,unsigned char ip[4], int port);
-int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
-int nbio_sock_error(int sock);
-int spawn(int argc, char **argv, int *in, int *out);
-int init_server(int *sock, int port);
-int init_server_long(int *sock, int port,char *ip);
 int should_retry(int i);
-void sock_cleanup(void );
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
-int host_ip(char *str, unsigned char ip[4]);

 long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
 	int argi, long argl, long ret);
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1,4 +1,4 @@
-/* apps/s_cb.c */
+/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -117,6 +117,7 @@ static void sc_usage(void);
 static void print_stuff(BIO *berr,SSL *con,int full);
 static BIO *bio_c_out=NULL;
 static int c_quiet=0;
+static int c_ign_eof=0;

 static void sc_usage(void)
 	{
@@ -143,6 +144,7 @@ static void sc_usage(void)
 #endif
 	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
+	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
 	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
@@ -192,6 +194,7 @@ int MAIN(int argc, char **argv)
 	apps_startup();
 	c_Pause=0;
 	c_quiet=0;
+	c_ign_eof=0;
 	c_debug=0;
 	c_showcerts=0;

@@ -249,7 +252,12 @@ int MAIN(int argc, char **argv)
 		else if	(strcmp(*argv,"-crlf") == 0)
 			crlf=1;
 		else if	(strcmp(*argv,"-quiet") == 0)
+			{
 			c_quiet=1;
+			c_ign_eof=1;
+			}
+		else if	(strcmp(*argv,"-ign_eof") == 0)
+			c_ign_eof=1;
 		else if	(strcmp(*argv,"-pause") == 0)
 			c_Pause=1;
 		else if	(strcmp(*argv,"-debug") == 0)
@@ -711,13 +719,13 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			else
 				i=read(fileno(stdin),cbuf,BUFSIZZ);

-			if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
+			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
 				{
 				BIO_printf(bio_err,"DONE\n");
 				goto shut;
 				}

-			if ((!c_quiet) && (cbuf[0] == 'R'))
+			if ((!c_ign_eof) && (cbuf[0] == 'R'))
 				{
 				BIO_printf(bio_err,"RENEGOTIATING\n");
 				SSL_renegotiate(con);
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -1,4 +1,4 @@
-/* apps/s_socket.c */
+/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -79,16 +79,17 @@ typedef unsigned int u_int;
 #include "s_apps.h"
 #include <openssl/ssl.h>

-#ifdef VMS
-#if (__VMS_VER < 70000000) /* FIONBIO used as a switch to enable ioctl,
-			      and that isn't in VMS < 7.0 */
-#undef FIONBIO
-#endif
-#include <processes.h> /* for vfork() */
-#endif
-
 static struct hostent *GetHostByName(char *name);
-int sock_init(void );
+#ifdef WINDOWS
+static void sock_cleanup(void);
+#endif
+static int sock_init(void);
+static int init_client_ip(int *sock,unsigned char ip[4], int port);
+static int init_server(int *sock, int port);
+static int init_server_long(int *sock, int port,char *ip);
+static int do_accept(int acc_sock, int *sock, char **host);
+static int host_ip(char *str, unsigned char ip[4]);
+
 #ifdef WIN16
 #define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
 #else
@@ -131,19 +132,19 @@ static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
 #endif /* WIN32 */
 #endif /* WINDOWS */

-void sock_cleanup(void)
-	{
 #ifdef WINDOWS
+static void sock_cleanup(void)
+	{
 	if (wsa_init_done)
 		{
 		wsa_init_done=0;
 		WSACancelBlockingCall();
 		WSACleanup();
 		}
-#endif
 	}
+#endif

-int sock_init(void)
+static int sock_init(void)
 	{
 #ifdef WINDOWS
 	if (!wsa_init_done)
@@ -187,7 +188,7 @@ int init_client(int *sock, char *host, int port)
 	return(init_client_ip(sock,ip,port));
 	}

-int init_client_ip(int *sock, unsigned char ip[4], int port)
+static int init_client_ip(int *sock, unsigned char ip[4], int port)
 	{
 	unsigned long addr;
 	struct sockaddr_in them;
@@ -218,75 +219,6 @@ int init_client_ip(int *sock, unsigned char ip[4], int port)
 	return(1);
 	}

-int nbio_sock_error(int sock)
-	{
-	int j,i;
-	int size;
-
-	size=sizeof(int);
-	/* Note: under VMS with SOCKETSHR the third parameter is currently
-	 * of type (int *) whereas under other systems it is (void *) if
-	 * you don't have a cast it will choke the compiler: if you do
-	 * have a cast then you can either go for (int *) or (void *).
-	 */
-	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,(void *)&size);
-	if (i < 0)
-		return(1);
-	else
-		return(j);
-	}
-
-int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)
-	{
-	unsigned long addr;
-	struct sockaddr_in them;
-	int s,i;
-
-	if (!sock_init()) return(0);
-
-	memset((char *)&them,0,sizeof(them));
-	them.sin_family=AF_INET;
-	them.sin_port=htons((unsigned short)port);
-	addr=	(unsigned long)
-		((unsigned long)ip[0]<<24L)|
-		((unsigned long)ip[1]<<16L)|
-		((unsigned long)ip[2]<< 8L)|
-		((unsigned long)ip[3]);
-	them.sin_addr.s_addr=htonl(addr);
-
-	if (*sock <= 0)
-		{
-#ifdef FIONBIO
-		unsigned long l=1;
-#endif
-
-		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
-		if (s == INVALID_SOCKET) { perror("socket"); return(0); }
-
-		i=0;
-		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
-		if (i < 0) { perror("keepalive"); return(0); }
-		*sock=s;
-
-#ifdef FIONBIO
-		BIO_socket_ioctl(s,FIONBIO,&l);
-#endif
-		}
-	else
-		s= *sock;
-
-	i=connect(s,(struct sockaddr *)&them,sizeof(them));
-	if (i == INVALID_SOCKET)
-		{
-		if (BIO_sock_should_retry(i))
-			return(-1);
-		else
-			return(0);
-		}
-	else
-		return(1);
-	}
-
 int do_server(int port, int *ret, int (*cb)(), char *context)
 	{
 	int sock;
@@ -319,7 +251,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context)
 		}
 	}

-int init_server_long(int *sock, int port, char *ip)
+static int init_server_long(int *sock, int port, char *ip)
 	{
 	int ret=0;
 	struct sockaddr_in server;
@@ -369,12 +301,12 @@ err:
 	return(ret);
 	}

-int init_server(int *sock, int port)
+static int init_server(int *sock, int port)
 	{
 	return(init_server_long(sock, port, NULL));
 	}

-int do_accept(int acc_sock, int *sock, char **host)
+static int do_accept(int acc_sock, int *sock, char **host)
 	{
 	int ret,i;
 	struct hostent *h1,*h2;
@@ -490,7 +422,7 @@ err:
 	return(0);
 	}

-int host_ip(char *str, unsigned char ip[4])
+static int host_ip(char *str, unsigned char ip[4])
 	{
 	unsigned int in[4]; 
 	int i;
@@ -606,69 +538,3 @@ static struct hostent *GetHostByName(char *name)
 		return(ret);
 		}
 	}
-
-#ifndef MSDOS
-int spawn(int argc, char **argv, int *in, int *out)
-	{
-	int pid;
-#define CHILD_READ	p1[0]
-#define CHILD_WRITE	p2[1]
-#define PARENT_READ	p2[0]
-#define PARENT_WRITE	p1[1]
-	int p1[2],p2[2];
-
-	if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
-
-#ifdef VMS
-	if ((pid=vfork()) == 0)
-#else
-	if ((pid=fork()) == 0)
-#endif
-		{ /* child */
-		if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
-			perror("dup2");
-		if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
-			perror("dup2");
-		if (dup2(CHILD_READ,fileno(stdin)) < 0)
-			perror("dup2");
-		close(CHILD_READ); 
-		close(CHILD_WRITE);
-
-		close(PARENT_READ);
-		close(PARENT_WRITE);
-		execvp(argv[0],argv);
-		perror("child");
-		exit(1);
-		}
-
-	/* parent */
-	*in= PARENT_READ;
-	*out=PARENT_WRITE;
-	close(CHILD_READ);
-	close(CHILD_WRITE);
-	return(pid);
-	}
-#endif /* MSDOS */
-
-
-#ifdef undef
-	/* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
-	 * on sockets */
-	{
-	SOCKET s;
-	int optionValue = SO_SYNCHRONOUS_NONALERT;
-	int err;
-
-	err = setsockopt( 
-	    INVALID_SOCKET, 
-	    SOL_SOCKET, 
-	    SO_OPENTYPE, 
-	    (char *)&optionValue, 
-	    sizeof(optionValue));
-	if (err != NO_ERROR) {
-	/* failed for some reason... */
-		BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
-			WSAGetLastError());
-		}
-	}
-#endif
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -272,7 +272,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf(bio_err,  "-rand file:file:...\n");
+		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");
 		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
@@ -309,9 +309,6 @@ int MAIN(int argc, char **argv)
 			goto end;
 #endif
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("load encryption certificates");
-#endif		
 		encerts = sk_X509_new_null();
 		while (*args) {
 			if(!(cert = load_cert(*args))) {
@@ -322,50 +319,29 @@ int MAIN(int argc, char **argv)
 			cert = NULL;
 			args++;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	if(signerfile && (operation == SMIME_SIGN)) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("load signer certificate");
-#endif		
 		if(!(signer = load_cert(signerfile))) {
 			BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	if(certfile) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("load other certfiles");
-#endif		
 		if(!(other = load_certs(certfile))) {
 			BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	if(recipfile && (operation == SMIME_DECRYPT)) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("load recipient certificate");
-#endif		
 		if(!(recip = load_cert(recipfile))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	if(operation == SMIME_DECRYPT) {
@@ -375,22 +351,13 @@ int MAIN(int argc, char **argv)
 	} else keyfile = NULL;

 	if(keyfile) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("load keyfile");
-#endif		
 		if(!(key = load_key(keyfile, passin))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("open input files");
-#endif		
 	if (infile) {
 		if (!(in = BIO_new_file(infile, inmode))) {
 			BIO_printf (bio_err,
@@ -398,13 +365,7 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif		

-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("open output files");
-#endif		
 	if (outfile) {
 		if (!(out = BIO_new_file(outfile, outmode))) {
 			BIO_printf (bio_err,
@@ -412,50 +373,23 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif		

 	if(operation == SMIME_VERIFY) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("setup_verify");
-#endif		
 		if(!(store = setup_verify(CAfile, CApath))) goto end;
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	ret = 3;

 	if(operation == SMIME_ENCRYPT) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("PKCS7_encrypt");
-#endif		
 		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	} else if(operation == SMIME_SIGN) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("PKCS7_sign");
-#endif		
 		p7 = PKCS7_sign(signer, key, other, in, flags);
 		BIO_reset(in);
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	} else {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("SMIME_read_PKCS7");
-#endif		
 		if(!(p7 = SMIME_read_PKCS7(in, &indata))) {
 			BIO_printf(bio_err, "Error reading S/MIME message\n");
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	}

 	if(!p7) {
@@ -465,45 +399,25 @@ int MAIN(int argc, char **argv)

 	ret = 4;
 	if(operation == SMIME_DECRYPT) {
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("PKCS7_decrypt");
-#endif		
 		if(!PKCS7_decrypt(p7, key, recip, out, flags)) {
 			BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 	} else if(operation == SMIME_VERIFY) {
 		STACK_OF(X509) *signers;
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_push_info("PKCS7_verify");
-#endif		
 		if(PKCS7_verify(p7, other, store, indata, out, flags)) {
 			BIO_printf(bio_err, "Verification Successful\n");
 		} else {
 			BIO_printf(bio_err, "Verification Failure\n");
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-		CRYPTO_push_info("PKCS7_get0_signers");
-#endif		
 		signers = PKCS7_get0_signers(p7, other, flags);
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-		CRYPTO_push_info("save_certs");
-#endif		
 		if(!save_certs(signerfile, signers)) {
 			BIO_printf(bio_err, "Error writing signers to %s\n",
 								signerfile);
 			ret = 5;
 			goto end;
 		}
-#ifdef CRYPTO_MDEBUG
-		CRYPTO_pop_info();
-#endif		
 		sk_X509_free(signers);
 	} else if(operation == SMIME_PK7OUT) {
 		PEM_write_bio_PKCS7(out, p7);
@@ -515,9 +429,6 @@ int MAIN(int argc, char **argv)
 	}
 	ret = 0;
 end:
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_remove_all_info();
-#endif
 	if (need_rand)
 		app_RAND_write_file(NULL, bio_err);
 	if(ret) ERR_print_errors(bio_err);
@@ -583,20 +494,9 @@ static X509_STORE *setup_verify(char *CAfile, char *CApath)
 {
 	X509_STORE *store;
 	X509_LOOKUP *lookup;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_push_info("X509_STORE_new");
-#endif	
 	if(!(store = X509_STORE_new())) goto end;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("X509_STORE_add_lookup(...file)");
-#endif	
 	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
 	if (lookup == NULL) goto end;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("X509_LOOKUP_load_file");
-#endif	
 	if (CAfile) {
 		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
 			BIO_printf(bio_err, "Error loading file %s\n", CAfile);
@@ -604,25 +504,14 @@ static X509_STORE *setup_verify(char *CAfile, char *CApath)
 		}
 	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
 		
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("X509_STORE_add_lookup(...hash_dir)");
-#endif	
 	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
 	if (lookup == NULL) goto end;
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-	CRYPTO_push_info("X509_LOOKUP_add_dir");
-#endif	
 	if (CApath) {
 		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
 			BIO_printf(bio_err, "Error loading directory %s\n", CApath);
 			goto end;
 		}
 	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-#ifdef CRYPTO_MDEBUG
-	CRYPTO_pop_info();
-#endif	

 	ERR_clear_error();
 	return store;
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1030,6 +1030,11 @@ int MAIN(int argc, char **argv)

 	RAND_pseudo_bytes(buf,20);
 #ifndef NO_DSA
+	if (RAND_status() != 1)
+		{
+		RAND_seed(rnd_seed, sizeof rnd_seed);
+		rnd_fake = 1;
+		}
 	for (j=0; j<DSA_NUM; j++)
 		{
 		unsigned int kk;
@@ -1089,6 +1094,7 @@ int MAIN(int argc, char **argv)
 				dsa_doit[j]=0;
 			}
 		}
+	if (rnd_fake) RAND_cleanup();
 #endif

 	fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION));
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -63,8 +63,10 @@
 #include <time.h>
 #include "apps.h"
 #include <openssl/bio.h>
+#include <openssl/conf.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include <openssl/lhash.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>

--- a/apps/testdsa.h
+++ b/apps/testdsa.h
@@ -1,4 +1,5 @@
 /* NOCW */
+/* used by apps/speed.c */
 DSA *get_dsa512(void );
 DSA *get_dsa1024(void );
 DSA *get_dsa2048(void );
@@ -146,3 +147,5 @@ DSA *get_dsa2048()
 	return(dsa);
 	}

+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+static int rnd_fake = 0;
--- a/apps/testrsa.h
+++ b/apps/testrsa.h
@@ -1,4 +1,5 @@
 /* apps/testrsa.h */
+/* used by apps/speed.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
--- a/apps/tkca
+++ b/apps/tkca
@@ -1,66 +0,0 @@
-#!/usr/local/bin/perl5
-#
-# This is only something I'm playing with, it does not work :-)
-#
-
-use Tk;
-
-my $main=MainWindow->new();
-my $f=$main->Frame(-relief => "ridge", -borderwidth => 2);
-$f->pack(-fill => 'x');
-
-my $ff=$f->Frame;
-$ff->pack(-fill => 'x');
-my $l=$ff->Label(-text => "TkCA - SSLeay",
-	-relief => "ridge", -borderwidth => 2);
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Certify");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Review");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Revoke");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my $l=$ff->Button(-text => "Generate CRL");
-$l->pack(-fill => 'x', -ipady => 5);
-
-my($db)=&load_db("demoCA/index.txt");
-
-MainLoop;
-
-sub load_db
-	{
-	my(%ret);
-	my($file)=@_;
-	my(*IN);
-	my(%db_serial,%db_name,@f,@db_s);
-
-	$ret{'serial'}=\%db_serial;
-	$ret{'name'}=\%db_name;
-
-	open(IN,"<$file") || die "unable to open $file:$!\n";
-	while (<IN>)
-		{
-		chop;
-		s/([^\\])\t/\1\t\t/g;
-		my(@f)=split(/\t\t/);
-		die "wrong number of fields in $file, line $.\n"
-			if ($#f != 5);
-
-		my(%f);
-		$f{'type'}=$f[0];
-		$f{'exp'}=$f[1];
-		$f{'rev'}=$f[2];
-		$f{'serial'}=$f[3];
-		$f{'file'}=$f[4];
-		$f{'name'}=$f[5];
-		die "serial number $f{'serial'} appears twice (line $.)\n"
-			if (defined($db{$f{'serial'}}))
-		$db_serial{$f{'serial'}}=\%f;
-		$db_name{$f{'name'}}.=$f{'serial'}." ";
-		}
-	return \%ret;
-	}
--- a/apps/winrand.c
+++ b/apps/winrand.c
@@ -0,0 +1,149 @@
+/* apps/winrand.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Usage: winrand [filename]
+ *
+ * Collects entropy from mouse movements and other events and writes
+ * random data to filename or .rnd
+ */
+
+#include <windows.h>
+#include <openssl/opensslv.h>
+#include <openssl/rand.h>
+
+LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
+const char *filename;
+
+int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
+        PSTR cmdline, int iCmdShow)
+	{
+	static char appname[] = "OpenSSL";
+	HWND hwnd;
+	MSG msg;
+	WNDCLASSEX wndclass;
+        char buffer[200];
+
+        if (cmdline[0] == '\0')
+                filename = RAND_file_name(buffer, sizeof buffer);
+        else
+                filename = cmdline;
+
+        RAND_load_file(filename, -1);
+
+	wndclass.cbSize = sizeof(wndclass);
+	wndclass.style = CS_HREDRAW | CS_VREDRAW;
+	wndclass.lpfnWndProc = WndProc;
+	wndclass.cbClsExtra = 0;
+	wndclass.cbWndExtra = 0;
+	wndclass.hInstance = hInstance;
+	wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION);
+	wndclass.hCursor = LoadCursor(NULL, IDC_ARROW);
+	wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH);
+	wndclass.lpszMenuName = NULL;
+        wndclass.lpszClassName = appname;
+	wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION);
+	RegisterClassEx(&wndclass);
+
+        hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
+		WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
+		CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
+
+	ShowWindow(hwnd, iCmdShow);
+	UpdateWindow(hwnd);
+
+
+	while (GetMessage(&msg, NULL, 0, 0))
+		{
+		TranslateMessage(&msg);
+		DispatchMessage(&msg);
+		}
+
+	return msg.wParam;
+	}
+
+LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
+	{
+        HDC hdc;
+	PAINTSTRUCT ps;
+        RECT rect;
+        char buffer[200];
+        static int seeded = 0;
+
+	switch (iMsg)
+		{
+	case WM_PAINT:
+		hdc = BeginPaint(hwnd, &ps);
+		GetClientRect(hwnd, &rect);
+                DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1,
+			&rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER);
+		EndPaint(hwnd, &ps);
+		return 0;
+		
+        case WM_DESTROY:
+                PostQuitMessage(0);
+                return 0;
+                }
+
+        if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
+                {
+                seeded = 1;
+                if (RAND_write_file(filename) <= 0)
+                        MessageBox(hwnd, "Couldn't write random file!",
+				"OpenSSL", MB_OK | MB_ICONERROR);
+                PostQuitMessage(0);
+                }
+
+	return DefWindowProc(hwnd, iMsg, wParam, lParam);
+	}
--- a/22
+++ b/22
@@ -27,6 +27,7 @@ RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
 SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
 VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"

+
 # Now test for ISC and SCO, since it is has a braindamaged uname.
 #
 # We need to work around FreeBSD 1.1.5.1 
@@ -50,6 +51,8 @@ if [ "x$XREL" != "x" ]; then
 	    4.2MP)
 		if [ "x$VERSION" = "x2.1.1" ]; then
 		    echo "${MACHINE}-whatever-unixware211"; exit 0
+		elif [ "x$VERSION" = "x2.1.2" ]; then
+		    echo "${MACHINE}-whatever-unixware212"; exit 0
 		else
 		    echo "${MACHINE}-whatever-unixware2"; exit 0
 		fi
@@ -57,8 +60,10 @@ if [ "x$XREL" != "x" ]; then
 	    4.2)
 		echo "whatever-whatever-unixware1"; exit 0
 		;;
-	    5*)
-		echo "${MACHINE}-sco-unixware7"; exit 0
+	    5)
+		if [ "`echo x$VERSION | sed -e 's/\..*//'`" = "x7" ]; then
+		    echo "${MACHINE}-sco-unixware7"; exit 0
+		fi
 		;;
 	esac
    fi
@@ -287,6 +292,8 @@ TEST="false"
 for i
 do
 case "$i" in 
+# shared library support (behnke@trustcenter.de)
+-shared) SHARED=true;;
 -d*) PREFIX="debug-";;
 -t*) TEST="true";;
 -h*) TEST="true"; cat <<EOF
@@ -402,6 +409,7 @@ case "$GUESSOS" in
 	;;
  mips-*-linux?) OUT="linux-mips" ;;
  ppc-*-linux2) OUT="linux-ppc" ;;
+  ia64-*-linux?) OUT="linux-ia64" ;;
  ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
  sparc64-*-linux2)
 	#Before we can uncomment following lines we have to wait at least
@@ -471,6 +479,16 @@ then
  options="$options -DATALLA"
 fi

+#get some basic shared lib support (behnke@trustcenter.de)
+case "$OUT" in
+   solaris-*-gcc)
+	if  [ "$SHARED" = "true" ] 
+	 then
+	  options="$options -DPIC -fPIC"
+        fi
+     ;;
+esac
+
 # gcc < 2.8 does not support -mcpu=ultrasparc
 if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
 then
--- a/crypto/Makefile.ssl
+++ b/crypto/Makefile.ssl
@@ -40,7 +40,7 @@ LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdi
 SRC= $(LIBSRC)

 EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h
-HEADER=	cryptlib.h buildinf.h $(EXHEADER)
+HEADER=	cryptlib.h buildinf.h md32_common.h $(EXHEADER)

 ALL=    $(GENERAL) $(SRC) $(HEADER)

--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -129,7 +129,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
 	}
 	pbe->salt->length = saltlen;
 	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else if (RAND_bytes (pbe->salt->data, saltlen) <= 0)
+	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
 		return NULL;

 	if (!(astype = ASN1_TYPE_new())) {
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -194,7 +194,8 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;

 	/* Create random IV */
-	RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher));
+	if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+		goto err;

 	/* Dummy cipherinit to just setup the IV */
 	EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
@@ -212,7 +213,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if (!(osalt->data = Malloc (saltlen))) goto merr;
 	osalt->length = saltlen;
 	if (salt) memcpy (osalt->data, salt, saltlen);
-	else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr;
+	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;

 	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
 	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -119,7 +119,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)

 	pkey=X509_REQ_get_pubkey(x);
 #ifndef NO_RSA
-	if (pkey->type == EVP_PKEY_RSA)
+	if (pkey != NULL && pkey->type == EVP_PKEY_RSA)
 		{
 		BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
 			BN_num_bits(pkey->pkey.rsa->n));
@@ -128,7 +128,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 	else 
 #endif
 #ifndef NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
+		if (pkey != NULL && pkey->type == EVP_PKEY_DSA)
 		{
 		BIO_printf(bp,"%12sDSA Public Key:\n","");
 		DSA_print(bp,pkey->pkey.dsa,16);
@@ -137,7 +137,8 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 #endif
 		BIO_printf(bp,"%12sUnknown Public Key:\n","");

-	EVP_PKEY_free(pkey);
+	if (pkey != NULL)
+	    EVP_PKEY_free(pkey);

 	/* may not be */
 	sprintf(str,"%8sAttributes:\n","");
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -183,8 +183,10 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)

 	Free(s);

+#if 0
 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
 	pk->pkey=pkey;
+#endif

 	if (*x != NULL)
 		X509_PUBKEY_free(*x);
--- a/crypto/bf/Makefile.ssl
+++ b/crypto/bf/Makefile.ssl
@@ -49,7 +49,7 @@ lib:	$(LIBOBJ)

 # elf
 asm/bx86-elf.o: asm/bx86unix.cpp
-	$(CPP) -DELF asm/bx86unix.cpp | as -o asm/bx86-elf.o
+	$(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o

 # solaris
 asm/bx86-sol.o: asm/bx86unix.cpp
@@ -65,7 +65,7 @@ asm/bx86-out.o: asm/bx86unix.cpp
 asm/bx86bsdi.o: asm/bx86unix.cpp
 	$(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o

-asm/bx86unix.cpp:
+asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
 	(cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)

 files:
--- a/crypto/bf/Makefile.uni
+++ b/crypto/bf/Makefile.uni
@@ -1,157 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-DIR=	bf
-TOP=	.
-# use BF_PTR2 for intel boxes,
-# BF_PTR for sparc and MIPS/SGI
-# use nothing for Alpha and HP.
-
-# There are 3 possible performance options, experiment :-)
-#OPTS= -DBF_PTR  # usr for sparc and MIPS/SGI
-#OPTS= -DBF_PTR2 # use for pentium
-OPTS=		 # use for pentium pro, Alpha and HP
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-RANLIB=ranlib
-
-# Assember version of bf_encrypt().
-BF_ENC=bf_enc.o		# normal C version
-#BF_ENC=asm/bx86-elf.o	# elf format x86
-#BF_ENC=asm/bx86-out.o	# a.out format x86
-#BF_ENC=asm/bx86-sol.o	# solaris format x86 
-#BF_ENC=asm/bx86bsdi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
-LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
-
-GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
-	COPYRIGHT blowfish.doc INSTALL
-
-TESTING=    bftest bfspeed bf_opts
-TESTING_SRC=bftest.c bfspeed.c bf_opts.c
-HEADERS=bf_locl.h blowfish.h bf_pi.h
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
-
-BLIB=	libblowfish.a
-
-all: $(BLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) BF_ENC='asm/bx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) BF_ENC='asm/bx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) BF_ENC='asm/bx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/bx86-elf.o: asm/bx86unix.cpp
-	$(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
-
-# solaris
-asm/bx86-sol.o: asm/bx86unix.cpp
-	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
-	as -o asm/bx86-sol.o asm/bx86-sol.s
-	rm -f asm/bx86-sol.s
-
-# a.out
-asm/bx86-out.o: asm/bx86unix.cpp
-	$(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
-
-# bsdi
-asm/bx86bsdi.o: asm/bx86unix.cpp
-	$(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
-
-asm/bx86unix.cpp:
-	(cd asm; perl bf-586.pl cpp >bx86unix.cpp)
-	
-test:	all
-	./bftest
-
-$(BLIB): $(LIBOBJ)
-	/bin/rm -f $(BLIB)
-	ar cr $(BLIB) $(LIBOBJ)
-	$(RANLIB) $(BLIB)
-
-bftest: bftest.o $(BLIB)
-	$(CC) $(CFLAGS) -o bftest bftest.o $(BLIB)
-
-bfspeed: bfspeed.o $(BLIB)
-	$(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
-
-bf_opts: bf_opts.o $(BLIB)
-	$(CC) $(CFLAGS) -o bf_opts bf_opts.o $(BLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBBF)
-
-tar:
-	tar chf libbf.tar $(ALL)
-
-shar:
-	shar $(ALL) >libbf.shar
-
-depend:
-	makedepend $(LIBBF) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(BLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install: $(BLIB)
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(BLIB) $(INSTALLTOP)/lib; \
-		$(RANLIB) $(BLIB); \
-	    chmod 644 $(INSTALLTOP)/lib/$(BLIB); \
-	    cp blowfish.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/blowfish.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(BLIB) $(LIBDIR)/$(BLIB); \
-		$(RANLIB) $(BLIB); \
-	    chmod 644 $(LIBDIR)/$(BLIB); \
-	    cp blowfish.h $(INCDIR)/blowfish.h; \
-	    chmod 644 $(INCDIR)/blowfish.h; \
-	fi
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/crypto/bf/asm/b-win32.asm
+++ b/crypto/bf/asm/b-win32.asm
@@ -1,906 +0,0 @@
-	; Don't even think of reading this code
-	; It was automatically generated by bf-586.pl
-	; Which is a perl program used to generate the x86 assember for
-	; any of elf, a.out, BSDI,Win32, or Solaris
-	; eric <eay@cryptsoft.com>
-	; 
-	TITLE	bf-586.asm
-        .486
-.model FLAT
-_TEXT	SEGMENT
-PUBLIC	_BF_encrypt
-
-_BF_encrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	mov	ebx,		DWORD PTR 12[esp]
-	mov	ebp,		DWORD PTR 16[esp]
-	push	esi
-	push	edi
-	; Load the 2 words
-	mov	edi,		DWORD PTR [ebx]
-	mov	esi,		DWORD PTR 4[ebx]
-	xor	eax,		eax
-	mov	ebx,		DWORD PTR [ebp]
-	xor	ecx,		ecx
-	xor	edi,		ebx
-	; 
-	; Round 0
-	mov	edx,		DWORD PTR 4[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 1
-	mov	edx,		DWORD PTR 8[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 2
-	mov	edx,		DWORD PTR 12[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 3
-	mov	edx,		DWORD PTR 16[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 4
-	mov	edx,		DWORD PTR 20[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 5
-	mov	edx,		DWORD PTR 24[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 6
-	mov	edx,		DWORD PTR 28[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 7
-	mov	edx,		DWORD PTR 32[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 8
-	mov	edx,		DWORD PTR 36[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 9
-	mov	edx,		DWORD PTR 40[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 10
-	mov	edx,		DWORD PTR 44[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 11
-	mov	edx,		DWORD PTR 48[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 12
-	mov	edx,		DWORD PTR 52[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 13
-	mov	edx,		DWORD PTR 56[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 14
-	mov	edx,		DWORD PTR 60[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 15
-	mov	edx,		DWORD PTR 64[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	; Load parameter 0 (16) enc=1
-	mov	eax,		DWORD PTR 20[esp]
-	xor	edi,		ebx
-	mov	edx,		DWORD PTR 68[ebp]
-	xor	esi,		edx
-	mov	DWORD PTR 4[eax],edi
-	mov	DWORD PTR [eax],esi
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_BF_encrypt ENDP
-_TEXT	ENDS
-_TEXT	SEGMENT
-PUBLIC	_BF_decrypt
-
-_BF_decrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	mov	ebx,		DWORD PTR 12[esp]
-	mov	ebp,		DWORD PTR 16[esp]
-	push	esi
-	push	edi
-	; Load the 2 words
-	mov	edi,		DWORD PTR [ebx]
-	mov	esi,		DWORD PTR 4[ebx]
-	xor	eax,		eax
-	mov	ebx,		DWORD PTR 68[ebp]
-	xor	ecx,		ecx
-	xor	edi,		ebx
-	; 
-	; Round 16
-	mov	edx,		DWORD PTR 64[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 15
-	mov	edx,		DWORD PTR 60[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 14
-	mov	edx,		DWORD PTR 56[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 13
-	mov	edx,		DWORD PTR 52[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 12
-	mov	edx,		DWORD PTR 48[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 11
-	mov	edx,		DWORD PTR 44[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 10
-	mov	edx,		DWORD PTR 40[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 9
-	mov	edx,		DWORD PTR 36[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 8
-	mov	edx,		DWORD PTR 32[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 7
-	mov	edx,		DWORD PTR 28[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 6
-	mov	edx,		DWORD PTR 24[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 5
-	mov	edx,		DWORD PTR 20[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 4
-	mov	edx,		DWORD PTR 16[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 3
-	mov	edx,		DWORD PTR 12[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	edi,		ebx
-	; 
-	; Round 2
-	mov	edx,		DWORD PTR 8[ebp]
-	mov	ebx,		edi
-	xor	esi,		edx
-	shr	ebx,		16
-	mov	edx,		edi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	xor	eax,		eax
-	xor	esi,		ebx
-	; 
-	; Round 1
-	mov	edx,		DWORD PTR 4[ebp]
-	mov	ebx,		esi
-	xor	edi,		edx
-	shr	ebx,		16
-	mov	edx,		esi
-	mov	al,		bh
-	and	ebx,		255
-	mov	cl,		dh
-	and	edx,		255
-	mov	eax,		DWORD PTR 72[eax*4+ebp]
-	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
-	add	ebx,		eax
-	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
-	xor	ebx,		eax
-	mov	edx,		DWORD PTR 3144[edx*4+ebp]
-	add	ebx,		edx
-	; Load parameter 0 (1) enc=0
-	mov	eax,		DWORD PTR 20[esp]
-	xor	edi,		ebx
-	mov	edx,		DWORD PTR [ebp]
-	xor	esi,		edx
-	mov	DWORD PTR 4[eax],edi
-	mov	DWORD PTR [eax],esi
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_BF_decrypt ENDP
-_TEXT	ENDS
-_TEXT	SEGMENT
-PUBLIC	_BF_cbc_encrypt
-
-_BF_cbc_encrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-	mov	ebp,		DWORD PTR 28[esp]
-	; getting iv ptr from parameter 4
-	mov	ebx,		DWORD PTR 36[esp]
-	mov	esi,		DWORD PTR [ebx]
-	mov	edi,		DWORD PTR 4[ebx]
-	push	edi
-	push	esi
-	push	edi
-	push	esi
-	mov	ebx,		esp
-	mov	esi,		DWORD PTR 36[esp]
-	mov	edi,		DWORD PTR 40[esp]
-	; getting encrypt flag from parameter 5
-	mov	ecx,		DWORD PTR 56[esp]
-	; get and push parameter 3
-	mov	eax,		DWORD PTR 48[esp]
-	push	eax
-	push	ebx
-	cmp	ecx,		0
-	jz	$L000decrypt
-	and	ebp,		4294967288
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	jz	$L001encrypt_finish
-L002encrypt_loop:
-	mov	ecx,		DWORD PTR [esi]
-	mov	edx,		DWORD PTR 4[esi]
-	xor	eax,		ecx
-	xor	ebx,		edx
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_BF_encrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR [edi],eax
-	mov	DWORD PTR 4[edi],ebx
-	add	esi,		8
-	add	edi,		8
-	sub	ebp,		8
-	jnz	L002encrypt_loop
-$L001encrypt_finish:
-	mov	ebp,		DWORD PTR 52[esp]
-	and	ebp,		7
-	jz	$L003finish
-	xor	ecx,		ecx
-	xor	edx,		edx
-	mov	ebp,		DWORD PTR $L004cbc_enc_jmp_table[ebp*4]
-	jmp	 ebp
-L005ej7:
-	mov	dh,		BYTE PTR 6[esi]
-	shl	edx,		8
-L006ej6:
-	mov	dh,		BYTE PTR 5[esi]
-L007ej5:
-	mov	dl,		BYTE PTR 4[esi]
-L008ej4:
-	mov	ecx,		DWORD PTR [esi]
-	jmp	$L009ejend
-L010ej3:
-	mov	ch,		BYTE PTR 2[esi]
-	shl	ecx,		8
-L011ej2:
-	mov	ch,		BYTE PTR 1[esi]
-L012ej1:
-	mov	cl,		BYTE PTR [esi]
-$L009ejend:
-	xor	eax,		ecx
-	xor	ebx,		edx
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_BF_encrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR [edi],eax
-	mov	DWORD PTR 4[edi],ebx
-	jmp	$L003finish
-$L000decrypt:
-	and	ebp,		4294967288
-	mov	eax,		DWORD PTR 16[esp]
-	mov	ebx,		DWORD PTR 20[esp]
-	jz	$L013decrypt_finish
-L014decrypt_loop:
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_BF_decrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	ecx,		DWORD PTR 16[esp]
-	mov	edx,		DWORD PTR 20[esp]
-	xor	ecx,		eax
-	xor	edx,		ebx
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	mov	DWORD PTR [edi],ecx
-	mov	DWORD PTR 4[edi],edx
-	mov	DWORD PTR 16[esp],eax
-	mov	DWORD PTR 20[esp],ebx
-	add	esi,		8
-	add	edi,		8
-	sub	ebp,		8
-	jnz	L014decrypt_loop
-$L013decrypt_finish:
-	mov	ebp,		DWORD PTR 52[esp]
-	and	ebp,		7
-	jz	$L003finish
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_BF_decrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	ecx,		DWORD PTR 16[esp]
-	mov	edx,		DWORD PTR 20[esp]
-	xor	ecx,		eax
-	xor	edx,		ebx
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-L015dj7:
-	ror	edx,		16
-	mov	BYTE PTR 6[edi],dl
-	shr	edx,		16
-L016dj6:
-	mov	BYTE PTR 5[edi],dh
-L017dj5:
-	mov	BYTE PTR 4[edi],dl
-L018dj4:
-	mov	DWORD PTR [edi],ecx
-	jmp	$L019djend
-L020dj3:
-	ror	ecx,		16
-	mov	BYTE PTR 2[edi],cl
-	shl	ecx,		16
-L021dj2:
-	mov	BYTE PTR 1[esi],ch
-L022dj1:
-	mov	BYTE PTR [esi],	cl
-$L019djend:
-	jmp	$L003finish
-$L003finish:
-	mov	ecx,		DWORD PTR 60[esp]
-	add	esp,		24
-	mov	DWORD PTR [ecx],eax
-	mov	DWORD PTR 4[ecx],ebx
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-$L004cbc_enc_jmp_table:
-	DD	0
-	DD	L012ej1
-	DD	L011ej2
-	DD	L010ej3
-	DD	L008ej4
-	DD	L007ej5
-	DD	L006ej6
-	DD	L005ej7
-L023cbc_dec_jmp_table:
-	DD	0
-	DD	L022dj1
-	DD	L021dj2
-	DD	L020dj3
-	DD	L018dj4
-	DD	L017dj5
-	DD	L016dj6
-	DD	L015dj7
-_BF_cbc_encrypt ENDP
-_TEXT	ENDS
-END
--- a/crypto/bio/Makefile.ssl
+++ b/crypto/bio/Makefile.ssl
@@ -172,8 +172,10 @@ bss_acpt.o: ../../include/openssl/opensslconf.h
 bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 bss_acpt.o: ../../include/openssl/stack.h ../cryptlib.h
 bss_bio.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bss_bio.o: ../../include/openssl/err.h ../../include/openssl/opensslv.h
-bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_bio.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+bss_bio.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bss_bio.o: ../../include/openssl/stack.h
 bss_conn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 bss_conn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
 bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -64,6 +64,8 @@
 #include <stdarg.h>
 #include <string.h>
 #include <ctype.h>
+#include <assert.h>
+#include <limits.h>
 #include "cryptlib.h"
 #ifndef NO_SYS_TYPES_H
 #include <sys/types.h>
@@ -72,12 +74,16 @@

 #ifdef BN_LLONG
 # ifndef HAVE_LONG_LONG
-#  define HAVE_LONG_LONG
+#  define HAVE_LONG_LONG 1
 # endif
 #endif

 static void dopr (char *buffer, size_t maxlen, size_t *retlen,
 	const char *format, va_list args);
+#ifdef USE_ALLOCATING_PRINT
+static void doapr (char **buffer, size_t *retlen,
+	const char *format, va_list args);
+#endif

 int BIO_printf (BIO *bio, ...)
 	{
@@ -85,15 +91,32 @@ int BIO_printf (BIO *bio, ...)
 	char *format;
 	int ret;
 	size_t retlen;
+#ifdef USE_ALLOCATING_PRINT
+	char *hugebuf;
+#else
 	MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
+#endif

 	va_start(args, bio);
 	format=va_arg(args, char *);

+#ifndef USE_ALLOCATING_PRINT
 	hugebuf[0]='\0';
 	dopr(hugebuf, sizeof(hugebuf), &retlen, format, args);
-	ret=BIO_write(bio, hugebuf, (int)retlen);
+#else
+	hugebuf = NULL;
+	CRYPTO_push_info("doapr()");
+	doapr(&hugebuf, &retlen, format, args);
+	if (hugebuf)
+		{
+#endif
+		ret=BIO_write(bio, hugebuf, (int)retlen);

+#ifdef USE_ALLOCATING_PRINT
+		Free(hugebuf);
+		}
+	CRYPTO_pop_info();
+#endif
 	va_end(args);
 	return(ret);
 	}
@@ -131,10 +154,26 @@ int BIO_printf (BIO *bio, ...)
 #define LLONG long
 #endif

-static void fmtstr     (char *, size_t *, size_t, char *, int, int, int);
-static void fmtint     (char *, size_t *, size_t, LLONG, int, int, int, int);
-static void fmtfp      (char *, size_t *, size_t, LDOUBLE, int, int, int);
-static void dopr_outch (char *, size_t *, size_t, int);
+static void fmtstr     (void (*)(char **, size_t *, size_t *, int),
+			char **, size_t *, size_t *, const char *, int, int,
+			int);
+static void fmtint     (void (*)(char **, size_t *, size_t *, int),
+			char **, size_t *, size_t *, LLONG, int, int, int, int);
+static void fmtfp      (void (*)(char **, size_t *, size_t *, int),
+			char **, size_t *, size_t *, LDOUBLE, int, int, int);
+#ifndef USE_ALLOCATING_PRINT
+static int dopr_isbig (size_t, size_t);
+static int dopr_copy (size_t);
+static void dopr_outch (char **, size_t *, size_t *, int);
+#else
+static int doapr_isbig (size_t, size_t);
+static int doapr_copy (size_t);
+static void doapr_outch (char **, size_t *, size_t *, int);
+#endif
+static void _dopr(void (*)(char **, size_t *, size_t *, int),
+		  int (*)(size_t, size_t), int (*)(size_t),
+		  char **buffer, size_t *maxlen, size_t *retlen,
+		  const char *format, va_list args);

 /* format read states */
 #define DP_S_DEFAULT    0
@@ -165,6 +204,7 @@ static void dopr_outch (char *, size_t *, size_t, int);
 #define char_to_int(p) (p - '0')
 #define MAX(p,q) ((p >= q) ? p : q)

+#ifndef USE_ALLOCATING_PRINT
 static void
 dopr(
    char *buffer,
@@ -172,6 +212,35 @@ dopr(
    size_t *retlen,
    const char *format,
    va_list args)
+{
+    _dopr(dopr_outch, dopr_isbig, dopr_copy,
+	  &buffer, &maxlen, retlen, format, args);
+}
+
+#else
+static void
+doapr(
+    char **buffer,
+    size_t *retlen,
+    const char *format,
+    va_list args)
+{
+    size_t dummy_maxlen = 0;
+    _dopr(doapr_outch, doapr_isbig, doapr_copy,
+	  buffer, &dummy_maxlen, retlen, format, args);
+}
+#endif
+
+static void
+_dopr(
+    void (*outch_fn)(char **, size_t *, size_t *, int),
+    int (*isbig_fn)(size_t, size_t),
+    int (*copy_fn)(size_t),
+    char **buffer,
+    size_t *maxlen,
+    size_t *retlen,
+    const char *format,
+    va_list args)
 {
    char ch;
    LLONG value;
@@ -190,7 +259,7 @@ dopr(
    ch = *format++;

    while (state != DP_S_DONE) {
-        if ((ch == '\0') || (currlen >= maxlen))
+        if ((ch == '\0') || (*isbig_fn)(currlen, *maxlen))
            state = DP_S_DONE;

        switch (state) {
@@ -198,7 +267,7 @@ dopr(
            if (ch == '%')
                state = DP_S_FLAGS;
            else
-                dopr_outch(buffer, &currlen, maxlen, ch);
+                (*outch_fn)(buffer, &currlen, maxlen, ch);
            ch = *format++;
            break;
        case DP_S_FLAGS:
@@ -292,7 +361,7 @@ dopr(
            case 'i':
                switch (cflags) {
                case DP_C_SHORT:
-                    value = va_arg(args, short int);
+                    value = (short int)va_arg(args, int);
                    break;
                case DP_C_LONG:
                    value = va_arg(args, long int);
@@ -304,7 +373,8 @@ dopr(
                    value = va_arg(args, int);
                    break;
                }
-                fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags);
+                fmtint(outch_fn, buffer, &currlen, maxlen,
+		       value, 10, min, max, flags);
                break;
            case 'X':
                flags |= DP_F_UP;
@@ -315,8 +385,7 @@ dopr(
                flags |= DP_F_UNSIGNED;
                switch (cflags) {
                case DP_C_SHORT:
-                    value = va_arg(args,
-                        unsigned short int);
+                    value = (unsigned short int)va_arg(args, unsigned int);
                    break;
                case DP_C_LONG:
                    value = (LLONG) va_arg(args,
@@ -330,7 +399,7 @@ dopr(
                        unsigned int);
                    break;
                }
-                fmtint(buffer, &currlen, maxlen, value,
+                fmtint(outch_fn, buffer, &currlen, maxlen, value,
                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
                       min, max, flags);
                break;
@@ -339,7 +408,8 @@ dopr(
                    fvalue = va_arg(args, LDOUBLE);
                else
                    fvalue = va_arg(args, double);
-                fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags);
+                fmtfp(outch_fn, buffer, &currlen, maxlen,
+		      fvalue, min, max, flags);
                break;
            case 'E':
                flags |= DP_F_UP;
@@ -358,19 +428,19 @@ dopr(
                    fvalue = va_arg(args, double);
                break;
            case 'c':
-                dopr_outch(buffer, &currlen, maxlen,
+                (*outch_fn)(buffer, &currlen, maxlen,
                    va_arg(args, int));
                break;
            case 's':
                strvalue = va_arg(args, char *);
                if (max < 0)
-                    max = maxlen;
-                fmtstr(buffer, &currlen, maxlen, strvalue,
-                    flags, min, max);
+                    max = (*copy_fn)(*maxlen);
+                fmtstr(outch_fn, buffer, &currlen, maxlen, strvalue,
+		       flags, min, max);
                break;
            case 'p':
                value = (long)va_arg(args, void *);
-                fmtint(buffer, &currlen, maxlen,
+                fmtint(outch_fn, buffer, &currlen, maxlen,
                    value, 16, min, max, flags);
                break;
            case 'n': /* XXX */
@@ -393,7 +463,7 @@ dopr(
                }
                break;
            case '%':
-                dopr_outch(buffer, &currlen, maxlen, ch);
+                (*outch_fn)(buffer, &currlen, maxlen, ch);
                break;
            case 'w':
                /* not supported yet, treat as next char */
@@ -414,19 +484,20 @@ dopr(
            break;
        }
    }
-    if (currlen >= maxlen - 1)
-        currlen = maxlen - 1;
-    buffer[currlen] = '\0';
+    if (currlen >= *maxlen - 1)
+        currlen = *maxlen - 1;
+    (*buffer)[currlen] = '\0';
    *retlen = currlen;
    return;
 }

 static void
 fmtstr(
-    char *buffer,
+    void (*outch_fn)(char **, size_t *, size_t *, int),
+    char **buffer,
    size_t *currlen,
-    size_t maxlen,
-    char *value,
+    size_t *maxlen,
+    const char *value,
    int flags,
    int min,
    int max)
@@ -445,16 +516,16 @@ fmtstr(
        padlen = -padlen;

    while ((padlen > 0) && (cnt < max)) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        --padlen;
        ++cnt;
    }
    while (*value && (cnt < max)) {
-        dopr_outch(buffer, currlen, maxlen, *value++);
+        (*outch_fn)(buffer, currlen, maxlen, *value++);
        ++cnt;
    }
    while ((padlen < 0) && (cnt < max)) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        ++padlen;
        ++cnt;
    }
@@ -462,9 +533,10 @@ fmtstr(

 static void
 fmtint(
-    char *buffer,
+    void (*outch_fn)(char **, size_t *, size_t *, int),
+    char **buffer,
    size_t *currlen,
-    size_t maxlen,
+    size_t *maxlen,
    LLONG value,
    int base,
    int min,
@@ -518,28 +590,28 @@ fmtint(

    /* spaces */
    while (spadlen > 0) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        --spadlen;
    }

    /* sign */
    if (signvalue)
-        dopr_outch(buffer, currlen, maxlen, signvalue);
+        (*outch_fn)(buffer, currlen, maxlen, signvalue);

    /* zeros */
    if (zpadlen > 0) {
        while (zpadlen > 0) {
-            dopr_outch(buffer, currlen, maxlen, '0');
+            (*outch_fn)(buffer, currlen, maxlen, '0');
            --zpadlen;
        }
    }
    /* digits */
    while (place > 0)
-        dopr_outch(buffer, currlen, maxlen, convert[--place]);
+        (*outch_fn)(buffer, currlen, maxlen, convert[--place]);

    /* left justified spaces */
    while (spadlen < 0) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        ++spadlen;
    }
    return;
@@ -578,9 +650,10 @@ round(LDOUBLE value)

 static void
 fmtfp(
-    char *buffer,
+    void (*outch_fn)(char **, size_t *, size_t *, int),
+    char **buffer,
    size_t *currlen,
-    size_t maxlen,
+    size_t *maxlen,
    LDOUBLE fvalue,
    int min,
    int max,
@@ -658,54 +731,114 @@ fmtfp(

    if ((flags & DP_F_ZERO) && (padlen > 0)) {
        if (signvalue) {
-            dopr_outch(buffer, currlen, maxlen, signvalue);
+            (*outch_fn)(buffer, currlen, maxlen, signvalue);
            --padlen;
            signvalue = 0;
        }
        while (padlen > 0) {
-            dopr_outch(buffer, currlen, maxlen, '0');
+            (*outch_fn)(buffer, currlen, maxlen, '0');
            --padlen;
        }
    }
    while (padlen > 0) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        --padlen;
    }
    if (signvalue)
-        dopr_outch(buffer, currlen, maxlen, signvalue);
+        (*outch_fn)(buffer, currlen, maxlen, signvalue);

    while (iplace > 0)
-        dopr_outch(buffer, currlen, maxlen, iconvert[--iplace]);
+        (*outch_fn)(buffer, currlen, maxlen, iconvert[--iplace]);

    /*
     * Decimal point. This should probably use locale to find the correct
     * char to print out.
     */
    if (max > 0) {
-        dopr_outch(buffer, currlen, maxlen, '.');
+        (*outch_fn)(buffer, currlen, maxlen, '.');

        while (fplace > 0)
-            dopr_outch(buffer, currlen, maxlen, fconvert[--fplace]);
+            (*outch_fn)(buffer, currlen, maxlen, fconvert[--fplace]);
    }
    while (zpadlen > 0) {
-        dopr_outch(buffer, currlen, maxlen, '0');
+        (*outch_fn)(buffer, currlen, maxlen, '0');
        --zpadlen;
    }

    while (padlen < 0) {
-        dopr_outch(buffer, currlen, maxlen, ' ');
+        (*outch_fn)(buffer, currlen, maxlen, ' ');
        ++padlen;
    }
 }

+static int
+dopr_copy(
+    size_t len)
+{
+    return len;
+}
+
+#ifdef USE_ALLOCATING_PRINT
+static int
+doapr_copy(
+    size_t len)
+{
+    /* Return as high an integer as possible */
+    return INT_MAX;
+}
+#endif
+
+static int
+dopr_isbig(
+    size_t currlen,
+    size_t maxlen)
+{
+    return currlen > maxlen;
+}
+
+#ifdef USE_ALLOCATING_PRINT
+static int
+doapr_isbig(
+    size_t currlen,
+    size_t maxlen)
+{
+    return 0;
+}
+#endif
+
 static void
 dopr_outch(
-    char *buffer,
+    char **buffer,
    size_t *currlen,
-    size_t maxlen,
+    size_t *maxlen,
    int c)
 {
-    if (*currlen < maxlen)
-        buffer[(*currlen)++] = (char)c;
+    if (*currlen < *maxlen)
+        (*buffer)[(*currlen)++] = (char)c;
    return;
 }
+
+#ifdef USE_ALLOCATING_PRINT
+static void
+doapr_outch(
+    char **buffer,
+    size_t *currlen,
+    size_t *maxlen,
+    int c)
+{
+    if (*buffer == NULL) {
+	if (*maxlen == 0)
+	    *maxlen = 1024;
+	*buffer = Malloc(*maxlen);
+    }
+    while (*currlen >= *maxlen) {
+	*maxlen += 1024;
+	*buffer = Realloc(*buffer, *maxlen);
+    }
+    /* What to do if *buffer is NULL? */
+    assert(*buffer != NULL);
+
+    (*buffer)[(*currlen)++] = (char)c;
+    return;
+}
+#endif
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -507,7 +507,7 @@ int	BIO_set(BIO *a,BIO_METHOD *type);
 int	BIO_free(BIO *a);
 int	BIO_read(BIO *b, void *data, int len);
 int	BIO_gets(BIO *bp,char *buf, int size);
-int	BIO_write(BIO *b, const char *data, int len);
+int	BIO_write(BIO *b, const void *data, int len);
 int	BIO_puts(BIO *bp,const char *buf);
 long	BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
 long	BIO_callback_ctrl(BIO *bp,int cmd,void (*fp)());
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -169,7 +169,7 @@ int BIO_read(BIO *b, void *out, int outl)
 	return(i);
 	}

-int BIO_write(BIO *b, const char *in, int inl)
+int BIO_write(BIO *b, const void *in, int inl)
 	{
 	int i;
 	long (*cb)();
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@@ -19,8 +19,14 @@

 #include <openssl/bio.h>
 #include <openssl/err.h>
+#include <openssl/err.h>
 #include <openssl/crypto.h>

+#include "openssl/e_os.h"
+#ifndef SSIZE_MAX
+# define SSIZE_MAX INT_MAX
+#endif
+
 static int bio_new(BIO *bio);
 static int bio_free(BIO *bio);
 static int bio_read(BIO *bio, char *buf, int size);
@@ -205,10 +211,10 @@ static int bio_read(BIO *bio, char *buf, int size_)
 */
 /* WARNING: The non-copying interface is largely untested as of yet
 * and may contain bugs. */
-static size_t bio_nread0(BIO *bio, char **buf)
+static ssize_t bio_nread0(BIO *bio, char **buf)
 	{
 	struct bio_bio_st *b, *peer_b;
-	size_t num;
+	ssize_t num;
 	
 	BIO_clear_retry_flags(bio);

@@ -243,15 +249,20 @@ static size_t bio_nread0(BIO *bio, char **buf)
 	return num;
 	}

-static size_t bio_nread(BIO *bio, char **buf, size_t num)
+static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
 	{
 	struct bio_bio_st *b, *peer_b;
-	size_t available;
+	ssize_t num, available;
+
+	if (num_ > SSIZE_MAX)
+		num = SSIZE_MAX;
+	else
+		num = (ssize_t)num_;

 	available = bio_nread0(bio, buf);
 	if (num > available)
 		num = available;
-	if (num == 0)
+	if (num <= 0)
 		return num;

 	b = bio->ptr;
@@ -351,7 +362,7 @@ static int bio_write(BIO *bio, char *buf, int num_)
 * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
 *  or just         bio_nwrite(), write to buffer)
 */
-static size_t bio_nwrite0(BIO *bio, char **buf)
+static ssize_t bio_nwrite0(BIO *bio, char **buf)
 	{
 	struct bio_bio_st *b;
 	size_t num;
@@ -399,15 +410,20 @@ static size_t bio_nwrite0(BIO *bio, char **buf)
 	return num;
 	}

-static size_t bio_nwrite(BIO *bio, char **buf, size_t num)
+static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
 	{
 	struct bio_bio_st *b;
-	size_t space;
+	ssize_t num, space;
+
+	if (num_ > SSIZE_MAX)
+		num = SSIZE_MAX;
+	else
+		num = (ssize_t)num_;

 	space = bio_nwrite0(bio, buf);
 	if (num > space)
 		num = space;
-	if (num == 0)
+	if (num <= 0)
 		return num;
 	b = bio->ptr;
 	assert(b != NULL);
@@ -509,6 +525,11 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
 		ret = 1;
 		break;

+	case BIO_C_NREAD0:
+		/* prepare for non-copying read */
+		ret = (long) bio_nread0(bio, ptr);
+		break;
+		
 	case BIO_C_NREAD:
 		/* non-copying read */
 		ret = (long) bio_nread(bio, ptr, (size_t) num);
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -57,8 +57,8 @@
 	Why BIO_s_log?

 	BIO_s_log is useful for system daemons (or services under NT).
-	It is one-way BIO, it sends all stuff to syslogd (or event log
-	under NT).
+	It is one-way BIO, it sends all stuff to syslogd (on system that
+	commonly use that), or event log (on NT), or OPCOM (on OpenVMS).

 */

@@ -66,29 +66,58 @@
 #include <stdio.h>
 #include <errno.h>

-#ifndef WIN32
-#ifdef __ultrix
-#include <sys/syslog.h>
-#else
-#include <syslog.h>
-#endif
-#else
-#include <process.h>
+#if defined(WIN32)
+#  include <process.h>
+#elif defined(VMS) || defined(__VMS)
+#  include <opcdef.h>
+#  include <descrip.h>
+#  include <lib$routines.h>
+#  include <starlet.h>
+#elif defined(__ultrix)
+#  include <sys/syslog.h>
+#elif !defined(MSDOS) /* Unix */
+#  include <syslog.h>
 #endif

 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/err.h>
+
 #ifndef NO_SYSLOG

+#if defined(WIN32)
+#define LOG_EMERG	0
+#define LOG_ALERT	1
+#define LOG_CRIT	2
+#define LOG_ERR		3
+#define LOG_WARNING	4
+#define LOG_NOTICE	5
+#define LOG_INFO	6
+#define LOG_DEBUG	7
+
+#define LOG_DAEMON	(3<<3)
+#elif defined(VMS)
+/* On VMS, we don't really care about these, but we need them to compile */
+#define LOG_EMERG	0
+#define LOG_ALERT	1
+#define LOG_CRIT	2
+#define LOG_ERR		3
+#define LOG_WARNING	4
+#define LOG_NOTICE	5
+#define LOG_INFO	6
+#define LOG_DEBUG	7
+
+#define LOG_DAEMON	OPC$M_NM_NTWORK
+#endif

 static int MS_CALLBACK slg_write(BIO *h,char *buf,int num);
 static int MS_CALLBACK slg_puts(BIO *h,char *str);
 static long MS_CALLBACK slg_ctrl(BIO *h,int cmd,long arg1,char *arg2);
 static int MS_CALLBACK slg_new(BIO *h);
 static int MS_CALLBACK slg_free(BIO *data);
-static int xopenlog(BIO* bp, const char* name, int level);
-static int xcloselog(BIO* bp);
+static void xopenlog(BIO* bp, const char* name, int level);
+static void xsyslog(BIO* bp, int priority, const char* string);
+static void xcloselog(BIO* bp);

 static BIO_METHOD methods_slg=
 	{
@@ -113,11 +142,7 @@ static int MS_CALLBACK slg_new(BIO *bi)
 	bi->init=1;
 	bi->num=0;
 	bi->ptr=NULL;
-#ifndef WIN32
 	xopenlog(bi, "application", LOG_DAEMON);
-#else
-	xopenlog(bi, "application", 0);
-#endif
 	return(1);
 	}

@@ -133,43 +158,14 @@ static int MS_CALLBACK slg_write(BIO *b, char *in, int inl)
 	int ret= inl;
 	char* buf= in;
 	char* pp;
-#if defined(WIN32)
-	LPCSTR lpszStrings[2];
-	WORD evtype= EVENTLOG_ERROR_TYPE;
-	int pid = _getpid();
-	char pidbuf[20];
-#else
 	int priority;
-#endif

 	if((buf= (char *)Malloc(inl+ 1)) == NULL){
 		return(0);
 	}
 	strncpy(buf, in, inl);
 	buf[inl]= '\0';
-#if defined(WIN32)
-	if(strncmp(buf, "ERR ", 4) == 0){
-		evtype= EVENTLOG_ERROR_TYPE;
-		pp= buf+ 4;
-	}else if(strncmp(buf, "WAR ", 4) == 0){
-		evtype= EVENTLOG_WARNING_TYPE;
-		pp= buf+ 4;
-	}else if(strncmp(buf, "INF ", 4) == 0){
-		evtype= EVENTLOG_INFORMATION_TYPE;
-		pp= buf+ 4;
-	}else{
-		evtype= EVENTLOG_ERROR_TYPE;
-		pp= buf;
-	}

-	sprintf(pidbuf, "[%d] ", pid);
-	lpszStrings[0] = pidbuf;
-	lpszStrings[1] = pp;
-
-	if(b->ptr)
-		ReportEvent(b->ptr, evtype, 0, 1024, NULL, 2, 0,
-				lpszStrings, NULL);
-#else
 	if(strncmp(buf, "ERR ", 4) == 0){
 		priority= LOG_ERR;
 		pp= buf+ 4;
@@ -184,8 +180,8 @@ static int MS_CALLBACK slg_write(BIO *b, char *in, int inl)
 		pp= buf;
 	}

-	syslog(priority, "%s", pp);
-#endif
+	xsyslog(b, priority, pp);
+
 	Free(buf);
 	return(ret);
 	}
@@ -213,28 +209,128 @@ static int MS_CALLBACK slg_puts(BIO *bp, char *str)
 	return(ret);
 	}

-static int xopenlog(BIO* bp, const char* name, int level)
-{
 #if defined(WIN32)
-	if((bp->ptr= (char *)RegisterEventSource(NULL, name)) == NULL){
-		return(0);
-	}
-#else
-	openlog(name, LOG_PID|LOG_CONS, level);
-#endif
-	return(1);
+
+static void xopenlog(BIO* bp, const char* name, int level)
+{
+	bp->ptr= (char *)RegisterEventSource(NULL, name);
 }

-static int xcloselog(BIO* bp)
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+	LPCSTR lpszStrings[2];
+	WORD evtype= EVENTLOG_ERROR_TYPE;
+	int pid = _getpid();
+	char pidbuf[20];
+
+	switch (priority)
+		{
+	case LOG_ERR:
+		evtype = EVENTLOG_ERROR_TYPE;
+		break;
+	case LOG_WARNING:
+		evtype = EVENTLOG_WARNING_TYPE;
+		break;
+	case LOG_INFO:
+		evtype = EVENTLOG_INFORMATION_TYPE;
+		break;
+	default:
+		evtype = EVENTLOG_ERROR_TYPE;
+		break;
+		}
+
+	sprintf(pidbuf, "[%d] ", pid);
+	lpszStrings[0] = pidbuf;
+	lpszStrings[1] = string;
+
+	if(bp->ptr)
+		ReportEvent(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
+				lpszStrings, NULL);
+}
+	
+static void xcloselog(BIO* bp)
 {
-#if defined(WIN32)
 	if(bp->ptr)
 		DeregisterEventSource((HANDLE)(bp->ptr));
 	bp->ptr= NULL;
-#else
-	closelog();
-#endif
-	return(1);
 }

-#endif
+#elif defined(VMS)
+
+static int VMS_OPC_target = LOG_DAEMON;
+
+static void xopenlog(BIO* bp, const char* name, int level)
+{
+	VMS_OPC_target = level; 
+}
+
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+	struct dsc$descriptor_s opc_dsc;
+	struct opcdef *opcdef_p;
+	char buf[10240];
+	unsigned int len;
+        struct dsc$descriptor_s buf_dsc;
+	$DESCRIPTOR(fao_cmd, "!AZ: !AZ");
+	char *priority_tag;
+
+	switch (priority)
+	  {
+	  case LOG_EMERG: priority_tag = "Emergency"; break;
+	  case LOG_ALERT: priority_tag = "Alert"; break;
+	  case LOG_CRIT: priority_tag = "Critical"; break;
+	  case LOG_ERR: priority_tag = "Error"; break;
+	  case LOG_WARNING: priority_tag = "Warning"; break;
+	  case LOG_NOTICE: priority_tag = "Notice"; break;
+	  case LOG_INFO: priority_tag = "Info"; break;
+	  case LOG_DEBUG: priority_tag = "DEBUG"; break;
+	  }
+
+	buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+	buf_dsc.dsc$b_class = DSC$K_CLASS_S;
+	buf_dsc.dsc$a_pointer = buf;
+	buf_dsc.dsc$w_length = sizeof(buf) - 1;
+
+	lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
+
+	/* we know there's an 8 byte header.  That's documented */
+	opcdef_p = (struct opcdef *) Malloc(8 + len);
+	opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
+	memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
+	opcdef_p->opc$l_ms_rqstid = 0;
+	memcpy(&opcdef_p->opc$l_ms_text, buf, len);
+
+	opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+	opc_dsc.dsc$b_class = DSC$K_CLASS_S;
+	opc_dsc.dsc$a_pointer = (char *)opcdef_p;
+	opc_dsc.dsc$w_length = len + 8;
+
+	sys$sndopr(opc_dsc, 0);
+
+	Free(opcdef_p);
+}
+
+static void xcloselog(BIO* bp)
+{
+}
+
+#else /* Unix */
+
+static void xopenlog(BIO* bp, const char* name, int level)
+{
+	openlog(name, LOG_PID|LOG_CONS, level);
+}
+
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+	syslog(priority, "%s", string);
+}
+
+static void xcloselog(BIO* bp)
+{
+	closelog();
+}
+
+#endif /* Unix */
+
+#endif /* NO_SYSLOG */
--- a/crypto/bn/Makefile.ssl
+++ b/crypto/bn/Makefile.ssl
@@ -5,6 +5,7 @@
 DIR=	bn
 TOP=	../..
 CC=	cc
+CPP=    $(CC) -E
 INCLUDES= -I.. -I../../include
 CFLAG=-g
 INSTALL_PREFIX=
@@ -72,10 +73,10 @@ lib:	$(LIBOBJ)

 # elf
 asm/bn86-elf.o: asm/bn86unix.cpp
-	$(CPP) -DELF asm/bn86unix.cpp | as -o asm/bn86-elf.o
+	$(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o

 asm/co86-elf.o: asm/co86unix.cpp
-	$(CPP) -DELF asm/co86unix.cpp | as -o asm/co86-elf.o
+	$(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o

 # solaris
 asm/bn86-sol.o: asm/bn86unix.cpp
@@ -102,10 +103,10 @@ asm/bn86bsdi.o: asm/bn86unix.cpp
 asm/co86bsdi.o: asm/co86unix.cpp
 	$(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o

-asm/bn86unix.cpp: asm/bn-586.pl
+asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )

-asm/co86unix.cpp: asm/co-586.pl
+asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )

 asm/sparcv8.o: asm/sparcv8.S
--- a/crypto/bn/asm/bn-win32.asm
+++ b/crypto/bn/asm/bn-win32.asm
--- a/crypto/bn/asm/x86w16.asm
+++ b/crypto/bn/asm/x86w16.asm
@@ -1,297 +0,0 @@
-;	Static Name Aliases
-;
-	TITLE   bn_mulw.c
-	.8087
-F_TEXT	SEGMENT  WORD PUBLIC 'CODE'
-F_TEXT	ENDS
-_DATA	SEGMENT  WORD PUBLIC 'DATA'
-_DATA	ENDS
-_CONST	SEGMENT  WORD PUBLIC 'CONST'
-_CONST	ENDS
-_BSS	SEGMENT  WORD PUBLIC 'BSS'
-_BSS	ENDS
-DGROUP	GROUP	_CONST, _BSS, _DATA
-	ASSUME DS: DGROUP, SS: DGROUP
-F_TEXT      SEGMENT
-	ASSUME	CS: F_TEXT
-	PUBLIC	_bn_mul_add_words
-_bn_mul_add_words	PROC FAR
-; Line 58
-	push	bp
-	push	bx
-	push	si
-	push	di
-	push	ds
-	push	es
-	mov	bp,sp
-;	w = 26
-;	num = 24
-;	ap = 20
-;	rp = 16
-	xor	si,si			;c=0;
-	mov	di,WORD PTR [bp+16]	; load r
-	mov	ds,WORD PTR [bp+18]	; load r
-	mov	bx,WORD PTR [bp+20]	; load a
-	mov	es,WORD PTR [bp+22]	; load a
-	mov	cx,WORD PTR [bp+26]	; load w
-	mov	bp,WORD PTR [bp+24]	; load num
-
-	shr	bp,1	; div count by 4 and do groups of 4
-	shr	bp,1
-	je	$L555
-
-$L546:
-	mov	ax,cx
-	mul	WORD PTR es:[bx]	; w* *a
-	add	ax,WORD PTR ds:[di]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di],ax
-	mov	si,dx
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+2]	; w* *a
-	add	ax,WORD PTR ds:[di+2]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+2],ax
-	mov	si,dx
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+4]	; w* *a
-	add	ax,WORD PTR ds:[di+4]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+4],ax
-	mov	si,dx
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+6]	; w* *a
-	add	ax,WORD PTR ds:[di+6]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+6],ax
-	mov	si,dx
-	;
-	add	bx,8
-	add	di,8
-	;
-	dec	bp
-	je	$L555
-	jmp	$L546
-;
-;
-$L555:
-	mov	bp,sp
-	mov	bp,WORD PTR [bp+24]	; load num
-	and	bp,3
-	dec	bp
-	js	$L547
-
-	mov	ax,cx
-	mul	WORD PTR es:[bx]	; w* *a
-	add	ax,WORD PTR ds:[di]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di],ax
-	mov	si,dx
-	dec	bp
-	js	$L547			; Note that we are now testing for -1
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+2]	; w* *a
-	add	ax,WORD PTR ds:[di+2]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+2],ax
-	mov	si,dx
-	dec	bp
-	js	$L547
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+4]	; w* *a
-	add	ax,WORD PTR ds:[di+4]	; + *r
-	adc	dx,0
-	adc	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+4],ax
-	mov	si,dx
-$L547:
-	mov	ax,si
-	pop	es
-	pop	ds
-	pop	di
-	pop	si
-	pop	bx
-	pop	bp
-	ret	
-	nop	
-
-_bn_mul_add_words	ENDP
-	PUBLIC	_bn_mul_words
-_bn_mul_words	PROC FAR
-; Line 76
-	push	bp
-	push	bx
-	push	si
-	push	di
-	push	ds
-	push	es
-	xor	si,si
-	mov	bp,sp
-	mov	di,WORD PTR [bp+16]	; r
-	mov	ds,WORD PTR [bp+18]
-	mov	bx,WORD PTR [bp+20]	; a
-	mov	es,WORD PTR [bp+22]
-	mov	cx,WORD PTR [bp+26]	; w
-	mov	bp,WORD PTR [bp+24]	; num 
-$FC743:
-	mov	ax,cx
-	mul	WORD PTR es:[bx]
-	add	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di],ax
-	mov	si,dx
-	dec	bp
-	je	$L764
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+2]
-	add	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+2],ax
-	mov	si,dx
-	dec	bp
-	je	$L764
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+4]
-	add	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+4],ax
-	mov	si,dx
-	dec	bp
-	je	$L764
-	;
-	mov	ax,cx
-	mul	WORD PTR es:[bx+6]
-	add	ax,si
-	adc	dx,0
-	mov	WORD PTR ds:[di+6],ax
-	mov	si,dx
-	dec	bp
-	je	$L764
-	;
-	add	bx,8
-	add	di,8
-	jmp	$FC743
-	nop
-$L764:
-	mov	ax,si
-	pop	es
-	pop	ds
-	pop	di
-	pop	si
-	pop	bx
-	pop	bp
-	ret	
-	nop	
-_bn_mul_words	ENDP
-	PUBLIC	_bn_sqr_words
-_bn_sqr_words	PROC FAR
-; Line 92
-	push	bp
-	push	bx
-	push	si
-	push	di
-	push	ds
-	push	es
-	mov	bp,sp
-	mov	si,WORD PTR [bp+16]
-	mov	ds,WORD PTR [bp+18]
-	mov	di,WORD PTR [bp+20]
-	mov	es,WORD PTR [bp+22]
-	mov	bx,WORD PTR [bp+24]
-
-	mov	bp,bx	; save a memory lookup later
-	shr	bx,1	; div count by 4 and do groups of 4
-	shr	bx,1
-	je	$L666
-
-$L765:
-	mov	ax,WORD PTR es:[di]
-	mul	ax
-	mov	WORD PTR ds:[si],ax
-	mov	WORD PTR ds:[si+2],dx
-	;
-	mov	ax,WORD PTR es:[di+2]
-	mul	ax
-	mov	WORD PTR ds:[si+4],ax
-	mov	WORD PTR ds:[si+6],dx
-	;
-	mov	ax,WORD PTR es:[di+4]
-	mul	ax
-	mov	WORD PTR ds:[si+8],ax
-	mov	WORD PTR ds:[si+10],dx
-	;
-	mov	ax,WORD PTR es:[di+6]
-	mul	ax
-	mov	WORD PTR ds:[si+12],ax
-	mov	WORD PTR ds:[si+14],dx
-	;
-	add	di,8
-	add	si,16
-	dec	bx
-	je	$L666
-	jmp	$L765
-$L666:
-	and	bp,3
-	dec	bp	; The copied value of bx (num)
-	js	$L645
-	;
-	mov	ax,WORD PTR es:[di]
-	mul	ax
-	mov	WORD PTR ds:[si],ax
-	mov	WORD PTR ds:[si+2],dx
-	dec	bp
-	js	$L645
-	;
-	mov	ax,WORD PTR es:[di+2]
-	mul	ax
-	mov	WORD PTR ds:[si+4],ax
-	mov	WORD PTR ds:[si+6],dx
-	dec	bp
-	js	$L645
-	;
-	mov	ax,WORD PTR es:[di+4]
-	mul	ax
-	mov	WORD PTR ds:[si+8],ax
-	mov	WORD PTR ds:[si+10],dx
-$L645:
-	pop	es
-	pop	ds
-	pop	di
-	pop	si
-	pop	bx
-	pop	bp
-	ret	
-
-_bn_sqr_words	ENDP
-	PUBLIC	_bn_div64
-_bn_div64	PROC FAR
-	push	bp
-	mov	bp,sp
-	mov	dx, WORD PTR [bp+6]
-	mov	ax, WORD PTR [bp+8]
-	div	WORD PTR [bp+10]
-	pop	bp
-	ret	
-_bn_div64	ENDP
-F_TEXT	ENDS
-END
--- a/crypto/bn/asm/x86w32.asm
+++ b/crypto/bn/asm/x86w32.asm
@@ -1,360 +0,0 @@
-;	Static Name Aliases
-;
-	TITLE   bn_mulw.c
-	.386
-F_TEXT	SEGMENT  WORD USE16 PUBLIC 'CODE'
-F_TEXT	ENDS
-_DATA	SEGMENT  WORD USE16 PUBLIC 'DATA'
-_DATA	ENDS
-_CONST	SEGMENT  WORD USE16 PUBLIC 'CONST'
-_CONST	ENDS
-_BSS	SEGMENT  WORD USE16 PUBLIC 'BSS'
-_BSS	ENDS
-DGROUP	GROUP	_CONST, _BSS, _DATA
-	ASSUME DS: DGROUP, SS: DGROUP
-F_TEXT      SEGMENT
-	ASSUME	CS: F_TEXT
-	PUBLIC	_bn_mul_add_words
-_bn_mul_add_words	PROC FAR
-; Line 58
-	push	bp
-	push	bx
-	push	esi
-	push	di
-	push	ds
-	push	es
-	mov	bp,sp
-;	w = 28
-;	num = 26
-;	ap = 22
-;	rp = 18
-	xor	esi,esi			;c=0;
-	mov	di,WORD PTR [bp+18]	; load r
-	mov	ds,WORD PTR [bp+20]	; load r
-	mov	bx,WORD PTR [bp+22]	; load a
-	mov	es,WORD PTR [bp+24]	; load a
-	mov	ecx,DWORD PTR [bp+28]	; load w
-	mov	bp,WORD PTR [bp+26]	; load num
-	shr	bp,1	; div count by 4 and do groups of 4
-	shr	bp,1
-	je	$L555
-
-$L546:
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx]	; w* *a
-	add	eax,DWORD PTR ds:[di]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di],eax
-	mov	esi,edx
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+4]	; w* *a
-	add	eax,DWORD PTR ds:[di+4]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+4],eax
-	mov	esi,edx
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+8]	; w* *a
-	add	eax,DWORD PTR ds:[di+8]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+8],eax
-	mov	esi,edx
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+12]	; w* *a
-	add	eax,DWORD PTR ds:[di+12]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+12],eax
-	mov	esi,edx
-	;
-	add	bx,16
-	add	di,16
-	;
-	dec	bp
-	je	$L555
-	jmp	$L546
-;
-;
-$L555:
-	mov	bp,sp
-	mov	bp,WORD PTR [bp+26]	; load num
-	and	bp,3
-	dec	bp
-	js	$L547m
-
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx]	; w* *a
-	add	eax,DWORD PTR ds:[di]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di],eax
-	mov	esi,edx
-	dec	bp
-	js	$L547m			; Note that we are now testing for -1
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+4]	; w* *a
-	add	eax,DWORD PTR ds:[di+4]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+4],eax
-	mov	esi,edx
-	dec	bp
-	js	$L547m
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+8]	; w* *a
-	add	eax,DWORD PTR ds:[di+8]	; + *r
-	adc	edx,0
-	adc	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+8],eax
-	mov	esi,edx
-$L547m:
-	mov	eax,esi
-	mov	edx,esi
-	shr	edx,16
-	pop	es
-	pop	ds
-	pop	di
-	pop	esi
-	pop	bx
-	pop	bp
-	ret	
-	nop	
-_bn_mul_add_words	ENDP
-
-	PUBLIC	_bn_mul_words
-_bn_mul_words	PROC FAR
-; Line 76
-	push	bp
-	push	bx
-	push	esi
-	push	di
-	push	ds
-	push	es
-	xor	esi,esi
-	mov	bp,sp
-	mov	di,WORD PTR [bp+18]	; r
-	mov	ds,WORD PTR [bp+20]
-	mov	bx,WORD PTR [bp+22]	; a
-	mov	es,WORD PTR [bp+24]
-	mov	ecx,DWORD PTR [bp+28]	; w
-	mov	bp,WORD PTR [bp+26]	; num 
-
-$FC743:
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx]
-	add	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di],eax
-	mov	esi,edx
-	dec	bp
-	je	$L764
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+4]
-	add	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+4],eax
-	mov	esi,edx
-	dec	bp
-	je	$L764
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+8]
-	add	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+8],eax
-	mov	esi,edx
-	dec	bp
-	je	$L764
-	;
-	mov	eax,ecx
-	mul	DWORD PTR es:[bx+12]
-	add	eax,esi
-	adc	edx,0
-	mov	DWORD PTR ds:[di+12],eax
-	mov	esi,edx
-	dec	bp
-	je	$L764
-	;
-	add	bx,16
-	add	di,16
-	jmp	$FC743
-	nop
-$L764:
-	mov	eax,esi
-	mov	edx,esi
-	shr	edx,16
-	pop	es
-	pop	ds
-	pop	di
-	pop	esi
-	pop	bx
-	pop	bp
-	ret	
-	nop	
-_bn_mul_words	ENDP
-	PUBLIC	_bn_sqr_words
-_bn_sqr_words	PROC FAR
-; Line 92
-	push	bp
-	push	bx
-	push	si
-	push	di
-	push	ds
-	push	es
-	mov	bp,sp
-	mov	si,WORD PTR [bp+16]
-	mov	ds,WORD PTR [bp+18]
-	mov	di,WORD PTR [bp+20]
-	mov	es,WORD PTR [bp+22]
-	mov	bx,WORD PTR [bp+24]
-
-	mov	bp,bx	; save a memory lookup later
-	shr	bx,1	; div count by 4 and do groups of 4
-	shr	bx,1
-	je	$L666
-
-$L765:
-	mov	eax,DWORD PTR es:[di]
-	mul	eax
-	mov	DWORD PTR ds:[si],eax
-	mov	DWORD PTR ds:[si+4],edx
-	;
-	mov	eax,DWORD PTR es:[di+4]
-	mul	eax
-	mov	DWORD PTR ds:[si+8],eax
-	mov	DWORD PTR ds:[si+12],edx
-	;
-	mov	eax,DWORD PTR es:[di+8]
-	mul	eax
-	mov	DWORD PTR ds:[si+16],eax
-	mov	DWORD PTR ds:[si+20],edx
-	;
-	mov	eax,DWORD PTR es:[di+12]
-	mul	eax
-	mov	DWORD PTR ds:[si+24],eax
-	mov	DWORD PTR ds:[si+28],edx
-	;
-	add	di,16
-	add	si,32
-	dec	bx
-	je	$L666
-	jmp	$L765
-$L666:
-	and	bp,3
-	dec	bp	; The copied value of bx (num)
-	js	$L645
-	;
-	mov	eax,DWORD PTR es:[di]
-	mul	eax
-	mov	DWORD PTR ds:[si],eax
-	mov	DWORD PTR ds:[si+4],edx
-	dec	bp
-	js	$L645
-	;
-	mov	eax,DWORD PTR es:[di+4]
-	mul	eax
-	mov	DWORD PTR ds:[si+8],eax
-	mov	DWORD PTR ds:[si+12],edx
-	dec	bp
-	js	$L645
-	;
-	mov	eax,DWORD PTR es:[di+8]
-	mul	eax
-	mov	DWORD PTR ds:[si+16],eax
-	mov	DWORD PTR ds:[si+20],edx
-$L645:
-	pop	es
-	pop	ds
-	pop	di
-	pop	si
-	pop	bx
-	pop	bp
-	ret	
-_bn_sqr_words	ENDP
-
-	PUBLIC	_bn_div64
-_bn_div64	PROC FAR
-	push	bp
-	mov	bp,sp
-	mov	edx, DWORD PTR [bp+6]
-	mov	eax, DWORD PTR [bp+10]
-	div	DWORD PTR [bp+14]
-	mov	edx,eax
-	shr	edx,16
-	pop	bp
-	ret	
-_bn_div64	ENDP
-
-	PUBLIC	_bn_add_words
-_bn_add_words	PROC FAR
-; Line 58
-	push	bp
-	push	bx
-	push	esi
-	push	di
-	push	ds
-	push	es
-	mov	bp,sp
-;	w = 28
-;	num = 26
-;	ap = 22
-;	rp = 18
-	xor	esi,esi			;c=0;
-	mov	bx,WORD PTR [bp+18]	; load low r
-	mov	si,WORD PTR [bp+22]	; load a
-	mov	es,WORD PTR [bp+24]	; load a
-	mov	di,WORD PTR [bp+26]	; load b
-	mov	ds,WORD PTR [bp+28]	; load b
-
-	mov	dx,WORD PTR [bp+30]	; load num
-	xor	ecx,ecx
-	dec	dx
-	js	$L547a
-
-$L5477:
-	mov	eax,DWORD PTR es:[si]	; *a
-	add	eax,ecx
-	mov	ecx,0
-	adc	ecx,0
-	add	si,4			; a++
-	add	eax,DWORD PTR ds:[di]	; + *b
-	adc	ecx,0
-	mov	ds,WORD PTR [bp+20]
-	add	di,4
-	mov	DWORD PTR ds:[bx],eax
-	mov	ds,WORD PTR [bp+28]
-	add	bx,4
-	dec	dx
-	js	$L547a			; Note that we are now testing for -1
-	jmp	$L5477
-	;
-$L547a:
-	mov	eax,ecx
-	mov	edx,ecx
-	shr	edx,16
-	pop	es
-	pop	ds
-	pop	di
-	pop	esi
-	pop	bx
-	pop	bp
-	ret	
-	nop	
-_bn_add_words	ENDP
-F_TEXT	ENDS
-END
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -89,7 +89,7 @@ extern "C" {
 * For machines with only one compiler (or shared libraries), this should
 * be on.  Again this in only really a problem on machines
 * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
+#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux)
 #define BN_DIV2W
 #endif

--- a/crypto/bn/bn_asm.c
+++ b/crypto/bn/bn_asm.c
@@ -195,7 +195,7 @@ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)

 void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
        {
-	assert(num >= 0);
+	assert(n >= 0);
 	if (n <= 0) return;
 	for (;;)
 		{
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -73,6 +73,7 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
 			  BN_MONT_CTX *mont, BN_CTX *ctx)
 	{
 	BIGNUM *tmp,*tmp2;
+	int ret=0;

 	BN_CTX_start(ctx);
 	tmp = BN_CTX_get(ctx);
@@ -101,10 +102,10 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
 		}
 	/* reduce from aRR to aR */
 	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	BN_CTX_end(ctx);
-	return(1);
+	ret=1;
 err:
-	return(0);
+	BN_CTX_end(ctx);
+	return(ret);
 	}

 int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont,
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -61,6 +61,9 @@
 #include "bn_lcl.h"

 #ifdef BN_RECURSION
+/* Karatsuba recursive multiplication algorithm
+ * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
+
 /* r is 2*n2 words in size,
 * a and b are both n2 words in size.
 * n2 must be a power of 2.
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -326,7 +326,7 @@ void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n)
 	int i;
 	fprintf(o, "%s=", a);
 	for (i=n-1;i>=0;i--)
-		fprintf(o, "%08lX", b[i]);
+		fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */
 	fprintf(o, "\n");
 	}
 #endif
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -234,7 +234,8 @@ int main(int argc, char *argv[])
 /**/
 	exit(0);
 err:
-	BIO_puts(out,"1\n"); /* make sure bc fails if we are piping to it */
+	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
+	                      * the failure, see test_bn in test/Makefile.ssl*/
 	BIO_flush(out);
 	ERR_load_crypto_strings();
 	ERR_print_errors_fp(stderr);
@@ -506,7 +507,7 @@ int test_mul(BIO *bp)

 	for (i=0; i<num0+num1; i++)
 		{
-		if (i < num1)
+		if (i <= num1)
 			{
 			BN_rand(&a,100,0,0);
 			BN_rand(&b,100,0,0);
--- a/crypto/bn/divtest.c
+++ b/crypto/bn/divtest.c
@@ -1,13 +1,14 @@
 #include <openssl/bn.h>
+#include <openssl/rand.h>

-int rand(n)
+static int rand(n)
 {
    unsigned char x[2];
-    RAND_pseudo_bytes(&x,2);
+    RAND_pseudo_bytes(x,2);
    return (x[0] + 2*x[1]);
 }

-void bug(char *m, BIGNUM *a, BIGNUM *b)
+static void bug(char *m, BIGNUM *a, BIGNUM *b)
 {
    printf("%s!\na=",m);
    BN_print_fp(stdout, a);
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/cast/Makefile.ssl
+++ b/crypto/cast/Makefile.ssl
@@ -52,7 +52,7 @@ lib:	$(LIBOBJ)

 # elf
 asm/cx86-elf.o: asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+	$(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o

 # solaris
 asm/cx86-sol.o: asm/cx86unix.cpp
@@ -68,7 +68,7 @@ asm/cx86-out.o: asm/cx86unix.cpp
 asm/cx86bsdi.o: asm/cx86unix.cpp
 	$(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o

-asm/cx86unix.cpp: asm/cast-586.pl
+asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
 	(cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)

 files:
--- a/crypto/cast/Makefile.uni
+++ b/crypto/cast/Makefile.uni
@@ -1,124 +0,0 @@
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# There are 3 possible performance options, experiment :-)
-#OPTS= -DBF_PTR
-#OPTS= -DBF_PTR2
-OPTS=
-
-DIR=    cast
-TOP=    .
-CC=     gcc
-CFLAG=	-O3 -fomit-frame-pointer
-
-CPP=    $(CC) -E
-INCLUDES=
-INSTALLTOP=/usr/local/lib
-MAKE=           make
-MAKEDEPEND=     makedepend
-MAKEFILE=       Makefile.uni
-AR=             ar r
-RANLIB=         ranlib
-
-CAST_ENC=c_enc.o
-# or use
-#CAST_ENC=asm/cx86-elf.o
-#CAST_ENC=asm/cx86-out.o
-#CAST_ENC=asm/cx86-sol.o
-#CAST_ENC=asm/cx86bdsi.o
-
-CFLAGS= $(OPTS) $(INCLUDES) $(CFLAG) -DFULL_TEST
-
-GENERAL=Makefile
-TEST=casttest
-APP1=cast_spd
-APP2=castopts
-APPS=$(APP1) $(APP2)
-
-LIB=libcast.a
-LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
-LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
-
-SRC= $(LIBSRC)
-
-EXHEADER= cast.h
-HEADER= cast_lcl.h $(EXHEADER)
-
-ALL=    $(GENERAL) $(SRC) $(HEADER)
-
-all:    $(LIB) $(TEST) $(APPS)
-
-$(LIB):    $(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
-	$(RANLIB) $(LIB)
-# elf
-asm/cx86-elf.o: asm/cx86unix.cpp
-	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
-
-# solaris
-asm/cx86-sol.o: asm/cx86unix.cpp
-	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
-	as -o asm/cx86-sol.o asm/cx86-sol.s
-	rm -f asm/cx86-sol.s
-
-# a.out
-asm/cx86-out.o: asm/cx86unix.cpp
-	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
-
-# bsdi
-asm/cx86bsdi.o: asm/cx86unix.cpp
-	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
-
-asm/cx86unix.cpp:
-	(cd asm; perl cast-586.pl cpp >cx86unix.cpp)
-
-test:	$(TEST)
-	./$(TEST)
-
-$(TEST): $(TEST).c $(LIB)
-	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
-
-$(APP1): $(APP1).c $(LIB)
-	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
-
-$(APP2): $(APP2).c $(LIB)
-	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
-
-lint:
-	lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
-
-dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
-	mv -f Makefile.new $(MAKEFILE)
-
-clean:
-	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-cc:
-	$(MAKE) CC="cc" CFLAG="-O" all
-
-gcc:
-	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
-
-x86-elf:
-	$(MAKE) CAST_ENC="asm/cx86-elf.o" CFLAG="-DELF $(CFLAGS)" all
-
-x86-out:
-	$(MAKE) CAST_ENC="asm/cx86-out.o" CFLAG="-DOUT $(CFLAGS)" all
-
-x86-solaris:
-	$(MAKE) CAST_ENC="asm/cx86-sol.o" CFLAG="-DSOL $(CFLAGS)" all
-
-x86-bdsi:
-	$(MAKE) CAST_ENC="asm/cx86-bdsi.o" CFLAG="-DBDSI $(CFLAGS)" all
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/crypto/cast/asm/c-win32.asm
+++ b/crypto/cast/asm/c-win32.asm
@@ -1,953 +0,0 @@
-	; Don't even think of reading this code
-	; It was automatically generated by cast-586.pl
-	; Which is a perl program used to generate the x86 assember for
-	; any of elf, a.out, BSDI,Win32, or Solaris
-	; eric <eay@cryptsoft.com>
-	; 
-	TITLE	cast-586.asm
-        .486
-.model FLAT
-_TEXT	SEGMENT
-PUBLIC	_CAST_encrypt
-EXTERN	_CAST_S_table0:DWORD
-EXTERN	_CAST_S_table1:DWORD
-EXTERN	_CAST_S_table2:DWORD
-EXTERN	_CAST_S_table3:DWORD
-
-_CAST_encrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	mov	ebx,		DWORD PTR 12[esp]
-	mov	ebp,		DWORD PTR 16[esp]
-	push	esi
-	push	edi
-	; Load the 2 words
-	mov	edi,		DWORD PTR [ebx]
-	mov	esi,		DWORD PTR 4[ebx]
-	; Get short key flag
-	mov	eax,		DWORD PTR 128[ebp]
-	push	eax
-	xor	eax,		eax
-	; round 0
-	mov	edx,		DWORD PTR [ebp]
-	mov	ecx,		DWORD PTR 4[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 1
-	mov	edx,		DWORD PTR 8[ebp]
-	mov	ecx,		DWORD PTR 12[ebp]
-	xor	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	esi,		ecx
-	; round 2
-	mov	edx,		DWORD PTR 16[ebp]
-	mov	ecx,		DWORD PTR 20[ebp]
-	sub	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	edi,		ecx
-	; round 3
-	mov	edx,		DWORD PTR 24[ebp]
-	mov	ecx,		DWORD PTR 28[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-	; round 4
-	mov	edx,		DWORD PTR 32[ebp]
-	mov	ecx,		DWORD PTR 36[ebp]
-	xor	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	edi,		ecx
-	; round 5
-	mov	edx,		DWORD PTR 40[ebp]
-	mov	ecx,		DWORD PTR 44[ebp]
-	sub	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	esi,		ecx
-	; round 6
-	mov	edx,		DWORD PTR 48[ebp]
-	mov	ecx,		DWORD PTR 52[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 7
-	mov	edx,		DWORD PTR 56[ebp]
-	mov	ecx,		DWORD PTR 60[ebp]
-	xor	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	esi,		ecx
-	; round 8
-	mov	edx,		DWORD PTR 64[ebp]
-	mov	ecx,		DWORD PTR 68[ebp]
-	sub	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	edi,		ecx
-	; round 9
-	mov	edx,		DWORD PTR 72[ebp]
-	mov	ecx,		DWORD PTR 76[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-	; round 10
-	mov	edx,		DWORD PTR 80[ebp]
-	mov	ecx,		DWORD PTR 84[ebp]
-	xor	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	edi,		ecx
-	; round 11
-	mov	edx,		DWORD PTR 88[ebp]
-	mov	ecx,		DWORD PTR 92[ebp]
-	sub	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	esi,		ecx
-	; test short key flag
-	pop	edx
-	or	edx,		edx
-	jnz	$L000cast_enc_done
-	; round 12
-	mov	edx,		DWORD PTR 96[ebp]
-	mov	ecx,		DWORD PTR 100[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 13
-	mov	edx,		DWORD PTR 104[ebp]
-	mov	ecx,		DWORD PTR 108[ebp]
-	xor	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	esi,		ecx
-	; round 14
-	mov	edx,		DWORD PTR 112[ebp]
-	mov	ecx,		DWORD PTR 116[ebp]
-	sub	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	edi,		ecx
-	; round 15
-	mov	edx,		DWORD PTR 120[ebp]
-	mov	ecx,		DWORD PTR 124[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-$L000cast_enc_done:
-	nop
-	mov	eax,		DWORD PTR 20[esp]
-	mov	DWORD PTR 4[eax],edi
-	mov	DWORD PTR [eax],esi
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_CAST_encrypt ENDP
-_TEXT	ENDS
-_TEXT	SEGMENT
-PUBLIC	_CAST_decrypt
-EXTERN	_CAST_S_table0:DWORD
-EXTERN	_CAST_S_table1:DWORD
-EXTERN	_CAST_S_table2:DWORD
-EXTERN	_CAST_S_table3:DWORD
-
-_CAST_decrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	mov	ebx,		DWORD PTR 12[esp]
-	mov	ebp,		DWORD PTR 16[esp]
-	push	esi
-	push	edi
-	; Load the 2 words
-	mov	edi,		DWORD PTR [ebx]
-	mov	esi,		DWORD PTR 4[ebx]
-	; Get short key flag
-	mov	eax,		DWORD PTR 128[ebp]
-	or	eax,		eax
-	jnz	$L001cast_dec_skip
-	xor	eax,		eax
-	; round 15
-	mov	edx,		DWORD PTR 120[ebp]
-	mov	ecx,		DWORD PTR 124[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 14
-	mov	edx,		DWORD PTR 112[ebp]
-	mov	ecx,		DWORD PTR 116[ebp]
-	sub	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	esi,		ecx
-	; round 13
-	mov	edx,		DWORD PTR 104[ebp]
-	mov	ecx,		DWORD PTR 108[ebp]
-	xor	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	edi,		ecx
-	; round 12
-	mov	edx,		DWORD PTR 96[ebp]
-	mov	ecx,		DWORD PTR 100[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-$L001cast_dec_skip:
-	; round 11
-	mov	edx,		DWORD PTR 88[ebp]
-	mov	ecx,		DWORD PTR 92[ebp]
-	sub	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	edi,		ecx
-	; round 10
-	mov	edx,		DWORD PTR 80[ebp]
-	mov	ecx,		DWORD PTR 84[ebp]
-	xor	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	esi,		ecx
-	; round 9
-	mov	edx,		DWORD PTR 72[ebp]
-	mov	ecx,		DWORD PTR 76[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 8
-	mov	edx,		DWORD PTR 64[ebp]
-	mov	ecx,		DWORD PTR 68[ebp]
-	sub	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	esi,		ecx
-	; round 7
-	mov	edx,		DWORD PTR 56[ebp]
-	mov	ecx,		DWORD PTR 60[ebp]
-	xor	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	edi,		ecx
-	; round 6
-	mov	edx,		DWORD PTR 48[ebp]
-	mov	ecx,		DWORD PTR 52[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-	; round 5
-	mov	edx,		DWORD PTR 40[ebp]
-	mov	ecx,		DWORD PTR 44[ebp]
-	sub	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	edi,		ecx
-	; round 4
-	mov	edx,		DWORD PTR 32[ebp]
-	mov	ecx,		DWORD PTR 36[ebp]
-	xor	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	esi,		ecx
-	; round 3
-	mov	edx,		DWORD PTR 24[ebp]
-	mov	ecx,		DWORD PTR 28[ebp]
-	add	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	edi,		ecx
-	; round 2
-	mov	edx,		DWORD PTR 16[ebp]
-	mov	ecx,		DWORD PTR 20[ebp]
-	sub	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	sub	ecx,		ebx
-	xor	esi,		ecx
-	; round 1
-	mov	edx,		DWORD PTR 8[ebp]
-	mov	ecx,		DWORD PTR 12[ebp]
-	xor	edx,		esi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	add	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	xor	ecx,		ebx
-	xor	edi,		ecx
-	; round 0
-	mov	edx,		DWORD PTR [ebp]
-	mov	ecx,		DWORD PTR 4[ebp]
-	add	edx,		edi
-	rol	edx,		cl
-	mov	ebx,		edx
-	xor	ecx,		ecx
-	mov	cl,		dh
-	and	ebx,		255
-	shr	edx,		16
-	xor	eax,		eax
-	mov	al,		dh
-	and	edx,		255
-	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
-	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
-	xor	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
-	sub	ecx,		ebx
-	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
-	add	ecx,		ebx
-	xor	esi,		ecx
-	nop
-	mov	eax,		DWORD PTR 20[esp]
-	mov	DWORD PTR 4[eax],edi
-	mov	DWORD PTR [eax],esi
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_CAST_decrypt ENDP
-_TEXT	ENDS
-_TEXT	SEGMENT
-PUBLIC	_CAST_cbc_encrypt
-
-_CAST_cbc_encrypt PROC NEAR
-	; 
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-	mov	ebp,		DWORD PTR 28[esp]
-	; getting iv ptr from parameter 4
-	mov	ebx,		DWORD PTR 36[esp]
-	mov	esi,		DWORD PTR [ebx]
-	mov	edi,		DWORD PTR 4[ebx]
-	push	edi
-	push	esi
-	push	edi
-	push	esi
-	mov	ebx,		esp
-	mov	esi,		DWORD PTR 36[esp]
-	mov	edi,		DWORD PTR 40[esp]
-	; getting encrypt flag from parameter 5
-	mov	ecx,		DWORD PTR 56[esp]
-	; get and push parameter 3
-	mov	eax,		DWORD PTR 48[esp]
-	push	eax
-	push	ebx
-	cmp	ecx,		0
-	jz	$L002decrypt
-	and	ebp,		4294967288
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	jz	$L003encrypt_finish
-L004encrypt_loop:
-	mov	ecx,		DWORD PTR [esi]
-	mov	edx,		DWORD PTR 4[esi]
-	xor	eax,		ecx
-	xor	ebx,		edx
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_CAST_encrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR [edi],eax
-	mov	DWORD PTR 4[edi],ebx
-	add	esi,		8
-	add	edi,		8
-	sub	ebp,		8
-	jnz	L004encrypt_loop
-$L003encrypt_finish:
-	mov	ebp,		DWORD PTR 52[esp]
-	and	ebp,		7
-	jz	$L005finish
-	xor	ecx,		ecx
-	xor	edx,		edx
-	mov	ebp,		DWORD PTR $L006cbc_enc_jmp_table[ebp*4]
-	jmp	 ebp
-L007ej7:
-	xor	edx,		edx
-	mov	dh,		BYTE PTR 6[esi]
-	shl	edx,		8
-L008ej6:
-	mov	dh,		BYTE PTR 5[esi]
-L009ej5:
-	mov	dl,		BYTE PTR 4[esi]
-L010ej4:
-	mov	ecx,		DWORD PTR [esi]
-	jmp	$L011ejend
-L012ej3:
-	mov	ch,		BYTE PTR 2[esi]
-	xor	ecx,		ecx
-	shl	ecx,		8
-L013ej2:
-	mov	ch,		BYTE PTR 1[esi]
-L014ej1:
-	mov	cl,		BYTE PTR [esi]
-$L011ejend:
-	xor	eax,		ecx
-	xor	ebx,		edx
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_CAST_encrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR [edi],eax
-	mov	DWORD PTR 4[edi],ebx
-	jmp	$L005finish
-$L002decrypt:
-	and	ebp,		4294967288
-	mov	eax,		DWORD PTR 16[esp]
-	mov	ebx,		DWORD PTR 20[esp]
-	jz	$L015decrypt_finish
-L016decrypt_loop:
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_CAST_decrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	ecx,		DWORD PTR 16[esp]
-	mov	edx,		DWORD PTR 20[esp]
-	xor	ecx,		eax
-	xor	edx,		ebx
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	mov	DWORD PTR [edi],ecx
-	mov	DWORD PTR 4[edi],edx
-	mov	DWORD PTR 16[esp],eax
-	mov	DWORD PTR 20[esp],ebx
-	add	esi,		8
-	add	edi,		8
-	sub	ebp,		8
-	jnz	L016decrypt_loop
-$L015decrypt_finish:
-	mov	ebp,		DWORD PTR 52[esp]
-	and	ebp,		7
-	jz	$L005finish
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-	bswap	eax
-	bswap	ebx
-	mov	DWORD PTR 8[esp],eax
-	mov	DWORD PTR 12[esp],ebx
-	call	_CAST_decrypt
-	mov	eax,		DWORD PTR 8[esp]
-	mov	ebx,		DWORD PTR 12[esp]
-	bswap	eax
-	bswap	ebx
-	mov	ecx,		DWORD PTR 16[esp]
-	mov	edx,		DWORD PTR 20[esp]
-	xor	ecx,		eax
-	xor	edx,		ebx
-	mov	eax,		DWORD PTR [esi]
-	mov	ebx,		DWORD PTR 4[esi]
-L017dj7:
-	ror	edx,		16
-	mov	BYTE PTR 6[edi],dl
-	shr	edx,		16
-L018dj6:
-	mov	BYTE PTR 5[edi],dh
-L019dj5:
-	mov	BYTE PTR 4[edi],dl
-L020dj4:
-	mov	DWORD PTR [edi],ecx
-	jmp	$L021djend
-L022dj3:
-	ror	ecx,		16
-	mov	BYTE PTR 2[edi],cl
-	shl	ecx,		16
-L023dj2:
-	mov	BYTE PTR 1[esi],ch
-L024dj1:
-	mov	BYTE PTR [esi],	cl
-$L021djend:
-	jmp	$L005finish
-$L005finish:
-	mov	ecx,		DWORD PTR 60[esp]
-	add	esp,		24
-	mov	DWORD PTR [ecx],eax
-	mov	DWORD PTR 4[ecx],ebx
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-$L006cbc_enc_jmp_table:
-	DD	0
-	DD	L014ej1
-	DD	L013ej2
-	DD	L012ej3
-	DD	L010ej4
-	DD	L009ej5
-	DD	L008ej6
-	DD	L007ej7
-L025cbc_dec_jmp_table:
-	DD	0
-	DD	L024dj1
-	DD	L023dj2
-	DD	L022dj3
-	DD	L020dj4
-	DD	L019dj5
-	DD	L018dj6
-	DD	L017dj7
-_CAST_cbc_encrypt ENDP
-_TEXT	ENDS
-END
--- a/crypto/comp/comp_err.c
+++ b/crypto/comp/comp_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -54,7 +54,8 @@
 */

 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */

 #include <stdio.h>
--- a/crypto/crypto-lib.com
+++ b/crypto/crypto-lib.com
@@ -186,7 +186,7 @@ $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
 	"enc_read,enc_writ,ofb64enc,"+ -
 	"ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
 	"des_enc,fcrypt_b,read2pwd,"+ -
-	"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp,ede_cbcm_enc"
+	"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,ede_cbcm_enc"
 $ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
 $ LIB_RC4 = "rc4_skey,rc4_enc"
 $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
@@ -208,7 +208,7 @@ $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
 	"bss_mem,bss_null,bss_fd,"+ -
 	"bss_file,bss_sock,bss_conn,"+ -
 	"bf_null,bf_buff,b_print,b_dump,"+ -
-	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio" ! + ",bss_log" for syslog
+	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log"
 $ LIB_STACK = "stack"
 $ LIB_LHASH = "lhash,lh_stats"
 $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd"
@@ -266,7 +266,7 @@ $!
 $! Setup exceptional compilations
 $!
 $ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ COMPILEWITH_CC4 = ",a_utctm,"
+$ COMPILEWITH_CC4 = ",a_utctm,bss_log,"
 $ COMPILEWITH_CC5 = ",md2_dgst,md5_dgst,mdc2dgst,sha_dgst,sha1dgst," + -
                    "rmd_dgst,bf_enc,"
 $!
@@ -1441,6 +1441,7 @@ $!
 $ IF P7 .NES. ""
 $ THEN
 $   ENCRYPT_TYPES = P7
+$! NYI:   ENCRYPT_PROGRAMS = P7
 $ ENDIF
 $!
 $!  Time To RETURN...
--- a/crypto/des/MODES.DES
+++ b/crypto/des/MODES.DES
@@ -1,84 +0,0 @@
-Modes of DES
-Quite a bit of the following information has been taken from
-	AS 2805.5.2
-	Australian Standard
-	Electronic funds transfer - Requirements for interfaces,
-	Part 5.2: Modes of operation for an n-bit block cipher algorithm
-	Appendix A
-
-There are several different modes in which DES can be used, they are
-as follows.
-
-Electronic Codebook Mode (ECB) (des_ecb_encrypt())
- 64 bits are enciphered at a time.
- The order of the blocks can be rearranged without detection.
- The same plaintext block always produces the same ciphertext block
-  (for the same key) making it vulnerable to a 'dictionary attack'.
- An error will only affect one ciphertext block.
-
-Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
- a multiple of 64 bits are enciphered at a time.
- The CBC mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
- The chaining operation makes the ciphertext blocks dependent on the
-  current and all preceding plaintext blocks and therefore blocks can not
-  be rearranged.
- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
- An error will affect the current and the following ciphertext blocks.
-
-Cipher Feedback Mode (CFB) (des_cfb_encrypt())
- a number of bits (j) <= 64 are enciphered at a time.
- The CFB mode produces the same ciphertext whenever the same
-  plaintext is encrypted using the same key and starting variable.
- The chaining operation makes the ciphertext variables dependent on the
-  current and all preceding variables and therefore j-bit variables are
-  chained together and con not be rearranged.
- The use of different starting variables prevents the same plaintext
-  enciphering to the same ciphertext.
- The strength of the CFB mode depends on the size of k (maximal if
-  j == k).  In my implementation this is always the case.
- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
- Only multiples of j bits can be enciphered.
- An error will affect the current and the following ciphertext variables.
-
-Output Feedback Mode (OFB) (des_ofb_encrypt())
- a number of bits (j) <= 64 are enciphered at a time.
- The OFB mode produces the same ciphertext whenever the same
-  plaintext enciphered using the same key and starting variable.  More
-  over, in the OFB mode the same key stream is produced when the same
-  key and start variable are used.  Consequently, for security reasons
-  a specific start variable should be used only once for a given key.
- The absence of chaining makes the OFB more vulnerable to specific attacks.
- The use of different start variables values prevents the same
-  plaintext enciphering to the same ciphertext, by producing different
-  key streams.
- Selection of a small value for j will require more cycles through
-  the encipherment algorithm per unit of plaintext and thus cause
-  greater processing overheads.
- Only multiples of j bits can be enciphered.
- OFB mode of operation does not extend ciphertext errors in the
-  resultant plaintext output.  Every bit error in the ciphertext causes
-  only one bit to be in error in the deciphered plaintext.
- OFB mode is not self-synchronising.  If the two operation of
-  encipherment and decipherment get out of synchronism, the system needs
-  to be re-initialised.
- Each re-initialisation should use a value of the start variable
-different from the start variable values used before with the same
-key.  The reason for this is that an identical bit stream would be
-produced each time from the same parameters.  This would be
-susceptible to a 'known plaintext' attack.
-
-Triple ECB Mode (des_ecb3_encrypt())
- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
- As for ECB encryption but increases the effective key length to 112 bits.
- If both keys are the same it is equivalent to encrypting once with
-  just one key.
-
-Triple CBC Mode (des_3cbc_encrypt())
- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
- As for CBC encryption but increases the effective key length to 112 bits.
- If both keys are the same it is equivalent to encrypting once with
-  just one key.
--- a/crypto/des/Makefile.PL
+++ b/crypto/des/Makefile.PL
@@ -1,14 +0,0 @@
-use ExtUtils::MakeMaker;
-# See lib/ExtUtils/MakeMaker.pm for details of how to influence
-# the contents of the Makefile being created.
-&writeMakefile(
-	'potential_libs' => '',   # e.g., '-lm' 
-	'INC' => '',     # e.g., '-I/usr/include/other' 
-	'DISTNAME' => 'DES',
-	'VERSION' => '0.1',
-	'DEFINE' => '-DPERL5',
-	'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
-	rand_key.o set_key.o str2key.o \
-	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
-	ecb3_enc.o ofb_enc.o cbc3_enc.o des_enc.o',
-	);
--- a/crypto/des/Makefile.lit
+++ b/crypto/des/Makefile.lit
@@ -1,250 +0,0 @@
-# You must select the correct terminal control system to be used to
-# turn character echo off when reading passwords.  There a 5 systems
-# SGTTY   - the old BSD system
-# TERMIO  - most system V boxes
-# TERMIOS - SGI (ala IRIX).
-# VMS     - the DEC operating system
-# MSDOS   - we all know what it is :-)
-# read_pwd.c makes a reasonable guess at what is correct.
-
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# If you are on a DEC Alpha, edit des.h and change the DES_LONG
-# define to 'unsigned int'.  I have seen this give a %20 speedup.
-
-OPTS0= -DLIBDES_LIT -DRAND -DTERMIO #-DNOCONST
-
-# Version 1.94 has changed the strings_to_key function so that it is
-# now compatible with MITs when the string is longer than 8 characters.
-# If you wish to keep the old version, uncomment the following line.
-# This will affect the -E/-D options on des(1).
-#OPTS1= -DOLD_STR_TO_KEY
-
-# There are 4 possible performance options
-# -DDES_PTR
-# -DDES_RISC1
-# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
-# -DDES_UNROLL
-# after the initial build, run 'des_opts' to see which options are best
-# for your platform.  There are some listed in options.txt
-#OPTS2= -DDES_PTR 
-#OPTS3= -DDES_RISC1 # or DES_RISC2
-#OPTS4= -DDES_UNROLL
-
-OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-
-# Assember version of des_encrypt*().
-DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
-	xcbc_enc.o qud_cksm.o \
-	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
-	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
-	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
-
-GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
-	des.doc options.txt asm
-GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
-	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
-	des.org des_locl.org
-TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	rpw $(TESTING_LIT)
-TESTING_SRC_LIT=destest.c speed.c des_opts.c
-TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
-HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
-HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
-LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
-	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
-	rand_key.c rpc_enc.c  str2key.c  supp.c \
-	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
-
-PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-OBJ=	$(OBJ_LIT)
-GENERAL=$(GENERAL_LIT)
-TESTING=$(TESTING_LIT)
-TESTING_SRC=$(TESTING_SRC_LIT)
-HEADERS=$(HEADERS_LIT)
-LIBDES=	$(LIBDES_LIT)
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
-
-DLIB=	libdes.a
-
-all: $(DLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
-
-asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
-
-# solaris
-asm/dx86-sol.o: asm/dx86unix.cpp
-	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
-	as -o asm/dx86-sol.o asm/dx86-sol.s
-	rm -f asm/dx86-sol.s
-
-asm/yx86-sol.o: asm/yx86unix.cpp
-	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
-	as -o asm/yx86-sol.o asm/yx86-sol.s
-	rm -f asm/yx86-sol.s
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp:
-	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp:
-	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
-
-test:	all
-	./destest
-
-$(DLIB): $(OBJ)
-	/bin/rm -f $(DLIB)
-	ar cr $(DLIB) $(OBJ)
-	-if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
-	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
-	else exit 0; fi; fi
-
-des_opts: des_opts.o $(DLIB)
-	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
-
-destest: destest.o $(DLIB)
-	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
-
-rpw: rpw.o $(DLIB)
-	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
-
-speed: speed.o $(DLIB)
-	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
-
-des: des.o $(DLIB)
-	$(CC) $(CFLAGS) -o des des.o $(DLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBDES)
-
-tar_lit:
-	/bin/mv Makefile Makefile.tmp
-	/bin/cp Makefile.lit Makefile
-	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
-		$(GENERAL_LIT) $(TESTING_SRC_LIT)
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-tar:
-	tar chf libdes.tar $(ALL)
-
-shar:
-	shar $(ALL) >libdes.shar
-
-depend:
-	makedepend $(LIBDES) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install:
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(DLIB) $(INSTALLTOP)/lib; \
-	    if test -s /bin/ranlib; then \
-	        /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
-	    else \
-		if test -s /usr/bin/ranlib; then \
-		/usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
-	    fi; fi; \
-	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
-	    cp des.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
-	    if test -s /bin/ranlib; then \
-	      /bin/ranlib $(LIBDIR)/$(DLIB); \
-	    else \
-	      if test -s /usr/bin/ranlib; then \
-		/usr/bin/ranlib $(LIBDIR)/$(DLIB); \
-	      fi; \
-	    fi; \
-	    chmod 644 $(LIBDIR)/$(DLIB); \
-	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    cp des.h $(INCDIR)/des.h; \
-	    chmod 644 $(INCDIR)/des.h; \
-	fi
-# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/crypto/des/Makefile.ssl
+++ b/crypto/des/Makefile.ssl
@@ -32,21 +32,21 @@ LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
 	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
 	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
 	des_enc.c fcrypt_b.c read2pwd.c \
-	fcrypt.c xcbc_enc.c \
-	str2key.c  cfb64ede.c ofb64ede.c supp.c ede_cbcm_enc.c
+	xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c

 LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
 	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
 	enc_read.o enc_writ.o ofb64enc.o \
 	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
 	${DES_ENC} read2pwd.o \
-	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o supp.o \
+	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o \
 	ede_cbcm_enc.o

 SRC= $(LIBSRC)

 EXHEADER= des.h
-HEADER=	des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h $(EXHEADER)
+HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)

 ALL=    $(GENERAL) $(SRC) $(HEADER)

@@ -65,10 +65,10 @@ des: des.o cbc3_enc.o lib

 # elf
 asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+	$(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o

 asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF asm/yx86unix.cpp | as -o asm/yx86-elf.o
+	$(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o

 # solaris
 asm/dx86-sol.o: asm/dx86unix.cpp
@@ -95,10 +95,10 @@ asm/dx86bsdi.o: asm/dx86unix.cpp
 asm/yx86bsdi.o: asm/yx86unix.cpp
 	$(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o

-asm/dx86unix.cpp: asm/des-586.pl
+asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
 	(cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)

-asm/yx86unix.cpp: asm/crypt586.pl
+asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)

 files:
@@ -172,10 +172,8 @@ enc_writ.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
 enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
 enc_writ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 enc_writ.o: ../cryptlib.h des_locl.h
-fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des.h
-fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/e_os2.h
-fcrypt.o: ../../include/openssl/opensslconf.h
-fcrypt.o: ../../include/openssl/opensslconf.h des_locl.h des_locl.h
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
+fcrypt.o: ../../include/openssl/opensslconf.h des_locl.h
 fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 fcrypt_b.o: ../../include/openssl/opensslconf.h des_locl.h
 ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
@@ -201,10 +199,8 @@ read_pwd.o: ../../include/openssl/stack.h ../cryptlib.h des_locl.h
 rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 rpc_enc.o: ../../include/openssl/opensslconf.h des_locl.h des_ver.h rpc_des.h
 set_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-set_key.o: ../../include/openssl/opensslconf.h des_locl.h podd.h sk.h
+set_key.o: ../../include/openssl/opensslconf.h des_locl.h
 str2key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 str2key.o: ../../include/openssl/opensslconf.h des_locl.h
-supp.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-supp.o: ../../include/openssl/opensslconf.h des_locl.h
 xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 xcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h
--- a/crypto/des/Makefile.uni
+++ b/crypto/des/Makefile.uni
@@ -1,251 +0,0 @@
-# You must select the correct terminal control system to be used to
-# turn character echo off when reading passwords.  There a 5 systems
-# SGTTY   - the old BSD system
-# TERMIO  - most system V boxes
-# TERMIOS - SGI (ala IRIX).
-# VMS     - the DEC operating system
-# MSDOS   - we all know what it is :-)
-# read_pwd.c makes a reasonable guess at what is correct.
-
-# Targets
-# make          - twidle the options yourself :-)
-# make cc       - standard cc options
-# make gcc      - standard gcc options
-# make x86-elf  - linux-elf etc
-# make x86-out  - linux-a.out, FreeBSD etc
-# make x86-solaris
-# make x86-bdsi
-
-# If you are on a DEC Alpha, edit des.h and change the DES_LONG
-# define to 'unsigned int'.  I have seen this give a %20 speedup.
-
-OPTS0= -DRAND -DTERMIO #-DNOCONST
-
-# Version 1.94 has changed the strings_to_key function so that it is
-# now compatible with MITs when the string is longer than 8 characters.
-# If you wish to keep the old version, uncomment the following line.
-# This will affect the -E/-D options on des(1).
-#OPTS1= -DOLD_STR_TO_KEY
-
-# There are 4 possible performance options
-# -DDES_PTR
-# -DDES_RISC1
-# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
-# -DDES_UNROLL
-# after the initial build, run 'des_opts' to see which options are best
-# for your platform.  There are some listed in options.txt
-#OPTS2= -DDES_PTR 
-#OPTS3= -DDES_RISC1 # or DES_RISC2
-#OPTS4= -DDES_UNROLL
-
-OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
-
-MAKE=make -f Makefile
-#CC=cc
-#CFLAG= -O
-
-CC=gcc
-#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
-CFLAG= -O3 -fomit-frame-pointer
-
-CFLAGS=$(OPTS) $(CFLAG)
-CPP=$(CC) -E
-AS=as
-RANLIB=ranlib
-
-# Assember version of des_encrypt*().
-DES_ENC=des_enc.o fcrypt_b.o		# normal C version
-#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
-#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
-#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
-#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
-
-LIBDIR=/usr/local/lib
-BINDIR=/usr/local/bin
-INCDIR=/usr/local/include
-MANDIR=/usr/local/man
-MAN1=1
-MAN3=3
-SHELL=/bin/sh
-OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
-OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
-	xcbc_enc.o qud_cksm.o cbc3_enc.o \
-	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
-	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
-	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
-
-GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
-	des.doc options.txt asm
-GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
-	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
-	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
-	des.org des_locl.org
-TESTING_LIT=	destest speed des_opts
-TESTING_FULL=	rpw des $(TESTING_LIT)
-TESTING_SRC_LIT=destest.c speed.c des_opts.c
-TESTING_SRC_FULL=rpw.c des.c $(TESTING_SRC_LIT)
-HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
-HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
-LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
-LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c cbc3_enc.c \
-	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
-	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
-	rand_key.c rpc_enc.c  str2key.c  supp.c \
-	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
-
-PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-OBJ=	$(OBJ_FULL)
-GENERAL=$(GENERAL_FULL)
-TESTING=$(TESTING_FULL)
-TESTING_SRC=$(TESTING_SRC_FULL)
-HEADERS=$(HEADERS_FULL)
-LIBDES=	$(LIBDES_FULL)
-
-ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
-
-DLIB=	libdes.a
-
-all: $(DLIB) $(TESTING)
-
-cc:
-	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
-
-gcc:
-	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
-
-x86-elf:
-	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
-
-x86-out:
-	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
-
-x86-solaris:
-	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
-
-x86-bsdi:
-	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
-
-# elf
-asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
-
-asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
-
-# solaris
-asm/dx86-sol.o: asm/dx86unix.cpp
-	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
-	as -o asm/dx86-sol.o asm/dx86-sol.s
-	rm -f asm/dx86-sol.s
-
-asm/yx86-sol.o: asm/yx86unix.cpp
-	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
-	as -o asm/yx86-sol.o asm/yx86-sol.s
-	rm -f asm/yx86-sol.s
-
-# a.out
-asm/dx86-out.o: asm/dx86unix.cpp
-	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
-
-asm/yx86-out.o: asm/yx86unix.cpp
-	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
-
-# bsdi
-asm/dx86bsdi.o: asm/dx86unix.cpp
-	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
-
-asm/yx86bsdi.o: asm/yx86unix.cpp
-	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
-
-asm/dx86unix.cpp:
-	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
-
-asm/yx86unix.cpp:
-	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
-
-test:	all
-	./destest
-
-$(DLIB): $(OBJ)
-	/bin/rm -f $(DLIB)
-	ar cr $(DLIB) $(OBJ)
-	$(RANLIB) $(DLIB)
-
-des_opts: des_opts.o $(DLIB)
-	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
-
-destest: destest.o $(DLIB)
-	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
-
-rpw: rpw.o $(DLIB)
-	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
-
-speed: speed.o $(DLIB)
-	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
-
-des: des.o $(DLIB)
-	$(CC) $(CFLAGS) -o des des.o $(DLIB)
-
-tags:
-	ctags $(TESTING_SRC) $(LIBDES)
-
-tar_lit:
-	/bin/mv Makefile Makefile.tmp
-	/bin/cp Makefile.lit Makefile
-	for i in $(HEADERS_LIT) $(LIBDES_LIT) $(GENERAL_LIT) $(TESTING_SRC_LIT) ;\
-	do \
-		n="$$n des/$$i"; \
-	done; \
-	( cd .. ; tar chf - $$n )| gzip > libdes-l.tgz
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-tar:
-	mv Makefile Makefile.tmp
-	/bin/cp Makefile.uni Makefile
-	for i in $(ALL) ;\
-	do \
-		n="$$n des/$$i"; \
-	done; \
-	( cd .. ; tar chf - $$n )| gzip > libdes.tgz
-	/bin/rm -f Makefile
-	/bin/mv Makefile.tmp Makefile
-
-shar:
-	shar $(ALL) >libdes.shar
-
-depend:
-	makedepend $(LIBDES) $(TESTING_SRC)
-
-clean:
-	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
-
-dclean:
-	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
-	mv -f Makefile.new Makefile
-
-# Eric is probably going to choke when he next looks at this --tjh
-install: des
-	if test $(INSTALLTOP); then \
-	    echo SSL style install; \
-	    cp $(DLIB) $(INSTALLTOP)/lib; \
-		$(RANLIB) $(DLIB); \
-	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
-	    cp des.h $(INSTALLTOP)/include; \
-	    chmod 644 $(INSTALLTOP)/include/des.h; \
-	else \
-	    echo Standalone install; \
-	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
-		$(RANLIB) $(DLIB); \
-	    chmod 644 $(LIBDIR)/$(DLIB); \
-	    cp des $(BINDIR)/des; \
-	    chmod 711 $(BINDIR)/des; \
-	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
-	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
-	    cp des.h $(INCDIR)/des.h; \
-	    chmod 644 $(INCDIR)/des.h; \
-	fi
-# DO NOT DELETE THIS LINE -- make depend depends on it.
--- a/crypto/des/PC1
+++ b/crypto/des/PC1
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-@PC1=(  57,49,41,33,25,17, 9,
-	 1,58,50,42,34,26,18,
-	10, 2,59,51,43,35,27,
-	19,11, 3,60,52,44,36,
-	"-","-","-","-",
-	63,55,47,39,31,23,15,
-	 7,62,54,46,38,30,22,
-	14, 6,61,53,45,37,29,
-	21,13, 5,28,20,12, 4,
-	"-","-","-","-",
-	);
-
-foreach (@PC1)
-	{
-	if ($_ ne "-")
-		{
-		$_--;
-		$_=int($_/8)*8+7-($_%8);
-		printf "%2d  ",$_;
-		}
-	else
-		{ print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	print "\n" if ((($i) % 32) == 0);
-	}
-
--- a/crypto/des/PC2
+++ b/crypto/des/PC2
@@ -1,57 +0,0 @@
-#!/usr/local/bin/perl
-
-@PC2_C=(14,17,11,24, 1, 5,
-	 3,28,15, 6,21,10,
-	23,19,12, 4,26, 8,
-	16, 7,27,20,13, 2,
-	);
-
-@PC2_D=(41,52,31,37,47,55,
-	30,40,51,45,33,48,
-	44,49,39,56,34,53,
-	46,42,50,36,29,32,
-	);
-
-foreach (@PC2_C) {
-	if ($_ ne "-")
-		{
-		$_--;
-		printf "%2d  ",$_; }
-	else { print "--  "; }
-	$C{$_}=1;
-	print "\n" if (((++$i) % 8) == 0);
-	}
-$i=0;
-print "\n";
-foreach (@PC2_D) {
-	if ($_ ne "-")
-		{
-		$_-=29;
-		printf "%2d  ",$_; }
-	else { print "--  "; }
-	$D{$_}=1;
-	print "\n" if (((++$i) % 8) == 0); }
-
-print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$C{$i};
-	if ($_ ne "-") {printf "%2d ",$_;}
-	else { print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	}
-print "\n";
-
-print "\n";
-foreach $i (0 .. 27)
-	{
-	$_=$D{$i};
-	if ($_ ne "-") {printf "%2d  ",$_;}
-	else { print "--  "; }
-	print "\n" if (((++$i) % 8) == 0);
-	}
-print "\n";
-sub numsort
-	{
-	$a-$b;
-	}
--- a/crypto/des/asm/d-win32.asm
+++ b/crypto/des/asm/d-win32.asm
--- a/crypto/des/asm/y-win32.asm
+++ b/crypto/des/asm/y-win32.asm
@@ -1,929 +0,0 @@
-	; Don't even think of reading this code
-	; It was automatically generated by crypt586.pl
-	; Which is a perl program used to generate the x86 assember for
-	; any of elf, a.out, BSDI,Win32, or Solaris
-	; eric <eay@cryptsoft.com>
-	; 
-	TITLE	crypt586.asm
-        .386
-.model FLAT
-_TEXT	SEGMENT
-PUBLIC	_fcrypt_body
-EXTRN   _des_SPtrans:DWORD
-_fcrypt_body PROC NEAR
-	push	ebp
-	push	ebx
-	push	esi
-	push	edi
-	; 
-	; Load the 2 words
-	xor	edi,		edi
-	xor	esi,		esi
-	mov	ebp,		DWORD PTR 24[esp]
-	push	25
-L000start:
-	; 
-	; Round 0
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR [ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 4[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 1
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 8[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 12[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 2
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 16[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 20[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 3
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 24[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 28[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 4
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 32[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 36[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 5
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 40[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 44[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 6
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 48[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 52[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 7
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 56[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 60[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 8
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 64[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 68[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 9
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 72[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 76[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 10
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 80[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 84[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 11
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 88[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 92[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 12
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 96[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 100[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 13
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 104[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 108[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	; 
-	; Round 14
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		esi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		esi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 112[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 116[ebp]
-	xor	eax,		esi
-	xor	edx,		esi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	edi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	edi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	edi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	edi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	edi,		ebx
-	; 
-	; Round 15
-	mov	eax,		DWORD PTR 32[esp]
-	mov	edx,		edi
-	shr	edx,		16
-	mov	ecx,		DWORD PTR 36[esp]
-	xor	edx,		edi
-	and	eax,		edx
-	and	edx,		ecx
-	mov	ebx,		eax
-	shl	ebx,		16
-	mov	ecx,		edx
-	shl	ecx,		16
-	xor	eax,		ebx
-	xor	edx,		ecx
-	mov	ebx,		DWORD PTR 120[ebp]
-	xor	eax,		ebx
-	mov	ecx,		DWORD PTR 124[ebp]
-	xor	eax,		edi
-	xor	edx,		edi
-	xor	edx,		ecx
-	and	eax,		0fcfcfcfch
-	xor	ebx,		ebx
-	and	edx,		0cfcfcfcfh
-	xor	ecx,		ecx
-	mov	bl,		al
-	mov	cl,		ah
-	ror	edx,		4
-	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
-	mov	bl,		dl
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
-	xor	esi,		ebp
-	mov	cl,		dh
-	shr	eax,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
-	xor	esi,		ebp
-	mov	bl,		ah
-	shr	edx,		16
-	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
-	xor	esi,		ebp
-	mov	ebp,		DWORD PTR 28[esp]
-	mov	cl,		dh
-	and	eax,		0ffh
-	and	edx,		0ffh
-	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
-	xor	esi,		ebx
-	mov	ebx,		DWORD PTR [esp]
-	mov	eax,		edi
-	dec	ebx
-	mov	edi,		esi
-	mov	esi,		eax
-	mov	DWORD PTR [esp],ebx
-	jnz	L000start
-	; 
-	; FP
-	mov	edx,		DWORD PTR 24[esp]
-	ror	edi,		1
-	mov	eax,		esi
-	xor	esi,		edi
-	and	esi,		0aaaaaaaah
-	xor	eax,		esi
-	xor	edi,		esi
-	; 
-	rol	eax,		23
-	mov	esi,		eax
-	xor	eax,		edi
-	and	eax,		003fc03fch
-	xor	esi,		eax
-	xor	edi,		eax
-	; 
-	rol	esi,		10
-	mov	eax,		esi
-	xor	esi,		edi
-	and	esi,		033333333h
-	xor	eax,		esi
-	xor	edi,		esi
-	; 
-	rol	edi,		18
-	mov	esi,		edi
-	xor	edi,		eax
-	and	edi,		0fff0000fh
-	xor	esi,		edi
-	xor	eax,		edi
-	; 
-	rol	esi,		12
-	mov	edi,		esi
-	xor	esi,		eax
-	and	esi,		0f0f0f0f0h
-	xor	edi,		esi
-	xor	eax,		esi
-	; 
-	ror	eax,		4
-	mov	DWORD PTR [edx],eax
-	mov	DWORD PTR 4[edx],edi
-	pop	ecx
-	pop	edi
-	pop	esi
-	pop	ebx
-	pop	ebp
-	ret
-_fcrypt_body ENDP
-_TEXT	ENDS
-END
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -58,6 +58,7 @@

 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #ifndef MSDOS
 #ifndef VMS
 #include <openssl/opensslconf.h>
@@ -69,7 +70,7 @@
 #include <math.h>
 #endif /* __DECC */
 #endif /* VMS */
-#else
+#else /* MSDOS */
 #include <io.h>
 #endif

@@ -88,10 +89,6 @@
 #include <openssl/des.h>
 #include <openssl/rand.h>

-#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
-#include <string.h>
-#endif
-
 void usage(void);
 void doencryption(void);
 int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
--- a/crypto/des/des.h
+++ b/crypto/des/des.h
@@ -78,10 +78,7 @@ extern "C" {
 typedef unsigned char des_cblock[8];
 typedef /* const */ unsigned char const_des_cblock[8];
 /* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
- * and const_des_cblock * are incompatible pointer types.
- * I haven't seen that warning on other systems ... I'll look
- * what the standard says. */
-
+ * and const_des_cblock * are incompatible pointer types. */

 typedef struct des_ks_struct
 	{
@@ -141,8 +138,26 @@ void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
 		     int enc);
 void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
 		     des_key_schedule ks,int enc);
+
+/* 	This is the DES encryption function that gets called by just about
+	every other DES routine in the library.  You should not use this
+	function except to implement 'modes' of DES.  I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.  The characters are loaded 'little endian'.
+	Data is a pointer to 2 unsigned long's and ks is the
+	des_key_schedule to use.  enc, is non zero specifies encryption,
+	zero if decryption. */
 void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+
+/* 	This functions is the same as des_encrypt() except that the DES
+	initial permutation (IP) and final permutation (FP) have been left
+	out.  As for des_encrypt(), you should not use this function.
+	It is used by the routines in the library that implement triple DES.
+	IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
+	as des_encrypt() des_encrypt() des_encrypt() except faster :-). */
 void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+
 void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
 	des_key_schedule ks2, des_key_schedule ks3);
 void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
@@ -192,6 +207,7 @@ int des_read_2passwords(des_cblock *key1,des_cblock *key2,
 			const char *prompt,int verify);
 int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
 void des_set_odd_parity(des_cblock *key);
+int des_check_key_parity(const_des_cblock *key);
 int des_is_weak_key(const_des_cblock *key);
 /* des_set_key (= set_key = des_key_sched = key_sched) calls
 * des_set_key_checked if global variable des_check_key is set,
@@ -209,9 +225,6 @@ void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
 		       des_key_schedule schedule,des_cblock *ivec,int *num);
 int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);

-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file(const_des_cblock *cb, FILE *fp);
-
 /* The following definitions provide compatibility with the MIT Kerberos
 * library. The des_key_schedule structure is not binary compatible. */

@@ -241,11 +254,11 @@ void des_cblock_print_file(const_des_cblock *cb, FILE *fp);
 #  define xcbc_encrypt des_xcbc_encrypt
 #  define cbc_cksum des_cbc_cksum
 #  define quad_cksum des_quad_cksum
+#  define check_parity des_check_key_parity
 #endif

 typedef des_key_schedule bit_64;
 #define des_fixup_key_parity des_set_odd_parity
-#define des_check_key_parity check_parity

 #ifdef  __cplusplus
 }
--- a/crypto/des/des.pl
+++ b/crypto/des/des.pl
@@ -1,552 +0,0 @@
-#!/usr/local/bin/perl
-# des.pl - eric young 22/11/1991 eay@cryptsoft.com
-#
-# Copyright (C) 1993 Eric Young
-#
-# 11 April 1996 - patched to circumvent Perl 5 (through 5.002) problem
-#                 with sign-extension on right shift operations.
-#                 Ed Kubaitis - ejk@uiuc.edu
-#
-# eay - 92/08/31 - I think I have fixed all problems for 64bit
-# versions of perl but I could be wrong since I have not tested it yet :-).
-#
-# This is an implementation of DES in perl.
-# The two routines (des_set_key and des_ecb_encrypt)
-# take 8 byte objects as arguments.
-#
-# des_set_key takes an 8 byte string as a key and returns a key schedule
-# for use in calls to des_ecb_encrypt.
-# des_ecb_encrypt takes three arguments, the first is a key schedule
-# (make sure to pass it by reference with the *), the second is 1
-# to encrypt, 0 to decrypt.  The third argument is an 8 byte object
-# to encrypt.  The function returns an 8 byte object that has been
-# DES encrypted.
-#
-# example:
-# require 'des.pl'
-#
-# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
-# @ks=  &des_set_key($key);
-#
-# $outbytes= &des_ecb_encrypt(*ks,1,$data);
-# @enc =unpack("C8",$outbytes);
-#
-                 
-package des;
-
-eval("use integer;") if (int($]) > 4);
-
-# The following 8 arrays are used in des_set_key
-@skb0=(
-# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 
-0x00000000,0x00000010,0x20000000,0x20000010,
-0x00010000,0x00010010,0x20010000,0x20010010,
-0x00000800,0x00000810,0x20000800,0x20000810,
-0x00010800,0x00010810,0x20010800,0x20010810,
-0x00000020,0x00000030,0x20000020,0x20000030,
-0x00010020,0x00010030,0x20010020,0x20010030,
-0x00000820,0x00000830,0x20000820,0x20000830,
-0x00010820,0x00010830,0x20010820,0x20010830,
-0x00080000,0x00080010,0x20080000,0x20080010,
-0x00090000,0x00090010,0x20090000,0x20090010,
-0x00080800,0x00080810,0x20080800,0x20080810,
-0x00090800,0x00090810,0x20090800,0x20090810,
-0x00080020,0x00080030,0x20080020,0x20080030,
-0x00090020,0x00090030,0x20090020,0x20090030,
-0x00080820,0x00080830,0x20080820,0x20080830,
-0x00090820,0x00090830,0x20090820,0x20090830,
-);
-@skb1=(
-# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 
-0x00000000,0x02000000,0x00002000,0x02002000,
-0x00200000,0x02200000,0x00202000,0x02202000,
-0x00000004,0x02000004,0x00002004,0x02002004,
-0x00200004,0x02200004,0x00202004,0x02202004,
-0x00000400,0x02000400,0x00002400,0x02002400,
-0x00200400,0x02200400,0x00202400,0x02202400,
-0x00000404,0x02000404,0x00002404,0x02002404,
-0x00200404,0x02200404,0x00202404,0x02202404,
-0x10000000,0x12000000,0x10002000,0x12002000,
-0x10200000,0x12200000,0x10202000,0x12202000,
-0x10000004,0x12000004,0x10002004,0x12002004,
-0x10200004,0x12200004,0x10202004,0x12202004,
-0x10000400,0x12000400,0x10002400,0x12002400,
-0x10200400,0x12200400,0x10202400,0x12202400,
-0x10000404,0x12000404,0x10002404,0x12002404,
-0x10200404,0x12200404,0x10202404,0x12202404,
-);
-@skb2=(
-# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 
-0x00000000,0x00000001,0x00040000,0x00040001,
-0x01000000,0x01000001,0x01040000,0x01040001,
-0x00000002,0x00000003,0x00040002,0x00040003,
-0x01000002,0x01000003,0x01040002,0x01040003,
-0x00000200,0x00000201,0x00040200,0x00040201,
-0x01000200,0x01000201,0x01040200,0x01040201,
-0x00000202,0x00000203,0x00040202,0x00040203,
-0x01000202,0x01000203,0x01040202,0x01040203,
-0x08000000,0x08000001,0x08040000,0x08040001,
-0x09000000,0x09000001,0x09040000,0x09040001,
-0x08000002,0x08000003,0x08040002,0x08040003,
-0x09000002,0x09000003,0x09040002,0x09040003,
-0x08000200,0x08000201,0x08040200,0x08040201,
-0x09000200,0x09000201,0x09040200,0x09040201,
-0x08000202,0x08000203,0x08040202,0x08040203,
-0x09000202,0x09000203,0x09040202,0x09040203,
-);
-@skb3=(
-# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 
-0x00000000,0x00100000,0x00000100,0x00100100,
-0x00000008,0x00100008,0x00000108,0x00100108,
-0x00001000,0x00101000,0x00001100,0x00101100,
-0x00001008,0x00101008,0x00001108,0x00101108,
-0x04000000,0x04100000,0x04000100,0x04100100,
-0x04000008,0x04100008,0x04000108,0x04100108,
-0x04001000,0x04101000,0x04001100,0x04101100,
-0x04001008,0x04101008,0x04001108,0x04101108,
-0x00020000,0x00120000,0x00020100,0x00120100,
-0x00020008,0x00120008,0x00020108,0x00120108,
-0x00021000,0x00121000,0x00021100,0x00121100,
-0x00021008,0x00121008,0x00021108,0x00121108,
-0x04020000,0x04120000,0x04020100,0x04120100,
-0x04020008,0x04120008,0x04020108,0x04120108,
-0x04021000,0x04121000,0x04021100,0x04121100,
-0x04021008,0x04121008,0x04021108,0x04121108,
-);
-@skb4=(
-# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 
-0x00000000,0x10000000,0x00010000,0x10010000,
-0x00000004,0x10000004,0x00010004,0x10010004,
-0x20000000,0x30000000,0x20010000,0x30010000,
-0x20000004,0x30000004,0x20010004,0x30010004,
-0x00100000,0x10100000,0x00110000,0x10110000,
-0x00100004,0x10100004,0x00110004,0x10110004,
-0x20100000,0x30100000,0x20110000,0x30110000,
-0x20100004,0x30100004,0x20110004,0x30110004,
-0x00001000,0x10001000,0x00011000,0x10011000,
-0x00001004,0x10001004,0x00011004,0x10011004,
-0x20001000,0x30001000,0x20011000,0x30011000,
-0x20001004,0x30001004,0x20011004,0x30011004,
-0x00101000,0x10101000,0x00111000,0x10111000,
-0x00101004,0x10101004,0x00111004,0x10111004,
-0x20101000,0x30101000,0x20111000,0x30111000,
-0x20101004,0x30101004,0x20111004,0x30111004,
-);
-@skb5=(
-# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 
-0x00000000,0x08000000,0x00000008,0x08000008,
-0x00000400,0x08000400,0x00000408,0x08000408,
-0x00020000,0x08020000,0x00020008,0x08020008,
-0x00020400,0x08020400,0x00020408,0x08020408,
-0x00000001,0x08000001,0x00000009,0x08000009,
-0x00000401,0x08000401,0x00000409,0x08000409,
-0x00020001,0x08020001,0x00020009,0x08020009,
-0x00020401,0x08020401,0x00020409,0x08020409,
-0x02000000,0x0A000000,0x02000008,0x0A000008,
-0x02000400,0x0A000400,0x02000408,0x0A000408,
-0x02020000,0x0A020000,0x02020008,0x0A020008,
-0x02020400,0x0A020400,0x02020408,0x0A020408,
-0x02000001,0x0A000001,0x02000009,0x0A000009,
-0x02000401,0x0A000401,0x02000409,0x0A000409,
-0x02020001,0x0A020001,0x02020009,0x0A020009,
-0x02020401,0x0A020401,0x02020409,0x0A020409,
-);
-@skb6=(
-# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 
-0x00000000,0x00000100,0x00080000,0x00080100,
-0x01000000,0x01000100,0x01080000,0x01080100,
-0x00000010,0x00000110,0x00080010,0x00080110,
-0x01000010,0x01000110,0x01080010,0x01080110,
-0x00200000,0x00200100,0x00280000,0x00280100,
-0x01200000,0x01200100,0x01280000,0x01280100,
-0x00200010,0x00200110,0x00280010,0x00280110,
-0x01200010,0x01200110,0x01280010,0x01280110,
-0x00000200,0x00000300,0x00080200,0x00080300,
-0x01000200,0x01000300,0x01080200,0x01080300,
-0x00000210,0x00000310,0x00080210,0x00080310,
-0x01000210,0x01000310,0x01080210,0x01080310,
-0x00200200,0x00200300,0x00280200,0x00280300,
-0x01200200,0x01200300,0x01280200,0x01280300,
-0x00200210,0x00200310,0x00280210,0x00280310,
-0x01200210,0x01200310,0x01280210,0x01280310,
-);
-@skb7=(
-# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 
-0x00000000,0x04000000,0x00040000,0x04040000,
-0x00000002,0x04000002,0x00040002,0x04040002,
-0x00002000,0x04002000,0x00042000,0x04042000,
-0x00002002,0x04002002,0x00042002,0x04042002,
-0x00000020,0x04000020,0x00040020,0x04040020,
-0x00000022,0x04000022,0x00040022,0x04040022,
-0x00002020,0x04002020,0x00042020,0x04042020,
-0x00002022,0x04002022,0x00042022,0x04042022,
-0x00000800,0x04000800,0x00040800,0x04040800,
-0x00000802,0x04000802,0x00040802,0x04040802,
-0x00002800,0x04002800,0x00042800,0x04042800,
-0x00002802,0x04002802,0x00042802,0x04042802,
-0x00000820,0x04000820,0x00040820,0x04040820,
-0x00000822,0x04000822,0x00040822,0x04040822,
-0x00002820,0x04002820,0x00042820,0x04042820,
-0x00002822,0x04002822,0x00042822,0x04042822,
-);
-
-@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0);
-
-# used in ecb_encrypt
-@SP0=(
-0x00410100, 0x00010000, 0x40400000, 0x40410100,
-0x00400000, 0x40010100, 0x40010000, 0x40400000,
-0x40010100, 0x00410100, 0x00410000, 0x40000100,
-0x40400100, 0x00400000, 0x00000000, 0x40010000,
-0x00010000, 0x40000000, 0x00400100, 0x00010100,
-0x40410100, 0x00410000, 0x40000100, 0x00400100,
-0x40000000, 0x00000100, 0x00010100, 0x40410000,
-0x00000100, 0x40400100, 0x40410000, 0x00000000,
-0x00000000, 0x40410100, 0x00400100, 0x40010000,
-0x00410100, 0x00010000, 0x40000100, 0x00400100,
-0x40410000, 0x00000100, 0x00010100, 0x40400000,
-0x40010100, 0x40000000, 0x40400000, 0x00410000,
-0x40410100, 0x00010100, 0x00410000, 0x40400100,
-0x00400000, 0x40000100, 0x40010000, 0x00000000,
-0x00010000, 0x00400000, 0x40400100, 0x00410100,
-0x40000000, 0x40410000, 0x00000100, 0x40010100,
-);
-@SP1=(
-0x08021002, 0x00000000, 0x00021000, 0x08020000,
-0x08000002, 0x00001002, 0x08001000, 0x00021000,
-0x00001000, 0x08020002, 0x00000002, 0x08001000,
-0x00020002, 0x08021000, 0x08020000, 0x00000002,
-0x00020000, 0x08001002, 0x08020002, 0x00001000,
-0x00021002, 0x08000000, 0x00000000, 0x00020002,
-0x08001002, 0x00021002, 0x08021000, 0x08000002,
-0x08000000, 0x00020000, 0x00001002, 0x08021002,
-0x00020002, 0x08021000, 0x08001000, 0x00021002,
-0x08021002, 0x00020002, 0x08000002, 0x00000000,
-0x08000000, 0x00001002, 0x00020000, 0x08020002,
-0x00001000, 0x08000000, 0x00021002, 0x08001002,
-0x08021000, 0x00001000, 0x00000000, 0x08000002,
-0x00000002, 0x08021002, 0x00021000, 0x08020000,
-0x08020002, 0x00020000, 0x00001002, 0x08001000,
-0x08001002, 0x00000002, 0x08020000, 0x00021000,
-);
-@SP2=(
-0x20800000, 0x00808020, 0x00000020, 0x20800020,
-0x20008000, 0x00800000, 0x20800020, 0x00008020,
-0x00800020, 0x00008000, 0x00808000, 0x20000000,
-0x20808020, 0x20000020, 0x20000000, 0x20808000,
-0x00000000, 0x20008000, 0x00808020, 0x00000020,
-0x20000020, 0x20808020, 0x00008000, 0x20800000,
-0x20808000, 0x00800020, 0x20008020, 0x00808000,
-0x00008020, 0x00000000, 0x00800000, 0x20008020,
-0x00808020, 0x00000020, 0x20000000, 0x00008000,
-0x20000020, 0x20008000, 0x00808000, 0x20800020,
-0x00000000, 0x00808020, 0x00008020, 0x20808000,
-0x20008000, 0x00800000, 0x20808020, 0x20000000,
-0x20008020, 0x20800000, 0x00800000, 0x20808020,
-0x00008000, 0x00800020, 0x20800020, 0x00008020,
-0x00800020, 0x00000000, 0x20808000, 0x20000020,
-0x20800000, 0x20008020, 0x00000020, 0x00808000,
-);
-@SP3=(
-0x00080201, 0x02000200, 0x00000001, 0x02080201,
-0x00000000, 0x02080000, 0x02000201, 0x00080001,
-0x02080200, 0x02000001, 0x02000000, 0x00000201,
-0x02000001, 0x00080201, 0x00080000, 0x02000000,
-0x02080001, 0x00080200, 0x00000200, 0x00000001,
-0x00080200, 0x02000201, 0x02080000, 0x00000200,
-0x00000201, 0x00000000, 0x00080001, 0x02080200,
-0x02000200, 0x02080001, 0x02080201, 0x00080000,
-0x02080001, 0x00000201, 0x00080000, 0x02000001,
-0x00080200, 0x02000200, 0x00000001, 0x02080000,
-0x02000201, 0x00000000, 0x00000200, 0x00080001,
-0x00000000, 0x02080001, 0x02080200, 0x00000200,
-0x02000000, 0x02080201, 0x00080201, 0x00080000,
-0x02080201, 0x00000001, 0x02000200, 0x00080201,
-0x00080001, 0x00080200, 0x02080000, 0x02000201,
-0x00000201, 0x02000000, 0x02000001, 0x02080200,
-);
-@SP4=(
-0x01000000, 0x00002000, 0x00000080, 0x01002084,
-0x01002004, 0x01000080, 0x00002084, 0x01002000,
-0x00002000, 0x00000004, 0x01000004, 0x00002080,
-0x01000084, 0x01002004, 0x01002080, 0x00000000,
-0x00002080, 0x01000000, 0x00002004, 0x00000084,
-0x01000080, 0x00002084, 0x00000000, 0x01000004,
-0x00000004, 0x01000084, 0x01002084, 0x00002004,
-0x01002000, 0x00000080, 0x00000084, 0x01002080,
-0x01002080, 0x01000084, 0x00002004, 0x01002000,
-0x00002000, 0x00000004, 0x01000004, 0x01000080,
-0x01000000, 0x00002080, 0x01002084, 0x00000000,
-0x00002084, 0x01000000, 0x00000080, 0x00002004,
-0x01000084, 0x00000080, 0x00000000, 0x01002084,
-0x01002004, 0x01002080, 0x00000084, 0x00002000,
-0x00002080, 0x01002004, 0x01000080, 0x00000084,
-0x00000004, 0x00002084, 0x01002000, 0x01000004,
-);
-@SP5=(
-0x10000008, 0x00040008, 0x00000000, 0x10040400,
-0x00040008, 0x00000400, 0x10000408, 0x00040000,
-0x00000408, 0x10040408, 0x00040400, 0x10000000,
-0x10000400, 0x10000008, 0x10040000, 0x00040408,
-0x00040000, 0x10000408, 0x10040008, 0x00000000,
-0x00000400, 0x00000008, 0x10040400, 0x10040008,
-0x10040408, 0x10040000, 0x10000000, 0x00000408,
-0x00000008, 0x00040400, 0x00040408, 0x10000400,
-0x00000408, 0x10000000, 0x10000400, 0x00040408,
-0x10040400, 0x00040008, 0x00000000, 0x10000400,
-0x10000000, 0x00000400, 0x10040008, 0x00040000,
-0x00040008, 0x10040408, 0x00040400, 0x00000008,
-0x10040408, 0x00040400, 0x00040000, 0x10000408,
-0x10000008, 0x10040000, 0x00040408, 0x00000000,
-0x00000400, 0x10000008, 0x10000408, 0x10040400,
-0x10040000, 0x00000408, 0x00000008, 0x10040008,
-);
-@SP6=(
-0x00000800, 0x00000040, 0x00200040, 0x80200000,
-0x80200840, 0x80000800, 0x00000840, 0x00000000,
-0x00200000, 0x80200040, 0x80000040, 0x00200800,
-0x80000000, 0x00200840, 0x00200800, 0x80000040,
-0x80200040, 0x00000800, 0x80000800, 0x80200840,
-0x00000000, 0x00200040, 0x80200000, 0x00000840,
-0x80200800, 0x80000840, 0x00200840, 0x80000000,
-0x80000840, 0x80200800, 0x00000040, 0x00200000,
-0x80000840, 0x00200800, 0x80200800, 0x80000040,
-0x00000800, 0x00000040, 0x00200000, 0x80200800,
-0x80200040, 0x80000840, 0x00000840, 0x00000000,
-0x00000040, 0x80200000, 0x80000000, 0x00200040,
-0x00000000, 0x80200040, 0x00200040, 0x00000840,
-0x80000040, 0x00000800, 0x80200840, 0x00200000,
-0x00200840, 0x80000000, 0x80000800, 0x80200840,
-0x80200000, 0x00200840, 0x00200800, 0x80000800,
-);
-@SP7=(
-0x04100010, 0x04104000, 0x00004010, 0x00000000,
-0x04004000, 0x00100010, 0x04100000, 0x04104010,
-0x00000010, 0x04000000, 0x00104000, 0x00004010,
-0x00104010, 0x04004010, 0x04000010, 0x04100000,
-0x00004000, 0x00104010, 0x00100010, 0x04004000,
-0x04104010, 0x04000010, 0x00000000, 0x00104000,
-0x04000000, 0x00100000, 0x04004010, 0x04100010,
-0x00100000, 0x00004000, 0x04104000, 0x00000010,
-0x00100000, 0x00004000, 0x04000010, 0x04104010,
-0x00004010, 0x04000000, 0x00000000, 0x00104000,
-0x04100010, 0x04004010, 0x04004000, 0x00100010,
-0x04104000, 0x00000010, 0x00100010, 0x04004000,
-0x04104010, 0x00100000, 0x04100000, 0x04000010,
-0x00104000, 0x00004010, 0x04004010, 0x04100000,
-0x00000010, 0x04104000, 0x00104010, 0x00000000,
-0x04000000, 0x04100010, 0x00004000, 0x00104010,
-);
-
-sub main'des_set_key
-	{
-	local($param)=@_;
-	local(@key);
-	local($c,$d,$i,$s,$t);
-	local(@ks)=();
-
-	# Get the bytes in the order we want.
-	@key=unpack("C8",$param);
-
-	$c=	($key[0]    )|
-		($key[1]<< 8)|
-		($key[2]<<16)|
-		($key[3]<<24);
-	$d=	($key[4]    )|
-		($key[5]<< 8)|
-		($key[6]<<16)|
-		($key[7]<<24);
-
-	&doPC1(*c,*d);
-
-	for $i (@shifts2)
-		{
-		if ($i)
-			{
-			$c=($c>>2)|($c<<26);
-			$d=($d>>2)|($d<<26);
-			}
-		else
-			{
-			$c=($c>>1)|($c<<27);
-			$d=($d>>1)|($d<<27);
-			}
-		$c&=0x0fffffff;
-		$d&=0x0fffffff;
-		$s=	$skb0[ ($c    )&0x3f                 ]|
-			$skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]|
-			$skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]|
-			$skb3[(($c>>20)&0x01)|(($c>>21)&0x06) |
-					     (($c>>22)&0x38)];
-		$t=     $skb4[ ($d    )&0x3f                ]|
-			$skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]|
-			$skb6[ ($d>>15)&0x3f                 ]|
-			$skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)];
-		push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff);
-		$s=      (($s>>16)&0x0000ffff)|($t&0xffff0000) ;
-		push(@ks,(($s<<4)|(($s>>28)&0xf))&0xffffffff);
-		}
-	@ks;
-	}
-
-sub doPC1
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>>4)^$a)&0x0f0f0f0f;
-	$b^=($t<<4); $a^=$t;
-	# do $a first 
-	$t=(($a<<18)^$a)&0xcccc0000;
-	$a=$a^$t^(($t>>18)&0x00003fff);
-	$t=(($a<<17)^$a)&0xaaaa0000;
-	$a=$a^$t^(($t>>17)&0x00007fff);
-	$t=(($a<< 8)^$a)&0x00ff0000;
-	$a=$a^$t^(($t>> 8)&0x00ffffff);
-	$t=(($a<<17)^$a)&0xaaaa0000;
-	$a=$a^$t^(($t>>17)&0x00007fff);
-
-	# now do $b
-	$t=(($b<<24)^$b)&0xff000000;
-	$b=$b^$t^(($t>>24)&0x000000ff);
-	$t=(($b<< 8)^$b)&0x00ff0000;
-	$b=$b^$t^(($t>> 8)&0x00ffffff);
-	$t=(($b<<14)^$b)&0x33330000;
-	$b=$b^$t^(($t>>14)&0x0003ffff);
-	$b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55);
-	$b=(($b>>8)&0x00ffffff)|((($a&0xf0000000)>>4)&0x0fffffff);
-	$a&=0x0fffffff;
-	}
-
-sub doIP
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>> 4)^$a)&0x0f0f0f0f;
-	$b^=($t<< 4); $a^=$t;
-	$t=(($a>>16)^$b)&0x0000ffff;
-	$a^=($t<<16); $b^=$t;
-	$t=(($b>> 2)^$a)&0x33333333;
-	$b^=($t<< 2); $a^=$t;
-	$t=(($a>> 8)^$b)&0x00ff00ff;
-	$a^=($t<< 8); $b^=$t;
-	$t=(($b>> 1)^$a)&0x55555555;
-	$b^=($t<< 1); $a^=$t;
-	$t=$a;
-	$a=$b&0xffffffff;
-	$b=$t&0xffffffff;
-	}
-
-sub doFP
-	{
-	local(*a,*b)=@_;
-	local($t);
-
-	$t=(($b>> 1)^$a)&0x55555555;
-	$b^=($t<< 1); $a^=$t;
-	$t=(($a>> 8)^$b)&0x00ff00ff;
-	$a^=($t<< 8); $b^=$t;
-	$t=(($b>> 2)^$a)&0x33333333;
-	$b^=($t<< 2); $a^=$t;
-	$t=(($a>>16)^$b)&0x0000ffff;
-	$a^=($t<<16); $b^=$t;
-	$t=(($b>> 4)^$a)&0x0f0f0f0f;
-	$b^=($t<< 4); $a^=$t;
-	$a&=0xffffffff;
-	$b&=0xffffffff;
-	}
-
-sub main'des_ecb_encrypt
-	{
-	local(*ks,$encrypt,$in)=@_;
-	local($l,$r,$i,$t,$u,@input);
-	
-	@input=unpack("C8",$in);
-	# Get the bytes in the order we want.
-	$l=	($input[0]    )|
-		($input[1]<< 8)|
-		($input[2]<<16)|
-		($input[3]<<24);
-	$r=	($input[4]    )|
-		($input[5]<< 8)|
-		($input[6]<<16)|
-		($input[7]<<24);
-
-	$l&=0xffffffff;
-	$r&=0xffffffff;
-	&doIP(*l,*r);
-	if ($encrypt)
-		{
-		for ($i=0; $i<32; $i+=4)
-			{
-			$t=((($r&0x7fffffff)<<1)|(($r>>31)&0x00000001));
-			$u=$t^$ks[$i  ];
-			$t=$t^$ks[$i+1];
-			$t2=(($t&0x0000000f)<<28);
-
-			$t=((($t>>4)&0x0fffffff)|(($t&0x0000000f)<<28));
-			$l^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-
-			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i+2];
-			$t=$t^$ks[$i+3];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$r^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-			}
-		}
-	else	
-		{
-		for ($i=30; $i>0; $i-=4)
-			{
-			$t=(($r<<1)|(($r>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i  ];
-			$t=$t^$ks[$i+1];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$l^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-
-			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
-			$u=$t^$ks[$i-2];
-			$t=$t^$ks[$i-1];
-			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
-			$r^=	$SP1[ $t     &0x3f]|
-				$SP3[($t>> 8)&0x3f]|
-				$SP5[($t>>16)&0x3f]|
-				$SP7[($t>>24)&0x3f]|
-				$SP0[ $u     &0x3f]|
-				$SP2[($u>> 8)&0x3f]|
-				$SP4[($u>>16)&0x3f]|
-				$SP6[($u>>24)&0x3f];
-			}
-		}
-	&doFP(*l,*r);
-	pack("C8",$l&0xff, 
-	          ($l>> 8)&0x00ffffff,
-	          ($l>>16)&0x0000ffff,
-		  ($l>>24)&0x000000ff,
-		  $r&0xff,
-	          ($r>> 8)&0x00ffffff,
-	          ($r>>16)&0x0000ffff,
-		  ($r>>24)&0x000000ff);
-	}
--- a/crypto/des/des.pod
+++ b/crypto/des/des.pod
@@ -1,186 +1,217 @@
-.TH DES 1 
-.SH NAME
+=pod
+
+=head1 NAME
+
 des - encrypt or decrypt data using Data Encryption Standard
-.SH SYNOPSIS
-.B des
+
+=head1 SYNOPSIS
+
+B<des>
 (
-.B \-e
+B<-e>
 |
-.B \-E
+B<-E>
 ) | (
-.B \-d
+B<-d>
 |
-.B \-D
+B<-D>
 ) | (
-.B \-\fR[\fPcC\fR][\fPckname\fR]\fP
+B<->[B<cC>][B<ckname>]
 ) |
 [
-.B \-b3hfs
+B<-b3hfs>
 ] [
-.B \-k
-.I key
+B<-k>
+I<key>
 ]
 ] [
-.B \-u\fR[\fIuuname\fR]
+B<-u>[I<uuname>]
 [
-.I input-file
+I<input-file>
 [
-.I output-file
+I<output-file>
 ] ]
-.SH DESCRIPTION
-.B des
+
+=head1 NOTE
+
+This page describes the B<des> stand-alone program, not the B<openssl des>
+command.
+
+=head1 DESCRIPTION
+
+B<des>
 encrypts and decrypts data using the
 Data Encryption Standard algorithm.
 One of
-.B \-e, \-E
+B<-e>, B<-E>
 (for encrypt) or
-.B \-d, \-D
+B<-d>, B<-D>
 (for decrypt) must be specified.
 It is also possible to use
-.B \-c
+B<-c>
 or
-.B \-C
+B<-C>
 in conjunction or instead of the a encrypt/decrypt option to generate
 a 16 character hexadecimal checksum, generated via the
-.I des_cbc_cksum.
-.LP
+I<des_cbc_cksum>.
+
 Two standard encryption modes are supported by the
-.B des
+B<des>
 program, Cipher Block Chaining (the default) and Electronic Code Book
 (specified with
-.B \-b
-).
-.LP
+B<-b>).
+
 The key used for the DES
 algorithm is obtained by prompting the user unless the
-.B `\-k
-.I key'
+B<-k>
+I<key>
 option is given.
 If the key is an argument to the
-.B des
+B<des>
 command, it is potentially visible to users executing
-.BR ps (1)
+ps(1)
 or a derivative.  To minimise this possibility,
-.B des
+B<des>
 takes care to destroy the key argument immediately upon entry.
 If your shell keeps a history file be careful to make sure it is not
 world readable.
-.LP
-Since this program attempts to maintain compatability with sunOS's
+
+Since this program attempts to maintain compatibility with sunOS's
 des(1) command, there are 2 different methods used to convert the user
 supplied key to a des key.
 Whenever and one or more of
-.B \-E, \-D, \-C
+B<-E>, B<-D>, B<-C>
 or
-.B \-3
+B<-3>
 options are used, the key conversion procedure will not be compatible
 with the sunOS des(1) version but will use all the user supplied
 character to generate the des key.
-.B des
+B<des>
 command reads from standard input unless
-.I input-file
+I<input-file>
 is specified and writes to standard output unless
-.I output-file
+I<output-file>
 is given.
-.SH OPTIONS
-.TP
-.B \-b
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-b>
+
 Select ECB
 (eight bytes at a time) encryption mode.
-.TP
-.B \-3
+
+=item B<-3>
+
 Encrypt using triple encryption.
 By default triple cbc encryption is used but if the
-.B \-b
-option is used then triple ecb encryption is performed.
+B<-b>
+option is used then triple ECB encryption is performed.
 If the key is less than 8 characters long, the flag has no effect.
-.TP
-.B \-e
+
+=item B<-e>
+
 Encrypt data using an 8 byte key in a manner compatible with sunOS
 des(1).
-.TP
-.B \-E
+
+=item B<-E>
+
 Encrypt data using a key of nearly unlimited length (1024 bytes).
 This will product a more secure encryption.
-.TP
-.B \-d
-Decrypt data that was encrypted with the \-e option.
-.TP
-.B \-D
-Decrypt data that was encrypted with the \-E option.
-.TP
-.B \-c
+
+=item B<-d>
+
+Decrypt data that was encrypted with the B<-e> option.
+
+=item B<-D>
+
+Decrypt data that was encrypted with the B<-E> option.
+
+=item B<-c>
+
 Generate a 16 character hexadecimal cbc checksum and output this to
 stderr.
 If a filename was specified after the
-.B \-c
+B<-c>
 option, the checksum is output to that file.
 The checksum is generated using a key generated in a sunOS compatible
 manner.
-.TP
-.B \-C
+
+=item B<-C>
+
 A cbc checksum is generated in the same manner as described for the
-.B \-c
+B<-c>
 option but the DES key is generated in the same manner as used for the
-.B \-E
+B<-E>
 and
-.B \-D
+B<-D>
 options
-.TP
-.B \-f
+
+=item B<-f>
+
 Does nothing - allowed for compatibility with sunOS des(1) command.
-.TP
-.B \-s
+
+=item B<-s>
+
 Does nothing - allowed for compatibility with sunOS des(1) command.
-.TP
-.B "\-k \fIkey\fP"
+
+=item B<-k> I<key>
+
 Use the encryption 
-.I key
+I<key>
 specified.
-.TP
-.B "\-h"
+
+=item B<-h>
+
 The
-.I key
+I<key>
 is assumed to be a 16 character hexadecimal number.
 If the
-.B "\-3"
+B<-3>
 option is used the key is assumed to be a 32 character hexadecimal
 number.
-.TP
-.B \-u
+
+=item B<-u>
+
 This flag is used to read and write uuencoded files.  If decrypting,
 the input file is assumed to contain uuencoded, DES encrypted data.
-If encrypting, the characters following the -u are used as the name of
+If encrypting, the characters following the B<-u> are used as the name of
 the uuencoded file to embed in the begin line of the uuencoded
-output.  If there is no name specified after the -u, the name text.des
+output.  If there is no name specified after the B<-u>, the name text.des
 will be embedded in the header.
-.SH SEE ALSO
-.B ps (1)
-.B des_crypt(3)
-.SH BUGS
-.LP
+
+=head1 SEE ALSO
+
+ps(1),
+L<des_crypt(3)|des_crypt(3)>
+
+=head1 BUGS
+
 The problem with using the
-.B -e
+B<-e>
 option is the short key length.
 It would be better to use a real 56-bit key rather than an
 ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
 radically reduces the time necessary for a brute-force cryptographic attack.
 My attempt to remove this problem is to add an alternative text-key to
 DES-key function.  This alternative function (accessed via
-.B -E, -D, -S
+B<-E>, B<-D>, B<-S>
 and
-.B -3
-)
+B<-3>)
 uses DES to help generate the key.
-.LP
-Be carefully when using the -u option.  Doing des -ud <filename> will
-not decrypt filename (the -u option will gobble the d option).
-.LP
+
+Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
+not decrypt filename (the B<-u> option will gobble the B<-d> option).
+
 The VMS operating system operates in a world where files are always a
 multiple of 512 bytes.  This causes problems when encrypted data is
-send from unix to VMS since a 88 byte file will suddenly be padded
-with 424 null bytes.  To get around this problem, use the -u option
+send from Unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the B<-u> option
 to uuencode the data before it is send to the VMS system.
-.SH AUTHOR
-.LP
+
+=head1 AUTHOR
+
 Eric Young (eay@cryptsoft.com)
+
+=cut
--- a/crypto/des/des_crypt.man
+++ b/crypto/des/des_crypt.man
@@ -1,508 +0,0 @@
-.TH DES_CRYPT 3 
-.SH NAME
-des_read_password, des_read_2password,
-des_string_to_key, des_string_to_2key, des_read_pw_string,
-des_random_key, des_set_key,
-des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
-des_3cbc_encrypt,
-des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
-des_cbc_cksum, des_quad_cksum,
-des_enc_read, des_enc_write, des_set_odd_parity,
-des_is_weak_key, crypt \- (non USA) DES encryption
-.SH SYNOPSIS
-.nf
-.nj
-.ft B
-#include <des.h>
-.PP
-.B int des_read_password(key,prompt,verify)
-des_cblock *key;
-char *prompt;
-int verify;
-.PP
-.B int des_read_2password(key1,key2,prompt,verify)
-des_cblock *key1,*key2;
-char *prompt;
-int verify;
-.PP
-.B int des_string_to_key(str,key)
-char *str;
-des_cblock *key;
-.PP
-.B int des_string_to_2keys(str,key1,key2)
-char *str;
-des_cblock *key1,*key2;
-.PP
-.B int des_read_pw_string(buf,length,prompt,verify)
-char *buf;
-int length;
-char *prompt;
-int verify;
-.PP
-.B int des_random_key(key)
-des_cblock *key;
-.PP
-.B int des_set_key(key,schedule)
-des_cblock *key;
-des_key_schedule schedule;
-.PP
-.B int des_key_sched(key,schedule)
-des_cblock *key;
-des_key_schedule schedule;
-.PP
-.B int des_ecb_encrypt(input,output,schedule,encrypt)
-des_cblock *input;
-des_cblock *output;
-des_key_schedule schedule;
-int encrypt;
-.PP
-.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
-des_cblock *input;
-des_cblock *output;
-des_key_schedule ks1,ks2;
-int encrypt;
-.PP
-.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule sk1;
-des_key_schedule sk2;
-des_cblock *ivec1;
-des_cblock *ivec2;
-int encrypt;
-.PP
-.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
-unsigned char *input;
-unsigned char *output;
-int numbits;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-int encrypt;
-.PP
-.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
-unsigned char *input,*output;
-int numbits;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-.PP
-.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
-des_cblock *input;
-des_cblock *output;
-long length;
-des_key_schedule schedule;
-des_cblock *ivec;
-.PP
-.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
-des_cblock *input;
-des_cblock *output;
-long length;
-int out_count;
-des_cblock *seed;
-.PP
-.B int des_check_key;
-.PP
-.B int des_enc_read(fd,buf,len,sched,iv)
-int fd;
-char *buf;
-int len;
-des_key_schedule sched;
-des_cblock *iv;
-.PP
-.B int des_enc_write(fd,buf,len,sched,iv)
-int fd;
-char *buf;
-int len;
-des_key_schedule sched;
-des_cblock *iv;
-.PP
-.B extern int des_rw_mode;
-.PP
-.B void des_set_odd_parity(key)
-des_cblock *key;
-.PP
-.B int des_is_weak_key(key)
-des_cblock *key;
-.PP
-.B char *crypt(passwd,salt)
-char *passwd;
-char *salt;
-.PP
-.fi
-.SH DESCRIPTION
-This library contains a fast implementation of the DES encryption
-algorithm.
-.PP
-There are two phases to the use of DES encryption.
-The first is the generation of a
-.I des_key_schedule
-from a key,
-the second is the actual encryption.
-A des key is of type
-.I des_cblock.
-This type is made from 8 characters with odd parity.
-The least significant bit in the character is the parity bit.
-The key schedule is an expanded form of the key; it is used to speed the
-encryption process.
-.PP
-.I des_read_password
-writes the string specified by prompt to the standard output,
-turns off echo and reads an input string from standard input
-until terminated with a newline.
-If verify is non-zero, it prompts and reads the input again and verifies
-that both entered passwords are the same.
-The entered string is converted into a des key by using the
-.I des_string_to_key
-routine.
-The new key is placed in the
-.I des_cblock
-that was passed (by reference) to the routine.
-If there were no errors,
-.I des_read_password
-returns 0,
-1 is returned if there was a terminal error and 1 is returned for
-any other error.
-.PP
-.I des_read_2password
-operates in the same way as
-.I des_read_password
-except that it generates 2 keys by using the
-.I des_string_to_2key
-function.
-.PP
-.I des_read_pw_string
-is called by
-.I des_read_password
-to read and verify a string from a terminal device.
-The string is returned in
-.I buf.
-The size of
-.I buf
-is passed to the routine via the
-.I length
-parameter.
-.PP
-.I des_string_to_key
-converts a string into a valid des key.
-.PP
-.I des_string_to_2key
-converts a string into 2 valid des keys.
-This routine is best suited for used to generate keys for use with
-.I des_ecb3_encrypt.
-.PP
-.I des_random_key
-returns a random key that is made of a combination of process id,
-time and an increasing counter.
-.PP
-Before a des key can be used it is converted into a
-.I des_key_schedule
-via the
-.I des_set_key
-routine.
-If the
-.I des_check_key
-flag is non-zero,
-.I des_set_key
-will check that the key passed is of odd parity and is not a week or
-semi-weak key.
-If the parity is wrong,
-then -1 is returned.
-If the key is a weak key,
-then -2 is returned.
-If an error is returned,
-the key schedule is not generated.
-.PP
-.I des_key_sched
-is another name for the
-.I des_set_key
-function.
-.PP
-The following routines mostly operate on an input and output stream of
-.I des_cblock's.
-.PP
-.I des_ecb_encrypt
-is the basic DES encryption routine that encrypts or decrypts a single 8-byte
-.I des_cblock
-in
-.I electronic code book
-mode.
-It always transforms the input data, pointed to by
-.I input,
-into the output data,
-pointed to by the
-.I output
-argument.
-If the
-.I encrypt
-argument is non-zero (DES_ENCRYPT),
-the
-.I input
-(cleartext) is encrypted in to the
-.I output
-(ciphertext) using the key_schedule specified by the
-.I schedule
-argument,
-previously set via
-.I des_set_key.
-If
-.I encrypt
-is zero (DES_DECRYPT),
-the
-.I input
-(now ciphertext)
-is decrypted into the
-.I output
-(now cleartext).
-Input and output may overlap.
-No meaningful value is returned.
-.PP
-.I des_ecb3_encrypt
-encrypts/decrypts the
-.I input
-block by using triple ecb DES encryption.
-This involves encrypting the input with 
-.I ks1,
-decryption with the key schedule
-.I ks2,
-and then encryption with the first again.
-This routine greatly reduces the chances of brute force breaking of
-DES and has the advantage of if
-.I ks1
-and
-.I ks2
-are the same, it is equivalent to just encryption using ecb mode and
-.I ks1
-as the key.
-.PP
-.I des_cbc_encrypt
-encrypts/decrypts using the
-.I cipher-block-chaining
-mode of DES.
-If the
-.I encrypt
-argument is non-zero,
-the routine cipher-block-chain encrypts the cleartext data pointed to by the
-.I input
-argument into the ciphertext pointed to by the
-.I output
-argument,
-using the key schedule provided by the
-.I schedule
-argument,
-and initialisation vector provided by the
-.I ivec
-argument.
-If the
-.I length
-argument is not an integral multiple of eight bytes, 
-the last block is copied to a temporary area and zero filled.
-The output is always
-an integral multiple of eight bytes.
-To make multiple cbc encrypt calls on a large amount of data appear to
-be one 
-.I des_cbc_encrypt
-call, the
-.I ivec
-of subsequent calls should be the last 8 bytes of the output.
-.PP
-.I des_3cbc_encrypt
-encrypts/decrypts the
-.I input
-block by using triple cbc DES encryption.
-This involves encrypting the input with key schedule
-.I ks1,
-decryption with the key schedule
-.I ks2,
-and then encryption with the first again.
-2 initialisation vectors are required,
-.I ivec1
-and
-.I ivec2.
-Unlike
-.I des_cbc_encrypt,
-these initialisation vectors are modified by the subroutine.
-This routine greatly reduces the chances of brute force breaking of
-DES and has the advantage of if
-.I ks1
-and
-.I ks2
-are the same, it is equivalent to just encryption using cbc mode and
-.I ks1
-as the key.
-.PP
-.I des_pcbc_encrypt
-encrypt/decrypts using a modified block chaining mode.
-It provides better error propagation characteristics than cbc
-encryption.
-.PP
-.I des_cfb_encrypt
-encrypt/decrypts using cipher feedback mode.  This method takes an
-array of characters as input and outputs and array of characters.  It
-does not require any padding to 8 character groups.  Note: the ivec
-variable is changed and the new changed value needs to be passed to
-the next call to this function.  Since this function runs a complete
-DES ecb encryption per numbits, this function is only suggested for
-use when sending small numbers of characters.
-.PP
-.I des_ofb_encrypt
-encrypt using output feedback mode.  This method takes an
-array of characters as input and outputs and array of characters.  It
-does not require any padding to 8 character groups.  Note: the ivec
-variable is changed and the new changed value needs to be passed to
-the next call to this function.  Since this function runs a complete
-DES ecb encryption per numbits, this function is only suggested for
-use when sending small numbers of characters.
-.PP
-.I des_cbc_cksum
-produces an 8 byte checksum based on the input stream (via cbc encryption).
-The last 4 bytes of the checksum is returned and the complete 8 bytes is
-placed in
-.I output.
-.PP
-.I des_quad_cksum
-returns a 4 byte checksum from the input bytes.
-The algorithm can be iterated over the input,
-depending on
-.I out_count,
-1, 2, 3 or 4 times.
-If
-.I output
-is non-NULL,
-the 8 bytes generated by each pass are written into
-.I output.
-.PP
-.I des_enc_write
-is used to write
-.I len
-bytes
-to file descriptor
-.I fd
-from buffer
-.I buf.
-The data is encrypted via
-.I pcbc_encrypt
-(default) using
-.I sched
-for the key and
-.I iv
-as a starting vector.
-The actual data send down
-.I fd
-consists of 4 bytes (in network byte order) containing the length of the
-following encrypted data.  The encrypted data then follows, padded with random
-data out to a multiple of 8 bytes.
-.PP
-.I des_enc_read
-is used to read
-.I len
-bytes
-from file descriptor
-.I fd
-into buffer
-.I buf.
-The data being read from
-.I fd
-is assumed to have come from
-.I des_enc_write
-and is decrypted using
-.I sched
-for the key schedule and
-.I iv
-for the initial vector.
-The
-.I des_enc_read/des_enc_write
-pair can be used to read/write to files, pipes and sockets.
-I have used them in implementing a version of rlogin in which all
-data is encrypted.
-.PP
-.I des_rw_mode
-is used to specify the encryption mode to use with 
-.I des_enc_read
-and 
-.I des_end_write.
-If set to
-.I DES_PCBC_MODE
-(the default), des_pcbc_encrypt is used.
-If set to
-.I DES_CBC_MODE
-des_cbc_encrypt is used.
-These two routines and the variable are not part of the normal MIT library.
-.PP
-.I des_set_odd_parity
-sets the parity of the passed
-.I key
-to odd.  This routine is not part of the standard MIT library.
-.PP
-.I des_is_weak_key
-returns 1 is the passed key is a weak key (pick again :-),
-0 if it is ok.
-This routine is not part of the standard MIT library.
-.PP
-.I crypt
-is a replacement for the normal system crypt.
-It is much faster than the system crypt.
-.PP
-.SH FILES
-/usr/include/des.h
-.br
-/usr/lib/libdes.a
-.PP
-The encryption routines have been tested on 16bit, 32bit and 64bit
-machines of various endian and even works under VMS.
-.PP
-.SH BUGS
-.PP
-If you think this manual is sparse,
-read the des_crypt(3) manual from the MIT kerberos (or bones outside
-of the USA) distribution.
-.PP
-.I des_cfb_encrypt
-and
-.I des_ofb_encrypt
-operates on input of 8 bits.  What this means is that if you set
-numbits to 12, and length to 2, the first 12 bits will come from the 1st
-input byte and the low half of the second input byte.  The second 12
-bits will have the low 8 bits taken from the 3rd input byte and the
-top 4 bits taken from the 4th input byte.  The same holds for output.
-This function has been implemented this way because most people will
-be using a multiple of 8 and because once you get into pulling bytes input
-bytes apart things get ugly!
-.PP
-.I des_read_pw_string
-is the most machine/OS dependent function and normally generates the
-most problems when porting this code.
-.PP
-.I des_string_to_key
-is probably different from the MIT version since there are lots
-of fun ways to implement one-way encryption of a text string.
-.PP
-The routines are optimised for 32 bit machines and so are not efficient
-on IBM PCs.
-.PP
-NOTE: extensive work has been done on this library since this document
-was origionally written.  Please try to read des.doc from the libdes
-distribution since it is far more upto date and documents more of the
-functions.  Libdes is now also being shipped as part of SSLeay, a
-general cryptographic library that amonst other things implements
-netscapes SSL protocoll.  The most recent version can be found in
-SSLeay distributions.
-.SH AUTHOR
-Eric Young (eay@cryptsoft.com)
--- a/Show More
+++ b/Show More