Add crossbuild patch to 1.2 FIPS branch.

This commit was manufactured by cvs2svn to create branch 'OpenSSL-fips-
1_2-stable'.
2011-09-25 15:51:57 +00:00 · 2007-10-05 17:35:29 +00:00 · 2007-10-05 17:35:26 +00:00 · 2007-10-05 13:14:55 +00:00 · 2007-09-22 12:43:13 +00:00 · 2007-09-21 18:05:25 +00:00
604 changed files with 54639 additions and 13449 deletions
--- a/727
+++ b/727
@@ -2,13 +2,573 @@
 OpenSSL CHANGES
 _______________
 Changes between 0.9.8e and 0.9.8f-fips  [xx XXX xxxx]
  *) Add option --with-fipslibdir to specify location of fipscanister.lib
     and friends. When combined with fips build option fipscanister.lib is
     not built but linked from the supplied directory. Always link fips
     utilities against fiscanister.lib only except in fipsdso builds.
     [Steve Henson]
  *) Add SSE2 instruction support to WIN32 build. These will be compiled
     by default and used if an appopriate CPU is detected. Some older versions
     of NASM or MASM which don't support SSE2 will need to be updated. 
     [Steve Henson]
  *) Tolerate DigestInfo structure with absent parameters in FIPS mode
     (as required by several standards).
     [Steve Henson]
  *) Enhance mkfipsscr.pl to cope with different directory layouts. It now
     relies on the filename and makes no assumptions about the pathname.
     In the case of PSS it scans the file to determine the salt length.
     Paths can be filtered. Also reports duplicate and missing files.
     [Steve Henson]
  *) Updates to WIN32 build system. Make use of AES assembly language routines.
     Use assembly language routines in FIPS compilation.
     [Steve Henson]
  *) Use standard implementations of SHAx, DES, AES under crypto/ in FIPS
     mode to avoid having to maintain two versions. This will also make use
     of appropriate assembly language optimizations.
     [Steve Henson]
  *) Check for selftest status in all crypto operations and exit with a
     fatal error if selftest failed.
     [Steve Henson]
  *) New flag in EVP_CIPHER: EVP_CIPH_FLAG_DEFAULT_ASN1. This will
     automatically use EVP_CIPHER_{get,set}_asn1_iv and avoid the
     need for any ASN1 dependencies in FIPS library. Move AES and 3DES
     cipher definitions to fips library and modify AES and 3DES algorithm
     tests and self tests to use EVP.
     [Steve Henson]
  *) Move EVP cipher code into enc_min.c to support a minimal implementation
     for use by FIPS applications.
     [Steve Henson]
  *) Add algorithm config module. Currently just handles setting FIPS mode.
     [Steve Henson]
  *) Rewrite self tests and pairwise tests to use EVP. Add more extensive
     self tests for RSA in all digests and modes.
     [Steve Henson]
  *) New flags RSA_FIPS_METHOD and DSA_FIPS_METHOD to indicate a method is
     allowed in FIPS mode. Disable direct low level RSA and DSA signature
     operations in FIPS mode so all operations have to be made via EVP.
     [Steve Henson]
  *) New flag EVP_MD_FLAG_SVCTX which passes EVP_MD_CTX and key to underlying
     sign/verify method. This permits the method to perform finalization
     and signing itself and have access to the EVP_MD_CTX structure in case
     additional parameters are needed. Modify fips_{dsa,rsa}_{sign,verify}
     to use EVP_MD_FLAG_SVCTX and support PSS and X9.31 RSA modes.
     Modify RSA algorithm test programs to use new parameters.
     [Steve Henson]
  *) Add small standalone ASN1 encoder/decoder to handle DSA signature format.
     Modify test, algorithm test and selftest routines to use EVP for DSA.
     Move FIPS implementation of EVP_sha*() and EVP_dss1() under fips-1.0.
     [Steve Henson]
  *) Modify VC++ build system to rename .text and .rdata segments in
     FIPS sources to .fipst${a,b,c}, and $fipsr${a,b,c} and place them
     in a static library fipscanister.lib using a perl script. These are
     then combined by the VC++ linker into a single segment in suffix
     order but without the suffix (i.e. .fipstx, .fipsrd and .fipsda).
     This serves the same purpose as fipscanister.o on other platforms
     but has the advantage that it can be created using only standard VC++
     utilities.
     [Steve Henson and Andy Polyakov]
  *) Modify WIN32 build system to forward references functions implemented
     in FIPS DLL. 
     [Steve Henson]
  *) Move error library so that all lhash dependencies are in a separate
     file. Include a simplified ERR_get_state() function for stand alone
     FIPS applications. Include a initialization function OPENSSL_init()
     to set all callbacks, automatically call OPENSSL_init() once when
     a cipher or digest is added. This should mean that almost all applications
     set the callbacks automatically. Exceptional cases can call OPENSSL_init()
     manually like this:
 #ifdef OPENSSL_HAVE_INIT
    OPENSSL_init();
 #endif
     before starting any threads.
     [Steve Henson]
  *) Collect common functions into header file "fips_utl.h".
     [Steve Henson]
  *) Only enable dynamic lock functionality in CRYPTO_lock() when it is really
     needed. Move some lock functionality into new file dyn_lck.c .
     This further reduces FIPS dependencies allowing the complete removal
     of STACK and OBJ_bsearch().
     [Steve Henson]
  *) Reduce FIPS test program dependencies by providing stand alone
     versions of some existing functions in libcrypto. Avoid use
     of BIOs by converting to system stdio. Move some functions in FIPS
     files: e.g. all use of BIO_printf().
     [Steve Henson]
  *) Modify build of libcrypto in FIPS mode by using a perl 
     script "arx.pl" which calls the archiver specifically
     excluding any FIPS dependencies in libcrypto.
     [Steve Henson]
  *) Port OpenSSL 0.9.7 FIPS code to 0.9.8. Convert to new
     Makefile form. Update Configure. Convert and update
     FIPS source files. Update libcrypto, libssl and apps
     with additional functionality from 0.9.7 FIPS code.
     Update Windows build system.
     [Steve Henson]
 Changes between 0.9.8e and 0.9.8f  [23 Feb 2007]
  *) Mitigate branch prediction attacks, which can be practical if a
     single processor is shared, allowing a spy process to extract
     information.  For detailed background information, see
     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
     and Necessary Software Countermeasures").  The core of the change
     are new versions BN_div_no_branch() and
     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
     respectively, which are slower, but avoid the security-relevant
     conditional branches.  These are automatically called by BN_div()
     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for the
     modulus.  Also, BN_is_bit_set() has been changed to remove a
     conditional branch.
     BN_FLG_CONSTTIME is the new name for the previous
     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
     in the exponent causes BN_mod_exp_mont() to use the alternative
     implementation in BN_mod_exp_mont_consttime().)  The old name
     remains as a deprecated alias.
     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
     constant-time implementations for more than just exponentiation.
     Here too the old name is kept as a deprecated alias.
     BN_BLINDING_new() will now use BN_dup() for the modulus so that
     the BN_BLINDING structure gets an independent copy of the
     modulus.  This means that the previous "BIGNUM *m" argument to
     BN_BLINDING_new() and to BN_BLINDING_create_param() now
     essentially becomes "const BIGNUM *m", although we can't actually
     change this in the header file before 0.9.9.  It allows
     RSA_setup_blinding() to use BN_with_flags() on the modulus to
     enable BN_FLG_CONSTTIME.
     [Matthew D Wood (Intel Corp)]
  *) Mitigate branch prediction attacks, which can be practical if a
     single processor is shared, allowing a spy process to extract
     information.  For detailed background information, see
     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
     and Necessary Software Countermeasures").  The core of the change
     are new versions BN_div_no_branch() and
     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
     respectively, which are slower, but avoid the security-relevant
     conditional branches.  These are automatically called by BN_div()
     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
     remove a conditional branch.
     BN_FLG_CONSTTIME is the new name for the previous
     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
     in the exponent causes BN_mod_exp_mont() to use the alternative
     implementation in BN_mod_exp_mont_consttime().)  The old name
     remains as a deprecated alias.
     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
     constant-time implementations for more than just exponentiation.
     Here too the old name is kept as a deprecated alias.
     BN_BLINDING_new() will now use BN_dup() for the modulus so that
     the BN_BLINDING structure gets an independent copy of the
     modulus.  This means that the previous "BIGNUM *m" argument to
     BN_BLINDING_new() and to BN_BLINDING_create_param() now
     essentially becomes "const BIGNUM *m", although we can't actually
     change this in the header file before 0.9.9.  It allows
     RSA_setup_blinding() to use BN_with_flags() on the modulus to
     enable BN_FLG_CONSTTIME.
     [Matthew D Wood (Intel Corp)]
  *) Add the Korean symmetric 128-bit cipher SEED (see
     http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
     add SEED ciphersuites from RFC 4162:
        TLS_RSA_WITH_SEED_CBC_SHA      =  "SEED-SHA"
        TLS_DHE_DSS_WITH_SEED_CBC_SHA  =  "DHE-DSS-SEED-SHA"
        TLS_DHE_RSA_WITH_SEED_CBC_SHA  =  "DHE-RSA-SEED-SHA"
        TLS_DH_anon_WITH_SEED_CBC_SHA  =  "ADH-SEED-SHA"
     To minimize changes between patchlevels in the OpenSSL 0.9.8
     series, SEED remains excluded from compilation unless OpenSSL
     is configured with 'enable-seed'.
     [KISA, Bodo Moeller]
  *) Mitigate branch prediction attacks, which can be practical if a
     single processor is shared, allowing a spy process to extract
     information.  For detailed background information, see
     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
     and Necessary Software Countermeasures").  The core of the change
     are new versions BN_div_no_branch() and
     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
     respectively, which are slower, but avoid the security-relevant
     conditional branches.  These are automatically called by BN_div()
     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
     remove a conditional branch.
     BN_FLG_CONSTTIME is the new name for the previous
     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
     in the exponent causes BN_mod_exp_mont() to use the alternative
     implementation in BN_mod_exp_mont_consttime().)  The old name
     remains as a deprecated alias.
     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
     constant-time implementations for more than just exponentiation.
     Here too the old name is kept as a deprecated alias.
     BN_BLINDING_new() will now use BN_dup() for the modulus so that
     the BN_BLINDING structure gets an independent copy of the
     modulus.  This means that the previous "BIGNUM *m" argument to
     BN_BLINDING_new() and to BN_BLINDING_create_param() now
     essentially becomes "const BIGNUM *m", although we can't actually
     change this in the header file before 0.9.9.  It allows
     RSA_setup_blinding() to use BN_with_flags() on the modulus to
     enable BN_FLG_CONSTTIME.
     [Matthew D Wood (Intel Corp)]
  *) Add the Korean symmetric 128-bit cipher SEED (see
     http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
     add SEED ciphersuites from RFC 4162:
        TLS_RSA_WITH_SEED_CBC_SHA      =  "SEED-SHA"
        TLS_DHE_DSS_WITH_SEED_CBC_SHA  =  "DHE-DSS-SEED-SHA"
        TLS_DHE_RSA_WITH_SEED_CBC_SHA  =  "DHE-RSA-SEED-SHA"
        TLS_DH_anon_WITH_SEED_CBC_SHA  =  "ADH-SEED-SHA"
     To minimize changes between patchlevels in the OpenSSL 0.9.8
     series, SEED remains excluded from compilation unless OpenSSL
     is configured with 'enable-seed'.
     [KISA, Bodo Moeller]
  *) Mitigate branch prediction attacks, which can be practical if a
     single processor is shared, allowing a spy process to extract
     information.  For detailed background information, see
     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
     and Necessary Software Countermeasures").  The core of the change
     are new versions BN_div_no_branch() and
     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
     respectively, which are slower, but avoid the security-relevant
     conditional branches.  These are automatically called by BN_div()
     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
     remove a conditional branch.
     BN_FLG_CONSTTIME is the new name for the previous
     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
     in the exponent causes BN_mod_exp_mont() to use the alternative
     implementation in BN_mod_exp_mont_consttime().)  The old name
     remains as a deprecated alias.
     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
     constant-time implementations for more than just exponentiation.
     Here too the old name is kept as a deprecated alias.
     BN_BLINDING_new() will now use BN_dup() for the modulus so that
     the BN_BLINDING structure gets an independent copy of the
     modulus.  This means that the previous "BIGNUM *m" argument to
     BN_BLINDING_new() and to BN_BLINDING_create_param() now
     essentially becomes "const BIGNUM *m", although we can't actually
     change this in the header file before 0.9.9.  It allows
     RSA_setup_blinding() to use BN_with_flags() on the modulus to
     enable BN_FLG_CONSTTIME.
     [Matthew D Wood (Intel Corp)]
  *) Squeeze another 10% out of IGE mode when in != out.
     [Ben Laurie]
  *) AES IGE mode speedup.
     [Dean Gaudet (Google)]
  *) Add the Korean symmetric 128-bit cipher SEED (see
     http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
     add SEED ciphersuites from RFC 4162:
        TLS_RSA_WITH_SEED_CBC_SHA      =  "SEED-SHA"
        TLS_DHE_DSS_WITH_SEED_CBC_SHA  =  "DHE-DSS-SEED-SHA"
        TLS_DHE_RSA_WITH_SEED_CBC_SHA  =  "DHE-RSA-SEED-SHA"
        TLS_DH_anon_WITH_SEED_CBC_SHA  =  "ADH-SEED-SHA"
     To minimize changes between patchlevels in the OpenSSL 0.9.8
     series, SEED remains excluded from compilation unless OpenSSL
     is configured with 'enable-seed'.
     [KISA, Bodo Moeller]
  *) Mitigate branch prediction attacks, which can be practical if a
     single processor is shared, allowing a spy process to extract
     information.  For detailed background information, see
     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
     and Necessary Software Countermeasures").  The core of the change
     are new versions BN_div_no_branch() and
     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
     respectively, which are slower, but avoid the security-relevant
     conditional branches.  These are automatically called by BN_div()
     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
     remove a conditional branch.
     BN_FLG_CONSTTIME is the new name for the previous
     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
     in the exponent causes BN_mod_exp_mont() to use the alternative
     implementation in BN_mod_exp_mont_consttime().)  The old name
     remains as a deprecated alias.
     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
     constant-time implementations for more than just exponentiation.
     Here too the old name is kept as a deprecated alias.
     BN_BLINDING_new() will now use BN_dup() for the modulus so that
     the BN_BLINDING structure gets an independent copy of the
     modulus.  This means that the previous "BIGNUM *m" argument to
     BN_BLINDING_new() and to BN_BLINDING_create_param() now
     essentially becomes "const BIGNUM *m", although we can't actually
     change this in the header file before 0.9.9.  It allows
     RSA_setup_blinding() to use BN_with_flags() on the modulus to
     enable BN_FLG_CONSTTIME.
     [Matthew D Wood (Intel Corp)]
  *) In the SSL/TLS server implementation, be strict about session ID
     context matching (which matters if an application uses a single
     external cache for different purposes).  Previously,
     out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
     set.  This did ensure strict client verification, but meant that,
     with applications using a single external cache for quite
     different requirements, clients could circumvent ciphersuite
     restrictions for a given session ID context by starting a session
     in a different context.
     [Bodo Moeller]
  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
     a ciphersuite string such as "DEFAULT:RSA" cannot enable
     authentication-only ciphersuites.
     [Bodo Moeller]
 Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
  *) Since AES128 and AES256 (and similarly Camellia128 and
     Camellia256) share a single mask bit in the logic of
     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
     kludge to work properly if AES128 is available and AES256 isn't
     (or if Camellia128 is available and Camellia256 isn't).
     [Victor Duchovni]
  *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
     (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
     When a point or a seed is encoded in a BIT STRING, we need to
     prevent the removal of trailing zero bits to get the proper DER
     encoding.  (By default, crypto/asn1/a_bitstr.c assumes the case
     of a NamedBitList, for which trailing 0 bits need to be removed.)
     [Bodo Moeller]
  *) Have SSL/TLS server implementation tolerate "mismatched" record
     protocol version while receiving ClientHello even if the
     ClientHello is fragmented.  (The server can't insist on the
     particular protocol version it has chosen before the ServerHello
     message has informed the client about his choice.)
     [Bodo Moeller]
  *) Add RFC 3779 support.
     [Rob Austein for ARIN, Ben Laurie]
  *) Load error codes if they are not already present instead of using a
     static variable. This allows them to be cleanly unloaded and reloaded.
     Improve header file function name parsing.
     [Steve Henson]
  *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
     or CAPABILITY handshake as required by RFCs.
     [Goetz Babin-Ebell]
 Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]
  *) Introduce limits to prevent malicious keys being able to
     cause a denial of service.  (CVE-2006-2940)
     [Steve Henson, Bodo Moeller]
  *) Fix ASN.1 parsing of certain invalid structures that can result
     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
  *) Fix SSL client code which could crash if connecting to a
     malicious SSLv2 server.  (CVE-2006-4343)
     [Tavis Ormandy and Will Drewry, Google Security Team]
  *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
     match only those.  Before that, "AES256-SHA" would be interpreted
     as a pattern and match "AES128-SHA" too (since AES128-SHA got
     the same strength classification in 0.9.7h) as we currently only
     have a single AES bit in the ciphersuite description bitmap.
     That change, however, also applied to ciphersuite strings such as
     "RC4-MD5" that intentionally matched multiple ciphersuites --
     namely, SSL 2.0 ciphersuites in addition to the more common ones
     from SSL 3.0/TLS 1.0.
     So we change the selection algorithm again: Naming an explicit
     ciphersuite selects this one ciphersuite, and any other similar
     ciphersuite (same bitmap) from *other* protocol versions.
     Thus, "RC4-MD5" again will properly select both the SSL 2.0
     ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
     Since SSL 2.0 does not have any ciphersuites for which the
     128/256 bit distinction would be relevant, this works for now.
     The proper fix will be to use different bits for AES128 and
     AES256, which would have avoided the problems from the beginning;
     however, bits are scarce, so we can only do this in a new release
     (not just a patchlevel) when we can change the SSL_CIPHER
     definition to split the single 'unsigned long mask' bitmap into
     multiple values to extend the available space.
     [Bodo Moeller]
 Changes between 0.9.8b and 0.9.8c  [05 Sep 2006]
  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
  *) Add AES IGE and biIGE modes.
     [Ben Laurie]
  *) Change the Unix randomness entropy gathering to use poll() when
     possible instead of select(), since the latter has some
     undesirable limitations.
     [Darryl Miles via Richard Levitte and Bodo Moeller]
  *) Disable "ECCdraft" ciphersuites more thoroughly.  Now special
     treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
     cannot be implicitly activated as part of, e.g., the "AES" alias.
     However, please upgrade to OpenSSL 0.9.9[-dev] for
     non-experimental use of the ECC ciphersuites to get TLS extension
     support, which is required for curve and point format negotiation
     to avoid potential handshake problems.
     [Bodo Moeller]
  *) Disable rogue ciphersuites:
      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
     The latter two were purportedly from
     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
     appear there.
     Also deactivate the remaining ciphersuites from
     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
     unofficial, and the ID has long expired.
     [Bodo Moeller]
  *) Fix RSA blinding Heisenbug (problems sometimes occured on
     dual-core machines) and other potential thread-safety issues.
     [Bodo Moeller]
  *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
     versions), which is now available for royalty-free use
     (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
     Also, add Camellia TLS ciphersuites from RFC 4132.
     To minimize changes between patchlevels in the OpenSSL 0.9.8
     series, Camellia remains excluded from compilation unless OpenSSL
     is configured with 'enable-camellia'.
     [NTT]
  *) Disable the padding bug check when compression is in use. The padding
     bug check assumes the first packet is of even length, this is not
     necessarily true if compresssion is enabled and can result in false
     positives causing handshake failure. The actual bug test is ancient
     code so it is hoped that implementations will either have fixed it by
     now or any which still have the bug do not support compression.
     [Steve Henson]
 Changes between 0.9.8a and 0.9.8b  [04 May 2006]
  *) When applying a cipher rule check to see if string match is an explicit
     cipher suite and only match that one cipher suite if it is.
     [Steve Henson]
  *) Link in manifests for VC++ if needed.
     [Austin Ziegler <halostatue@gmail.com>]
  *) Update support for ECC-based TLS ciphersuites according to
     draft-ietf-tls-ecc-12.txt with proposed changes (but without
     TLS extensions, which are supported starting with the 0.9.9
     branch, not in the OpenSSL 0.9.8 branch).
     [Douglas Stebila]
  *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
     opaque EVP_CIPHER_CTX handling.
     [Steve Henson]
  *) Fixes and enhancements to zlib compression code. We now only use
     "zlib1.dll" and use the default __cdecl calling convention on Win32
     to conform with the standards mentioned here:
           http://www.zlib.net/DLL_FAQ.txt
     Static zlib linking now works on Windows and the new --with-zlib-include
     --with-zlib-lib options to Configure can be used to supply the location
     of the headers and library. Gracefully handle case where zlib library
     can't be loaded.
     [Steve Henson]
  *) Several fixes and enhancements to the OID generation code. The old code
     sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
     handle numbers larger than ULONG_MAX, truncated printing and had a
     non standard OBJ_obj2txt() behaviour.
     [Steve Henson]
  *) Add support for building of engines under engine/ as shared libraries
     under VC++ build system.
     [Steve Henson]
  *) Corrected the numerous bugs in the Win32 path splitter in DSO.
     Hopefully, we will not see any false combination of paths any more.
     [Richard Levitte]
 Changes between 0.9.8 and 0.9.8a  [11 Oct 2005]
  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
     (part of SSL_OP_ALL).  This option used to disable the
     countermeasure against man-in-the-middle protocol-version
     rollback in the SSL 2.0 server implementation, which is a bad
-     idea.  (CAN-2005-2969)
+     idea.  (CVE-2005-2969)
     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
     for Information Security, National Institute of Advanced Industrial
@@ -41,6 +601,9 @@
 Changes between 0.9.7h and 0.9.8  [05 Jul 2005]
  [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
  OpenSSL 0.9.8.]
  *) Add libcrypto.pc and libssl.pc for those who feel they need them.
     [Richard Levitte]
@@ -858,13 +1421,145 @@
     differing sizes.
     [Richard Levitte]
 Changes between 0.9.7m and 0.9.7n  [xx XXX xxxx]
  *) In the SSL/TLS server implementation, be strict about session ID
     context matching (which matters if an application uses a single
     external cache for different purposes).  Previously,
     out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
     set.  This did ensure strict client verification, but meant that,
     with applications using a single external cache for quite
     different requirements, clients could circumvent ciphersuite
     restrictions for a given session ID context by starting a session
     in a different context.
     [Bodo Moeller]
 Changes between 0.9.7l and 0.9.7m  [23 Feb 2007]
  *) Cleanse PEM buffers before freeing them since they may contain 
     sensitive data.
     [Benjamin Bennett <ben@psc.edu>]
  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
     a ciphersuite string such as "DEFAULT:RSA" cannot enable
     authentication-only ciphersuites.
     [Bodo Moeller]
  *) Since AES128 and AES256 share a single mask bit in the logic of
     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
     kludge to work properly if AES128 is available and AES256 isn't.
     [Victor Duchovni]
  *) Expand security boundary to match 1.1.1 module.
     [Steve Henson]
  *) Remove redundant features: hash file source, editing of test vectors
     modify fipsld to use external fips_premain.c signature.
     [Steve Henson]
  *) New perl script mkfipsscr.pl to create shell scripts or batch files to
     run algorithm test programs.
     [Steve Henson]
  *) Make algorithm test programs more tolerant of whitespace.
     [Steve Henson]
  *) Have SSL/TLS server implementation tolerate "mismatched" record
     protocol version while receiving ClientHello even if the
     ClientHello is fragmented.  (The server can't insist on the
     particular protocol version it has chosen before the ServerHello
     message has informed the client about his choice.)
     [Bodo Moeller]
  *) Load error codes if they are not already present instead of using a
     static variable. This allows them to be cleanly unloaded and reloaded.
     [Steve Henson]
 Changes between 0.9.7k and 0.9.7l  [28 Sep 2006]
  *) Introduce limits to prevent malicious keys being able to
     cause a denial of service.  (CVE-2006-2940)
     [Steve Henson, Bodo Moeller]
  *) Fix ASN.1 parsing of certain invalid structures that can result
     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
  *) Fix SSL client code which could crash if connecting to a
     malicious SSLv2 server.  (CVE-2006-4343)
     [Tavis Ormandy and Will Drewry, Google Security Team]
  *) Change ciphersuite string processing so that an explicit
     ciphersuite selects this one ciphersuite (so that "AES256-SHA"
     will no longer include "AES128-SHA"), and any other similar
     ciphersuite (same bitmap) from *other* protocol versions (so that
     "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
     SSL 3.0/TLS 1.0 ciphersuite).  This is a backport combining
     changes from 0.9.8b and 0.9.8d.
     [Bodo Moeller]
 Changes between 0.9.7j and 0.9.7k  [05 Sep 2006]
  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
  *) Change the Unix randomness entropy gathering to use poll() when
     possible instead of select(), since the latter has some
     undesirable limitations.
     [Darryl Miles via Richard Levitte and Bodo Moeller]
  *) Disable rogue ciphersuites:
      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
     The latter two were purportedly from
     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
     appear there.
     Also deactive the remaining ciphersuites from
     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
     unofficial, and the ID has long expired.
     [Bodo Moeller]
  *) Fix RSA blinding Heisenbug (problems sometimes occured on
     dual-core machines) and other potential thread-safety issues.
     [Bodo Moeller]
 Changes between 0.9.7i and 0.9.7j  [04 May 2006]
  *) Adapt fipsld and the build system to link against the validated FIPS
     module in FIPS mode.
     [Steve Henson]
  *) Fixes for VC++ 2005 build under Windows.
     [Steve Henson]
  *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make 
     from a Windows bash shell such as MSYS. It is autodetected from the
     "config" script when run from a VC++ environment. Modify standard VC++
     build to use fipscanister.o from the GNU make build. 
     [Steve Henson]
 Changes between 0.9.7h and 0.9.7i  [14 Oct 2005]
  *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
     The value now differs depending on if you build for FIPS or not.
     BEWARE!  A program linked with a shared FIPSed libcrypto can't be
     safely run with a non-FIPSed libcrypto, as it may crash because of
     the difference induced by this change.
     [Andy Polyakov]
 Changes between 0.9.7g and 0.9.7h  [11 Oct 2005]
  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
     (part of SSL_OP_ALL).  This option used to disable the
     countermeasure against man-in-the-middle protocol-version
     rollback in the SSL 2.0 server implementation, which is a bad
-     idea.
+     idea.  (CVE-2005-2969)
     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
     for Information Security, National Institute of Advanced Industrial
@@ -1029,11 +1724,11 @@
 Changes between 0.9.7c and 0.9.7d  [17 Mar 2004]
  *) Fix null-pointer assignment in do_change_cipher_spec() revealed           
-     by using the Codenomicon TLS Test Tool (CAN-2004-0079)                    
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)                    
     [Joe Orton, Steve Henson]   
  *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
-     (CAN-2004-0112)
+     (CVE-2004-0112)
     [Joe Orton, Steve Henson]   
  *) Make it possible to have multiple active certificates with the same
@@ -1076,9 +1771,9 @@
  *) Fix various bugs revealed by running the NISCC test suite:
     Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CAN-2003-0543 and CAN-2003-0544).
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
-     Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
+     Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
     If verify callback ignores invalid public key errors don't try to check
     certificate signature with the NULL public key.
@@ -1163,7 +1858,7 @@
     via timing by performing a MAC computation even if incorrrect
     block cipher padding has been found.  This is a countermeasure
     against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
+     between bad padding and a MAC verification error. (CVE-2003-0078)
     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -1380,7 +2075,7 @@
     Remote buffer overflow in SSL3 protocol - an attacker could
     supply an oversized master key in Kerberos-enabled versions.
-     (CAN-2002-0657)
+     (CVE-2002-0657)
     [Ben Laurie (CHATS)]
  *) Change the SSL kerb5 codes to match RFC 2712.
@@ -3064,7 +3759,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 Changes between 0.9.6l and 0.9.6m  [17 Mar 2004]
  *) Fix null-pointer assignment in do_change_cipher_spec() revealed
-     by using the Codenomicon TLS Test Tool (CAN-2004-0079)
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)
     [Joe Orton, Steve Henson]
 Changes between 0.9.6k and 0.9.6l  [04 Nov 2003]
@@ -3072,7 +3767,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  *) Fix additional bug revealed by the NISCC test suite:
     Stop bug triggering large recursion when presented with
-     certain ASN.1 tags (CAN-2003-0851)
+     certain ASN.1 tags (CVE-2003-0851)
     [Steve Henson]
 Changes between 0.9.6j and 0.9.6k  [30 Sep 2003]
@@ -3080,7 +3775,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  *) Fix various bugs revealed by running the NISCC test suite:
     Stop out of bounds reads in the ASN1 code when presented with
-     invalid tags (CAN-2003-0543 and CAN-2003-0544).
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
     If verify callback ignores invalid public key errors don't try to check
     certificate signature with the NULL public key.
@@ -3132,7 +3827,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
     via timing by performing a MAC computation even if incorrrect
     block cipher padding has been found.  This is a countermeasure
     against active attacks where the attacker has to distinguish
-     between bad padding and a MAC verification error. (CAN-2003-0078)
+     between bad padding and a MAC verification error. (CVE-2003-0078)
     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
@@ -3265,7 +3960,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  *) Add various sanity checks to asn1_get_length() to reject
     the ASN1 length bytes if they exceed sizeof(long), will appear
     negative or the content length exceeds the length of the
-     supplied buffer. (CAN-2002-0659)
+     supplied buffer. (CVE-2002-0659)
     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
  *) Assertions for various potential buffer overflows, not known to
@@ -3273,15 +3968,15 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
     [Ben Laurie (CHATS)]
  *) Various temporary buffers to hold ASCII versions of integers were
-     too small for 64 bit platforms. (CAN-2002-0655)
+     too small for 64 bit platforms. (CVE-2002-0655)
     [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
  *) Remote buffer overflow in SSL3 protocol - an attacker could
-     supply an oversized session ID to a client. (CAN-2002-0656)
+     supply an oversized session ID to a client. (CVE-2002-0656)
     [Ben Laurie (CHATS)]
  *) Remote buffer overflow in SSL2 protocol - an attacker could
-     supply an oversized client master key. (CAN-2002-0656)
+     supply an oversized client master key. (CVE-2002-0656)
     [Ben Laurie (CHATS)]
 Changes between 0.9.6c and 0.9.6d  [9 May 2002]
--- a/366
+++ b/366
@@ -6,7 +6,9 @@ eval 'exec perl -S $0 ${1+"$@"}'
 ##
 require 5.000;
-use strict;
+eval 'use strict;';
 print STDERR "Warning: perl module strict not found.\n" if ($@);
 # see INSTALL for instructions.
@@ -114,15 +116,17 @@ my $tlib="-lnsl -lsocket";
 my $bits1="THIRTY_TWO_BIT ";
 my $bits2="SIXTY_FOUR_BIT ";
-my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o:rm86-elf.o:r586-elf.o";
+my $x86_elf_asm="x86cpuid-elf.o:bn86-elf.o co86-elf.o mo86-elf.o:dx86-elf.o yx86-elf.o:ax86-elf.o:bx86-elf.o:mx86-elf.o:sx86-elf.o s512sse2-elf.o:cx86-elf.o:rx86-elf.o:rm86-elf.o:r586-elf.o";
-my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:rm86-cof.o:r586-cof.o";
+my $x86_coff_asm="x86cpuid-cof.o:bn86-cof.o co86-cof.o mo86-cof.o:dx86-cof.o yx86-cof.o:ax86-cof.o:bx86-cof.o:mx86-cof.o:sx86-cof.o s512sse2-cof.o:cx86-cof.o:rx86-cof.o:rm86-cof.o:r586-cof.o";
-my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
+my $x86_out_asm="x86cpuid-out.o:bn86-out.o co86-out.o mo86-out.o:dx86-out.o yx86-out.o:ax86-out.o:bx86-out.o:mx86-out.o:sx86-out.o s512sse2-out.o:cx86-out.o:rx86-out.o:rm86-out.o:r586-out.o";
-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o::::md5-x86_64.o:::rc4-x86_64.o::";
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o::";
 my $ia64_asm=":bn-ia64.o::aes_core.o aes_cbc.o aes-ia64.o:::sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o::";
 my $no_asm="::::::::::";
 my $ia64_asm=$no_asm;
 my $s390x_asm=$no_asm;
 # As for $BSDthreads. Idea is to maintain "collective" set of flags,
 # which would cover all BSD flavors. -pthread applies to them all, 
 # but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
@@ -155,7 +159,7 @@ my %table=(
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-bodo",	"gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
-"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
+"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -m32 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared",
 "debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT:${no_asm}:dlfcn:linux-shared",
 "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -195,29 +199,29 @@ my %table=(
 #### Solaris x86 with Sun C setups
 "solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${no_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
-"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 ####
-"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### SPARC Solaris with Sun C setups
 # SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
 # SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
 # SC5.0 note: Compiler common patch 107357-01 or later is required!
 "solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs",
 ####
-"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8.o::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR::sparcv8plus.o::::md5-sparcv8plus.o::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
 #### SunOS configs, assuming sparc for the gcc one.
 #"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
@@ -230,11 +234,11 @@ my %table=(
 #### IRIX 6.x configs
 # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
 # './Configure irix-cc -o32' manually.
-"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${no_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT::bn-mips3.o::::::::::dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${no_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # N64 ABI builds.
-"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${no_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG::bn-mips3.o::::::::::dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${no_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### Unified HP-UX ANSI C configs.
 # Special notes:
@@ -267,8 +271,8 @@ my %table=(
 # Since there is mention of this in shlib/hpux10-cc.sh
 "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1::pa-risc2.o::::::::::dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
@@ -276,8 +280,8 @@ my %table=(
 # Kevin Steves <ks@hp.se>
 "hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux-parisc1_0-cc","cc:+DAportable +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2.o::::::::::dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o::::::::::dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # HP/UX IA-64 targets
 "hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -285,7 +289,7 @@ my %table=(
 # with debugging of the following config.
 "hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # GCC builds...
-"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT::bn-ia64.o::aes-ia64.o:::sha256-ia64.o sha512-ia64.o::rc4-ia64.o:::dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
 # Legacy HPUX 9.X configs...
@@ -314,28 +318,28 @@ my %table=(
 # *-generic* is endian-neutral target, but ./config is free to
 # throw in -D[BL]_ENDIAN, whichever appropriate...
 "linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### IA-32 targets...
 "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 ####
 "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# -bpowerpc64-linux is transient option, -m64 should be the one to use...
+"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${no_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ppc64",	"gcc:-bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc64.o::::::::::dlfcn:linux-shared:-fPIC:-bpowerpc64-linux:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "linux-s390x",  "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### SPARC Linux setups
 # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
 # assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # it's a real mess with -mcpu=ultrasparc option under Linux, but
 # -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::sparcv8plus.o:des_enc-sparc.o fcrypt_b.o:::md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # GCC 3.1 is a requirement
-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 #### Alpha Linux with GNU C and Compaq C setups
 # Special notes:
 # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
@@ -359,13 +363,13 @@ my %table=(
 "BSD-x86",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::sparcv8.o:des_enc-sparc.o fcrypt_b.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
 # simply *happens* to work around a compiler bug in gcc 3.3.3,
 # triggered by RIPEMD160 code.
-"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:::des_enc-sparc.o fcrypt_b.o:::md5-sparcv9.o::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "BSD-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "BSD-x86_64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -403,11 +407,12 @@ my %table=(
 #### IBM's AIX.
 "aix3-cc",  "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
-"aix-gcc",  "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:",
+"aix-gcc",  "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${no_asm}:dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
 "aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${no_asm}:dlfcn:aix-shared::-maix64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
 # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
 # at build time. $OBJECT_MODE is respected at ./config stage!
-"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${no_asm}:dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
-"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${no_asm}:dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
 #
 # Cray T90 and similar (SDSC)
@@ -499,9 +504,9 @@ my %table=(
 ##### MacOS X (a.k.a. Rhapsody or Darwin) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
-"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common -DB_ENDIAN::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::darwin-shared:-fPIC:-dunamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o:::::::::::darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
 ##### A/UX
 "aux3-gcc","gcc:-O2 -DTERMIO::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -561,12 +566,19 @@ my $idx_arflags = $idx++;
 my $prefix="";
 my $openssldir="";
 my $exe_ext="";
-my $install_prefix="";
+my $install_prefix="$ENV{'INSTALL_PREFIX'}";
 my $cross_compile_prefix="$ENV{'CROSS_COMPILE'}";
 my $fipslibdir="/usr/local/ssl/lib/fips-1.0/";
 my $nofipscanistercheck=0;
 my $fipsdso=0;
 my $fipscanisterinternal="n";
 my $baseaddr="0xFB00000";
 my $no_threads=0;
 my $threads=0;
 my $no_shared=0; # but "no-shared" is default
 my $zlib=1;      # but "no-zlib" is default
 my $no_krb5=0;   # but "no-krb5" is implied unless "--with-krb5-..." is used
 my $no_rfc3779=1; # but "no-rfc3779" is default
 my $no_asm=0;
 my $no_dso=0;
 my $no_gmp=0;
@@ -583,6 +595,7 @@ my $rc2	="crypto/rc2/rc2.h";
 my $bf	="crypto/bf/bf_locl.h";
 my $bn_asm	="bn_asm.o";
 my $des_enc="des_enc.o fcrypt_b.o";
 my $fips_des_enc="fips_des_enc.o";
 my $aes_enc="aes_core.o aes_cbc.o";
 my $bf_enc	="bf_enc.o";
 my $cast_enc="c_enc.o";
@@ -594,14 +607,18 @@ my $rmd160_obj="";
 my $processor="";
 my $default_ranlib;
 my $perl;
 my $fips=0;
 # All of the following is disabled by default (RC5 was enabled before 0.9.8):
 my %disabled = ( # "what"         => "comment"
-		 "gmp"		  => "default",
+                 "camellia"       => "default",
                 "gmp"            => "default",
                 "mdc2"           => "default",
                 "rc5"            => "default",
                 "rfc3779"        => "default",
                 "seed"           => "default",
                 "shared"         => "default",
                 "zlib"           => "default",
                 "zlib-dynamic"   => "default"
@@ -612,7 +629,7 @@ my %disabled = ( # "what"         => "comment"
 # For symmetry, "disable-..." is a synonym for "no-...".
 # This is what $depflags will look like with the above default:
-my $default_depflags = "-DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 ";
+my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED ";
 my $no_sse2=0;
@@ -696,7 +713,7 @@ PROCESS_ARGS:
 				{
 				while (<IN>)
 					{
-					chop;
+					chomp;
 					if (/^CONFIGURE_ARGS=(.*)/)
 						{
 						$argvstring=$1;
@@ -715,12 +732,36 @@ PROCESS_ARGS:
 			}
 		elsif (/^386$/)
 			{ $processor=386; }
 		elsif (/^fips$/)
 			{
 			$fips=1;
 		        }
 		elsif (/^rsaref$/)
 			{
 			# No RSAref support any more since it's not needed.
 			# The check for the option is there so scripts aren't
 			# broken
 			}
 		elsif (/^nofipscanistercheck$/)
 			{
 			$fips = 1;
 			$nofipscanistercheck = 1;
 			}
 		elsif (/^fipscanisterbuild$/)
 			{
 			$fips = 1;
 			$nofipscanistercheck = 1;
 			$fipslibdir="";
 			$fipscanisterinternal="y";
 			}
 		elsif (/^fipsdso$/)
 			{
 			$fips = 1;
 			$nofipscanistercheck = 1;
 			$fipslibdir="";
 			$fipscanisterinternal="y";
 			$fipsdso = 1;
 			}
 		elsif (/^[-+]/)
 			{
 			if (/^-[lL](.*)$/)
@@ -747,6 +788,22 @@ PROCESS_ARGS:
 				{
 				$withargs{"krb5-".$1}=$2;
 				}
 			elsif (/^--with-zlib-lib=(.*)$/)
 				{
 				$withargs{"zlib-lib"}=$1;
 				}
 			elsif (/^--with-zlib-include=(.*)$/)
 				{
 				$withargs{"zlib-include"}="-I$1";
 				}
 			elsif (/^--with-fipslibdir=(.*)$/)
 				{
 				$fipslibdir="$1/";
 				}
 			elsif (/^--with-baseaddr=(.*)$/)
 				{
 				$baseaddr="$1";
 				}
 			else
 				{
 				print STDERR $usage;
@@ -850,6 +907,41 @@ print "Configuring for $target\n";
 &usage if (!defined($table{$target}));
 my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
 my $cc = $fields[$idx_cc];
 my $cflags = $fields[$idx_cflags];
 my $unistd = $fields[$idx_unistd];
 my $thread_cflag = $fields[$idx_thread_cflag];
 my $sys_id = $fields[$idx_sys_id];
 my $lflags = $fields[$idx_lflags];
 my $bn_ops = $fields[$idx_bn_ops];
 my $cpuid_obj = $fields[$idx_cpuid_obj];
 my $bn_obj = $fields[$idx_bn_obj];
 my $des_obj = $fields[$idx_des_obj];
 my $aes_obj = $fields[$idx_aes_obj];
 my $bf_obj = $fields[$idx_bf_obj];
 my $md5_obj = $fields[$idx_md5_obj];
 my $sha1_obj = $fields[$idx_sha1_obj];
 my $cast_obj = $fields[$idx_cast_obj];
 my $rc4_obj = $fields[$idx_rc4_obj];
 my $rmd160_obj = $fields[$idx_rmd160_obj];
 my $rc5_obj = $fields[$idx_rc5_obj];
 my $dso_scheme = $fields[$idx_dso_scheme];
 my $shared_target = $fields[$idx_shared_target];
 my $shared_cflag = $fields[$idx_shared_cflag];
 my $shared_ldflag = $fields[$idx_shared_ldflag];
 my $shared_extension = $fields[$idx_shared_extension];
 my $ranlib = $fields[$idx_ranlib];
 my $arflags = $fields[$idx_arflags];
 if ($fips)
 	{
 	delete $disabled{"shared"} if ($disabled{"shared"} eq "default");
 	$disabled{"asm"}="forced"
 		if ($target !~ "VC\-.*" &&
 		    "$cpuid_obj:$bn_obj:$aes_obj:$des_obj:$sha1_obj" eq "::::");
 	}
 foreach (sort (keys %disabled))
 	{
@@ -865,6 +957,8 @@ foreach (sort (keys %disabled))
 		{ $no_shared = 1; }
 	elsif (/^zlib$/)
 		{ $zlib = 0; }
 	elsif (/^static-engine$/)
 		{ }
 	elsif (/^zlib-dynamic$/)
 		{ }
 	elsif (/^symlinks$/)
@@ -907,11 +1001,23 @@ foreach (sort (keys %disabled))
 my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
-$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin");
+$IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys());
 $no_shared = 0 if ($fipsdso && !$IsMK1MF);
 $exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
 $exe_ext=".pm"  if ($target =~ /vos/);
-$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
+if ($openssldir eq "" and $prefix eq "")
 	{
 	if ($fips)
 		{
 		$openssldir="/usr/local/ssl/fips-1.0";
 		}
 	else
 		{
 		$openssldir="/usr/local/ssl";
 		}
 	}
 $prefix=$openssldir if $prefix eq "";
 $default_ranlib= &which("ranlib") or $default_ranlib="true";
@@ -927,32 +1033,10 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/]
 print "IsMK1MF=$IsMK1MF\n";
-my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+# '%' in $lflags is used to split flags to "pre-" and post-flags
-my $cc = $fields[$idx_cc];
+my ($prelflags,$postlflags)=split('%',$lflags);
-my $cflags = $fields[$idx_cflags];
+if (defined($postlflags))	{ $lflags=$postlflags;  }
-my $unistd = $fields[$idx_unistd];
+else				{ $lflags=$prelflags; undef $prelflags; }
 my $thread_cflag = $fields[$idx_thread_cflag];
 my $sys_id = $fields[$idx_sys_id];
 my $lflags = $fields[$idx_lflags];
 my $bn_ops = $fields[$idx_bn_ops];
 my $cpuid_obj = $fields[$idx_cpuid_obj];
 my $bn_obj = $fields[$idx_bn_obj];
 my $des_obj = $fields[$idx_des_obj];
 my $aes_obj = $fields[$idx_aes_obj];
 my $bf_obj = $fields[$idx_bf_obj];
 my $md5_obj = $fields[$idx_md5_obj];
 my $sha1_obj = $fields[$idx_sha1_obj];
 my $cast_obj = $fields[$idx_cast_obj];
 my $rc4_obj = $fields[$idx_rc4_obj];
 my $rmd160_obj = $fields[$idx_rmd160_obj];
 my $rc5_obj = $fields[$idx_rc5_obj];
 my $dso_scheme = $fields[$idx_dso_scheme];
 my $shared_target = $fields[$idx_shared_target];
 my $shared_cflag = $fields[$idx_shared_cflag];
 my $shared_ldflag = $fields[$idx_shared_ldflag];
 my $shared_extension = $fields[$idx_shared_extension];
 my $ranlib = $fields[$idx_ranlib];
 my $arflags = $fields[$idx_arflags];
 my $no_shared_warn=0;
 my $no_user_cflags=0;
@@ -1082,6 +1166,8 @@ if ($no_asm)
 	{
 	$cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj="";
 	$sha1_obj=$md5_obj=$rmd160_obj="";
 	$cflags=~s/\-D[BL]_ENDIAN//		if ($fips);
 	$thread_cflags=~s/\-D[BL]_ENDIAN//	if ($fips);
 	}
 if (!$no_shared)
@@ -1112,7 +1198,7 @@ if ($zlib)
 my $shared_mark = "";
 if ($shared_target eq "")
 	{
-	$no_shared_warn = 1 if !$no_shared;
+	$no_shared_warn = 1 if !$no_shared && !$fips;
 	$no_shared = 1;
 	}
 if (!$no_shared)
@@ -1123,22 +1209,32 @@ if (!$no_shared)
 		}
 	}
-if ($no_shared)
+if (!$IsMK1MF)
 	{
-	$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
+	if ($no_shared)
-	}
+		{
-else
+		$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
-	{
+		}
-	$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+	else
 		{
 		$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
 		}
 	}
 $cpuid_obj.=" uplink.o uplink-cof.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
-# Compiler fix-ups
+
-if ($target =~ /icc$/)
+#
 # Platform fix-ups
 #
 if ($target =~ /\-icc$/)	# Intel C compiler
 	{
-	my($iccver)=`$cc -V 2>&1`;
+	my $iccver=0;
-	if ($iccver =~ /Version ([0-9]+)\./)	{ $iccver=$1; }
+	if (open(FD,"$cc -V 2>&1 |"))
-	else					{ $iccver=0;  }
+		{
 		while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
 		close(FD);
 		}
 	if ($iccver>=8)
 		{
 		# Eliminate unnecessary dependency from libirc.a. This is
@@ -1146,6 +1242,28 @@ if ($target =~ /icc$/)
 		# apps/openssl can end up in endless loop upon startup...
 		$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
 		}
 	if ($iccver>=9)
 		{
 		$cflags.=" -i-static";
 		$cflags=~s/\-no_cpprt/-no-cpprt/;
 		}
 	if ($iccver>=10)
 		{
 		$cflags=~s/\-i\-static/-static-intel/;
 		}
 	}
 # Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
 # linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
 # .so objects. Apparently application RPATH is not global and does
 # not apply to .so linked with other .so. Problem manifests itself
 # when libssl.so fails to load libcrypto.so. One can argue that we
 # should engrave this into Makefile.shared rules or into BSD-* config
 # lines above. Meanwhile let's try to be cautious and pass -rpath to
 # linker only when --prefix is not /usr.
 if ($target =~ /^BSD\-/)
 	{
 	$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
 	}
 if ($sys_id ne "")
@@ -1171,6 +1289,13 @@ $bn_obj = $bn_asm unless $bn_obj ne "";
 $cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/);
 $cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/);
 $cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /\-mont|mo86\-/);
 if ($fips)
 	{
 	$openssl_other_defines.="#define OPENSSL_FIPS\n";
 	}
 $des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
 $bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
 $cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
@@ -1182,7 +1307,7 @@ if ($sha1_obj =~ /\.o$/)
 	$cflags.=" -DSHA1_ASM"   if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
 	$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
 	$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
-	if ($sha1_obj =~ /x86/)
+	if ($sha1_obj =~ /sse2/)
 	    {	if ($no_sse2)
 		{   $sha1_obj =~ s/\S*sse2\S+//;        }
 		elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
@@ -1250,7 +1375,7 @@ print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
 my $sdirs=0;
 while (<IN>)
 	{
-	chop;
+	chomp;
 	$sdirs = 1 if /^SDIRS=/;
 	if ($sdirs) {
 		my $dir;
@@ -1273,10 +1398,20 @@ while (<IN>)
 	s/^PLATFORM=.*$/PLATFORM=$target/;
 	s/^OPTIONS=.*$/OPTIONS=$options/;
 	s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
-	s/^CC=.*$/CC= $cc/;
+	if ($cross_compile_prefix)
 		{
 		s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
 		s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
 		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
 		}
 	else	{
 		s/^CC=.*$/CC= $cc/;
 		s/^RANLIB=.*/RANLIB= $ranlib/;
 		}
 	s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
 	s/^CFLAG=.*$/CFLAG= $cflags/;
 	s/^DEPFLAG=.*$/DEPFLAG= $depflags/;
 	s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
 	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
 	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
 	s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
@@ -1291,14 +1426,30 @@ while (<IN>)
 	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
 	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
 	s/^PROCESSOR=.*/PROCESSOR= $processor/;
 	s/^RANLIB=.*/RANLIB= $ranlib/;
 	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
 	s/^PERL=.*/PERL= $perl/;
 	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
 	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
 	s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
 	s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
 	s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
 	if ($fipsdso)
 		{
 		s/^FIPSCANLIB=.*/FIPSCANLIB=libfips/;
 		s/^SHARED_FIPS=.*/SHARED_FIPS=libfips\$(SHLIB_EXT)/;
 		s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl fips/;
 		}
 	else
 		{
 		s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
 		s/^SHARED_FIPS=.*/SHARED_FIPS=/;
 		s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/;
 		}
 	s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/;
 	s/^BASEADDR=.*/BASEADDR=$baseaddr/;
 	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
 	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
-	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
+	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_FIPS) \$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
 	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
 		{
 		my $sotmp = $1;
@@ -1593,9 +1744,16 @@ BEGIN
    BEGIN
 	BLOCK "040904b0"
 	BEGIN
 #if defined(FIPS)
 	    VALUE "Comments", "WARNING: TEST VERSION ONLY ***NOT*** FIPS 140-2 VALIDATED.\\0"
 #endif
 	    // Required:	    
 	    VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
 #if defined(FIPS)
 	    VALUE "FileDescription", "TEST UNVALIDATED FIPS140-2 DLL\\0"
 #else
 	    VALUE "FileDescription", "OpenSSL Shared Library\\0"
 #endif
 	    VALUE "FileVersion", "$version\\0"
 #if defined(CRYPTO)
 	    VALUE "InternalName", "libeay32\\0"
@@ -1603,12 +1761,15 @@ BEGIN
 #elif defined(SSL)
 	    VALUE "InternalName", "ssleay32\\0"
 	    VALUE "OriginalFilename", "ssleay32.dll\\0"
 #elif defined(FIPS)
 	    VALUE "InternalName", "libosslfips\\0"
 	    VALUE "OriginalFilename", "libosslfips.dll\\0"
 #endif
 	    VALUE "ProductName", "The OpenSSL Toolkit\\0"
 	    VALUE "ProductVersion", "$version\\0"
 	    // Optional:
 	    //VALUE "Comments", "\\0"
-	    VALUE "LegalCopyright", "Copyright <20> 1998-2005 The OpenSSL Project. Copyright <20> 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+	    VALUE "LegalCopyright", "Copyright <20> 1998-2007 The OpenSSL Project. Copyright <20> 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
 	    //VALUE "LegalTrademarks", "\\0"
 	    //VALUE "PrivateBuild", "\\0"
 	    //VALUE "SpecialBuild", "\\0"
@@ -1645,6 +1806,21 @@ libraries on this platform, they will at least look at it and try their best
 (but please first make sure you have tried with a current version of OpenSSL).
 EOF
 print <<\EOF if ($fipscanisterinternal eq "y");
 WARNING: OpenSSL has been configured using unsupported option(s) to internally
 generate a fipscanister.o object module for TESTING PURPOSES ONLY; that
 compiled module is NOT FIPS 140-2 validated and CANNOT be used to replace the
 OpenSSL FIPS Object Module as identified by the CMVP
 (http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS
 140-2 validated software. 
 This is an OpenSSL 0.9.8-fips test version.
 See the file README.FIPS for details of how to build a test library.
 EOF
 exit(0);
 sub usage
@@ -1790,3 +1966,11 @@ sub test_sanity
 	print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
 	return $errorcnt;
 	}
 # Attempt to detect MSYS environment
 sub is_msys
 	{
 	return 1 if (exists $ENV{"TERM"} && $ENV{"TERM"} eq "msys");
 	return 0;
 	}
--- a/77
+++ b/77
@@ -31,6 +31,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why does my browser give a warning about a mismatched hostname?
 * How do I install a CA certificate into a browser?
 * Why is OpenSSL x509 DN output not conformant to RFC2253?
 * What is a "128 bit certificate"? Can I create one with OpenSSL?
 [BUILD] Questions about building and testing OpenSSL
@@ -48,6 +49,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
 * Why does the OpenSSL test suite fail in sha512t on x86 CPU?
 * Why does compiler fail to compile sha512.c?
 * Test suite still fails, what to do?
 [PROG] Questions about programming with OpenSSL
@@ -72,7 +74,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.8a was released on October 11th, 2005.
+OpenSSL 0.9.8e was released on February 23rd, 2007.
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -386,6 +388,43 @@ interface, the "-nameopt" option could be introduded. See the manual
 page of the "openssl x509" commandline tool for details. The old behaviour
 has however been left as default for the sake of compatibility.
 * What is a "128 bit certificate"? Can I create one with OpenSSL?
 The term "128 bit certificate" is a highly misleading marketing term. It does
 *not* refer to the size of the public key in the certificate! A certificate
 containing a 128 bit RSA key would have negligible security.
 There were various other names such as "magic certificates", "SGC
 certificates", "step up certificates" etc.
 You can't generally create such a certificate using OpenSSL but there is no
 need to any more. Nowadays web browsers using unrestricted strong encryption
 are generally available.
 When there were tight export restrictions on the export of strong encryption
 software from the US only weak encryption algorithms could be freely exported
 (initially 40 bit and then 56 bit). It was widely recognised that this was
 inadequate. A relaxation the rules allowed the use of strong encryption but
 only to an authorised server.
 Two slighly different techniques were developed to support this, one used by
 Netscape was called "step up", the other used by MSIE was called "Server Gated
 Cryptography" (SGC). When a browser initially connected to a server it would
 check to see if the certificate contained certain extensions and was issued by
 an authorised authority. If these test succeeded it would reconnect using
 strong encryption.
 Only certain (initially one) certificate authorities could issue the
 certificates and they generally cost more than ordinary certificates.
 Although OpenSSL can create certificates containing the appropriate extensions
 the certificate would not come from a permitted authority and so would not
 be recognized.
 The export laws were later changed to allow almost unrestricted use of strong
 encryption so these certificates are now obsolete.
 [BUILD] =======================================================================
 * Why does the linker complain about undefined symbols?
@@ -617,6 +656,18 @@ the module in question. The recommendation is to disable SHA-512 by
 adding no-sha512 to ./config [or ./Configure] command line. Another
 possible alternative might be to switch to GCC.
 * Test suite still fails, what to do?
 Another common reason for failure to complete some particular test is
 simply bad code generated by a buggy component in toolchain or deficiency
 in run-time environment. There are few cases documented in PROBLEMS file,
 consult it for possible workaround before you beat the drum. Even if you
 don't find solution or even mention there, do reserve for possibility of
 a compiler bug. Compiler bugs might appear in rather bizarre ways, they
 never make sense, and tend to emerge when you least expect them. In order
 to identify one, drop optimization level, e.g. by editing CFLAG line in
 top-level Makefile, recompile and re-run the test.
 [PROG] ========================================================================
 * Is OpenSSL thread-safe?
@@ -628,8 +679,9 @@ libraries.  If your platform is not one of these, consult the INSTALL
 file.
 Multi-threaded applications must provide two callback functions to
-OpenSSL.  This is described in the threads(3) manpage.
+OpenSSL by calling CRYPTO_set_locking_callback() and
-
+CRYPTO_set_id_callback().  This is described in the threads(3)
 manpage.
 * I've compiled a program under Windows and it crashes: why?
@@ -649,10 +701,10 @@ your application must link  against the same by which OpenSSL was
 built.  If you are using MS Visual C++ (Studio) this can be changed
 by:
-1.  Select Settings... from the Project Menu.
+ 1. Select Settings... from the Project Menu.
-2.  Select the C/C++ Tab.
+ 2. Select the C/C++ Tab.
-3.  Select "Code Generation from the "Category" drop down list box
+ 3. Select "Code Generation from the "Category" drop down list box
-4.  Select the Appropriate library (see table below) from the "Use
+ 4. Select the Appropriate library (see table below) from the "Use
    run-time library" drop down list box.  Perform this step for both
    your debug and release versions of your application (look at the
    top left of the settings panel to change between the two)
@@ -672,16 +724,19 @@ Note that debug and release libraries are NOT interchangeable.  If you
 built OpenSSL with /MD your application must use /MD and cannot use /MDd.
 As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL
-.DLLs compiled with some specific run-time option [we recommend the
+.DLLs compiled with some specific run-time option [we insist on the
 default /MD] can be deployed with application compiled with different
 option or even different compiler. But there is a catch! Instead of
 re-compiling OpenSSL toolkit, as you would have to with prior versions,
 you have to compile small C snippet with compiler and/or options of
 your choice. The snippet gets installed as
 <install-root>/include/openssl/applink.c and should be either added to
-your project or simply #include-d in one [and only one] of your source
+your application project or simply #include-d in one [and only one]
-files. Failure to do either manifests itself as fatal "no
+of your application source files. Failure to link this shim module
-OPENSSL_Applink" error.
+into your application manifests itself as fatal "no OPENSSL_Applink"
 run-time error. An explicit reminder is due that in this situation
 [mixing compiler options] it is as important to add CRYPTO_malloc_init
 prior first call to OpenSSL.
 * How do I read or write a DER encoded buffer using the ASN1 functions?
--- a/16
+++ b/16
@@ -75,7 +75,9 @@
  no-asm        Do not use assembler code.
  386           Use the 80386 instruction set only (the default x86 code is
-                more efficient, but requires at least a 486).
+                more efficient, but requires at least a 486). Note: Use
                compiler flags for any other CPU specific configuration,
                e.g. "-m32" to build x86 code on an x64 system.
  no-sse2	Exclude SSE2 code pathes. Normally SSE2 extention is
 		detected at run-time, but the decision whether or not the
@@ -96,7 +98,7 @@
                The crypto/<cipher> directory can be removed after running
                "make depend".
-  -Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will
+  -Dxxx, -lxxx, -Lxxx, -fxxx, -mxxx, -Kxxx These system specific options will
                be passed through to the compiler to allow you to
                define preprocessor symbols, specify additional libraries,
                library directories or other compiler options.
@@ -300,10 +302,10 @@
 Note on shared libraries
 ------------------------
- Shared library is currently an experimental feature.  The only reason to
+ Shared libraries have certain caveats.  Binary backward compatibility
- have them would be to conserve memory on systems where several program
+ can't be guaranteed before OpenSSL version 1.0.  The only reason to
- are using OpenSSL.  Binary backward compatibility can't be guaranteed
+ use them would be to conserve memory on systems where several programs
- before OpenSSL version 1.0.
+ are using OpenSSL.
 For some systems, the OpenSSL Configure script knows what is needed to
 build shared libraries for libcrypto and libssl.  On these systems,
@@ -328,7 +330,7 @@
 Note on support for multiple builds
 -----------------------------------
- OpenSSL is usually built in it's source tree.  Unfortunately, this doesn't
+ OpenSSL is usually built in its source tree.  Unfortunately, this doesn't
 support building for multiple platforms from the same source tree very well.
 It is however possible to build in a separate tree through the use of lots
 of symbolic links, which should be prepared like this:
--- a/INSTALL.W32
+++ b/INSTALL.W32
@@ -49,7 +49,9 @@
 Firstly you should run Configure:
- > perl Configure VC-WIN32
+ > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir
 Where the prefix argument specifies where OpenSSL will be installed to.
 Next you need to build the Makefiles and optionally the assembly language
 files:
@@ -77,8 +79,12 @@
 If all is well it should compile and you will have some DLLs and executables
 in out32dll. If you want to try the tests then do:
- > cd out32dll
+ > nmake -f ms\ntdll.mak test
- > ..\ms\test
+
 To install OpenSSL to the specified location do:
 > nmake -f ms\ntdll.mak install
 Tweaks:
@@ -88,6 +94,12 @@
 compiled in. Note that mk1mf.pl expects the platform to be the last argument
 on the command line, so 'debug' must appear before that, as all other options.
 By default in 0.9.8 OpenSSL will compile builtin ENGINES into the libeay32.dll
 shared library. If you specify the "no-static-engine" option on the command
 line to Configure the shared library build (ms\ntdll.mak) will compile the
 engines as separate DLLs.
 The default Win32 environment is to leave out any Windows NT specific
 features.
@@ -98,6 +110,8 @@
 You can also build a static version of the library using the Makefile
 ms\nt.mak
 Borland C++ builder 5
 ---------------------
--- a/2
+++ b/2
@@ -12,7 +12,7 @@
  ---------------
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
--- a/Makefile.org
+++ b/Makefile.org
@@ -65,6 +65,7 @@ EX_LIBS=
 EXE_EXT= 
 ARFLAGS=
 AR=ar $(ARFLAGS) r
 ARD=ar $(ARFLAGS) d
 RANLIB= ranlib
 PERL= perl
 TAR= tar
@@ -100,14 +101,44 @@ RMD160_ASM_OBJ=
 KRB5_INCLUDES=
 LIBKRB5=
-DIRS=   crypto ssl engines apps test tools
+# Zlib stuff
-SHLIBDIRS= crypto ssl
+ZLIB_INCLUDE=
 LIBZLIB=
 # This is the location of fipscanister.o and friends.
 # The FIPS module build will place it $(INSTALLTOP)/lib
 # but since $(INSTALLTOP) can only take the default value
 # when the module is built it will be in /usr/local/ssl/lib
 # $(INSTALLTOP) for this build make be different so hard
 # code the path.
 FIPSLIBDIR=/usr/local/ssl/lib/
 # This is set to "y" if fipscanister.o is compiled internally as
 # opposed to coming from an external validated location.
 FIPSCANISTERINTERNAL=n
 # The location of the library which contains fipscanister.o
 # normally it will be libcrypto unless fipsdso is set in which
 # case it will be libfips. If not compiling in FIPS mode at all
 # this is empty making it a useful test for a FIPS compile.
 FIPSCANLIB=
 # Shared library base address. Currently only used on Windows.
 #
 BASEADDR=
 DIRS=   crypto fips ssl engines apps test tools
 SHLIBDIRS= crypto ssl fips
 # dirs in crypto to build
 SDIRS=  \
 	objects \
 	md2 md4 md5 sha mdc2 hmac ripemd \
-	des aes rc2 rc4 rc5 idea bf cast \
+	des aes rc2 rc4 rc5 idea bf cast camellia seed \
 	bn ec rsa dsa ecdsa dh ecdh dso engine \
 	buffer bio stack lhash rand err \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
@@ -134,13 +165,14 @@ WDIRS=  windows
 LIBS=   libcrypto.a libssl.a
 SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
 SHARED_SSL=libssl$(SHLIB_EXT)
 SHARED_FIPS=
 SHARED_LIBS=
 SHARED_LIBS_LINK_EXTS=
 SHARED_LDFLAGS=
 GENERAL=        Makefile
 BASENAME=       openssl
-NAME=           $(BASENAME)-$(VERSION)
+NAME=           $(BASENAME)-fips-$(VERSION)
 TARFILE=        $(NAME).tar
 WTARFILE=       $(NAME)-win.tar
 EXHEADER=       e_os2.h
@@ -187,45 +219,147 @@ BUILDENV=	PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \
 		SHA1_ASM_OBJ='${SHA1_ASM_OBJ}'			\
 		MD5_ASM_OBJ='${MD5_ASM_OBJ}'			\
 		RMD160_ASM_OBJ='${RMD160_ASM_OBJ}'		\
 		FIPSLIBDIR='${FIPSLIBDIR}' FIPSCANLIB='${FIPSCANLIB}' \
 		FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}'	\
 		FIPS_EX_OBJ='${FIPS_EX_OBJ}'	\
 		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
 # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
 # which in turn eliminates ambiguities in variable treatment with -e.
 # BUILD_CMD is a generic macro to build a given target in a given
 # subdirectory.  The target must be given through the shell variable
 # `target' and the subdirectory to build in must be given through `dir'.
 # This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
 # BUILD_ONE_CMD instead.
 #
 # BUILD_ONE_CMD is a macro to build a given target in a given
 # subdirectory if that subdirectory is part of $(DIRS).  It requires
 # exactly the same shell variables as BUILD_CMD.
 #
 # RECURSIVE_BUILD_CMD is a macro to build a given target in all
 # subdirectories defined in $(DIRS).  It requires that the target
 # is given through the shell variable `target'.
 BUILD_CMD=  if [ -d "$$dir" ]; then \
 	    (	cd $$dir && echo "making $$target in $$dir..." && \
 		$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
 	    ) || exit 1; \
 	    fi
 RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
 BUILD_ONE_CMD=\
 	if echo " $(DIRS) " | grep " $$dir " >/dev/null 2>/dev/null; then \
 		$(BUILD_CMD); \
 	fi
 reflect:
 	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
 FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
 	../crypto/aes/aes_ecb.o \
 	../crypto/aes/aes_ofb.o \
 	../crypto/bn/bn_add.o \
 	../crypto/bn/bn_blind.o \
 	../crypto/bn/bn_ctx.o \
 	../crypto/bn/bn_div.o \
 	../crypto/bn/bn_exp2.o \
 	../crypto/bn/bn_exp.o \
 	../crypto/bn/bn_gcd.o \
 	../crypto/bn/bn_lib.o \
 	../crypto/bn/bn_mod.o \
 	../crypto/bn/bn_mont.o \
 	../crypto/bn/bn_mul.o \
 	../crypto/bn/bn_prime.o \
 	../crypto/bn/bn_rand.o \
 	../crypto/bn/bn_recp.o \
 	../crypto/bn/bn_shift.o \
 	../crypto/bn/bn_sqr.o \
 	../crypto/bn/bn_word.o \
 	../crypto/bn/bn_x931p.o \
 	../crypto/buffer/buf_str.o \
 	../crypto/cryptlib.o \
 	../crypto/des/cfb64ede.o \
 	../crypto/des/cfb64enc.o \
 	../crypto/des/cfb_enc.o \
 	../crypto/des/ecb3_enc.o \
 	../crypto/des/ecb_enc.o \
 	../crypto/des/ofb64ede.o \
 	../crypto/des/ofb64enc.o \
 	../crypto/des/fcrypt.o \
 	../crypto/des/set_key.o \
 	../crypto/dsa/dsa_utl.o \
 	../crypto/dsa/dsa_sign.o \
 	../crypto/dsa/dsa_vrf.o \
 	../crypto/err/err.o \
 	../crypto/evp/digest.o \
 	../crypto/evp/enc_min.o \
 	../crypto/evp/e_aes.o \
 	../crypto/evp/e_des3.o \
 	../crypto/evp/p_sign.o \
 	../crypto/evp/p_verify.o \
 	../crypto/mem_clr.o \
 	../crypto/mem.o \
 	../crypto/rand/md_rand.o \
 	../crypto/rand/rand_egd.o \
 	../crypto/rand/randfile.o \
 	../crypto/rand/rand_lib.o \
 	../crypto/rand/rand_os2.o \
 	../crypto/rand/rand_unix.o \
 	../crypto/rand/rand_win.o \
 	../crypto/rsa/rsa_lib.o \
 	../crypto/rsa/rsa_none.o \
 	../crypto/rsa/rsa_oaep.o \
 	../crypto/rsa/rsa_pk1.o \
 	../crypto/rsa/rsa_pss.o \
 	../crypto/rsa/rsa_ssl.o \
 	../crypto/rsa/rsa_x931.o \
 	../crypto/sha/sha1dgst.o \
 	../crypto/sha/sha256.o \
 	../crypto/sha/sha512.o \
 	../crypto/uid.o
 sub_all: build_all
 build_all: build_libs build_apps build_tests build_tools
-build_libs: build_crypto build_ssl build_engines
+build_libs: build_crypto build_fips build_ssl build_shared build_engines
 build_crypto:
-	@dir=crypto; target=all; $(BUILD_CMD)
+	if [ -n "$(FIPSCANLIB)" ]; then \
 		EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \
 		ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \
 	else \
 		ARX='${AR}' ; \
 	fi ; export ARX ; \
 		dir=crypto; target=all; $(BUILD_ONE_CMD)
 build_fips:
 	@dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD)
 build_ssl:
-	@dir=ssl; target=all; $(BUILD_CMD)
+	@dir=ssl; target=all; $(BUILD_ONE_CMD)
 build_engines:
-	@dir=engines; target=all; $(BUILD_CMD)
+	@dir=engines; target=all; $(BUILD_ONE_CMD)
 build_apps:
-	@dir=apps; target=all; $(BUILD_CMD)
+	@dir=apps; target=all; $(BUILD_ONE_CMD)
 build_tests:
-	@dir=test; target=all; $(BUILD_CMD)
+	@dir=test; target=all; $(BUILD_ONE_CMD)
 build_tools:
-	@dir=tools; target=all; $(BUILD_CMD)
+	@dir=tools; target=all; $(BUILD_ONE_CMD)
 all_testapps: build_libs build_testapps
 build_testapps:
-	@dir=crypto; target=testapps; $(BUILD_CMD)
+	@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
-libcrypto$(SHLIB_EXT): libcrypto.a
+build_shared:	$(SHARED_LIBS)
 libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS)
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=crypto build-shared; \
+		if [ "$(FIPSCANLIB)" = "libfips" ]; then \
 			$(ARD) libcrypto.a fipscanister.o ; \
 			$(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
 			$(AR) libcrypto.a fips/fipscanister.o ; \
 		else \
 			if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
 				FIPSLD_CC=$(CC); CC=fips/fipsld; \
 				export CC FIPSLD_CC; \
 			fi; \
 			$(MAKE) -e SHLIBDIRS='crypto' build-shared; \
 		fi \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 		exit 1; \
@@ -233,12 +367,32 @@ libcrypto$(SHLIB_EXT): libcrypto.a
 libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
-		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+		shlibdeps=-lcrypto; \
 		[ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
 		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2 ; \
 		exit 1; \
 	fi
 fips/fipscanister.o:	build_fips
 libfips$(SHLIB_EXT):		fips/fipscanister.o
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
 		FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \
 		$(MAKE) -f Makefile.shared -e $(BUILDENV) \
 			CC=$${CC} LIBNAME=fips THIS=$@ \
 			LIBEXTRAS=fips/fipscanister.o \
 			LIBDEPS="$(EX_LIBS)" \
 			LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
 			link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \
 	else \
 		echo "There's no support for shared libraries on this platform" >&2; \
 		exit 1; \
 	fi
 libfips.a:
 	dir=fips; target=all; $(BUILD_ONE_CMD)
 clean-shared:
 	@set -e; for i in $(SHLIBDIRS); do \
 		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
@@ -255,7 +409,7 @@ clean-shared:
 link-shared:
 	@ set -e; for i in ${SHLIBDIRS}; do \
-		$(MAKE) -f $(HERE)/Makefile.shared \
+		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
 			LIBNAME=$$i LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
 			LIBCOMPATVERSIONS=";${SHLIB_VERSION_HISTORY}" \
 			symlink.$(SHLIB_TARGET); \
@@ -358,12 +512,14 @@ dclean:
 	@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
 rehash: rehash.time
-rehash.time: certs
+rehash.time: certs apps
-	@(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+	@if [ -z "$(CROSS_COMPILE)" ]; then \
-	  OPENSSL_DEBUG_MEMORY=on; \
+		(OPENSSL="`pwd`/util/opensslwrap.sh"; \
-	  export OPENSSL OPENSSL_DEBUG_MEMORY; \
+		OPENSSL_DEBUG_MEMORY=on; \
-	  $(PERL) tools/c_rehash certs)
+		export OPENSSL OPENSSL_DEBUG_MEMORY; \
-	touch rehash.time
+		$(PERL) tools/c_rehash certs) && \
 		touch rehash.time; \
 	else :; fi
 test:   tests
@@ -430,7 +586,7 @@ tar:
 	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
 	tardy --user_number=0  --user_name=openssl \
 	      --group_number=0 --group_name=openssl \
-	      --prefix=openssl-$(VERSION) - |\
+	      --prefix=openssl-fips-$(VERSION) - |\
 	gzip --best >../$(TARFILE).gz; \
 	rm -f ../$(TARFILE).list; \
 	ls -l ../$(TARFILE).gz
@@ -452,7 +608,7 @@ dist:
 dist_pem_h:
 	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
-install: all install_docs install_sw
+install: all install_sw
 install_sw:
 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -101,15 +101,13 @@ LINK_SO=	\
    LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
    SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \
    SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
    nm -Pg $$SHOBJECTS | grep ' [BDT] ' | cut -f1 -d' ' > lib$(LIBNAME).exp; \
    LIBPATH=`for x in $$LIBDEPS; do if echo $$x | grep '^ *-L' > /dev/null 2>&1; then echo $$x | sed -e 's/^ *-L//'; fi; done | uniq`; \
    LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
    LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
    $${SHAREDCMD} $${SHAREDFLAGS} \
 	-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
 	$$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \
-  ) && $(SYMLINK_SO); \
+  ) && $(SYMLINK_SO)
  ( $(SET_X); rm -f lib$(LIBNAME).exp )
 SYMLINK_SO=	\
 	if [ -n "$$INHIBIT_SYMLINKS" ]; then :; else \
@@ -196,10 +194,16 @@ link_app.bsd:
 	fi; $(LINK_APP)
 # For Darwin AKA Mac OS/X (dyld)
 # link_o.darwin produces .so, because we let it use dso_dlfcn module,
 # which has .so extension hard-coded. One can argue that one should
 # develop special dso module for MacOS X. At least manual encourages
 # to use native NSModule(3) API and refers to dlfcn as termporary hack.
 link_o.darwin:
 	@ $(CALC_VERSIONS); \
-	SHLIB=lib$(LIBNAME); \
+	SHLIB=`expr "$$THIS" : '.*/\([^/\.]*\)\.'`; \
-	SHLIB_SUFFIX=.dylib; \
+	SHLIB=$${SHLIB:-lib$(LIBNAME)}; \
 	SHLIB_SUFFIX=`expr "$$THIS" : '.*\(\.[^\.]*\)$$'`; \
 	SHLIB_SUFFIX=$${SHLIB_SUFFIX:-.so}; \
 	ALLSYMSFLAGS='-all_load'; \
 	NOALLSYMSFLAGS=''; \
 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
@@ -223,6 +227,7 @@ link_a.darwin:
 	if [ -n "$$SHLIB_SOVER_NODOT" ]; then \
 		SHAREDFLAGS="$$SHAREDFLAGS -compatibility_version $$SHLIB_SOVER_NODOT"; \
 	fi; \
 	SHAREDFLAGS="$$SHAREDFLAGS -install_name ${INSTALLTOP}/lib/$$SHLIB${SHLIB_EXT}"; \
 	$(LINK_SO_A)
 link_app.darwin:	# is there run-path on darwin?
 	$(LINK_APP)
@@ -231,24 +236,30 @@ link_o.cygwin:
 	@ $(CALC_VERSIONS); \
 	INHIBIT_SYMLINKS=yes; \
 	SHLIB=cyg$(LIBNAME); \
-	expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
+	base=-Wl,--enable-auto-image-base; \
 	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
 		SHLIB=$(LIBNAME)eay32; base=; \
 	fi; \
 	SHLIB_SUFFIX=.dll; \
 	LIBVERSION="$(LIBVERSION)"; \
 	SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
 	$(LINK_SO_O)
 link_a.cygwin:
 	@ $(CALC_VERSIONS); \
 	INHIBIT_SYMLINKS=yes; \
 	SHLIB=cyg$(LIBNAME); \
-	expr $(PLATFORM) : 'mingw' > /dev/null && SHLIB=$(LIBNAME)eay32; \
+	base=-Wl,--enable-auto-image-base; \
 	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
 		SHLIB=$(LIBNAME)eay32; \
 		base=;  [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
 	fi; \
 	SHLIB_SUFFIX=.dll; \
 	SHLIB_SOVER=-$(LIBVERSION); \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
 	base=;  [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
 	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a"; \
 	[ -f apps/$$SHLIB$$SHLIB_SUFFIX ] && rm apps/$$SHLIB$$SHLIB_SUFFIX; \
 	[ -f test/$$SHLIB$$SHLIB_SUFFIX ] && rm test/$$SHLIB$$SHLIB_SUFFIX; \
@@ -273,9 +284,9 @@ link_o.alpha-osf1:
 		SHLIB_SOVER=; \
 		ALLSYMSFLAGS='-all'; \
 		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
 		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
 		fi; \
 	fi; \
 	$(LINK_SO_O)
@@ -294,9 +305,9 @@ link_a.alpha-osf1:
 		SHLIB_SOVER=; \
 		ALLSYMSFLAGS='-all'; \
 		NOALLSYMSFLAGS='-none'; \
-		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
 		if [ -n "$$SHLIB_HIST" ]; then \
-			SHAREDFLAGS="$$SHAREDFLAGS -set_version \"$$SHLIB_HIST\""; \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
 		fi; \
 	fi; \
 	$(LINK_SO_A)
@@ -417,7 +428,7 @@ link_o.irix:
 		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
 		ALLSYMSFLAGS="$${MINUSWL}-all"; \
 		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
-		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
 	fi; \
 	$(LINK_SO_O)
 link_a.irix:
@@ -431,7 +442,7 @@ link_a.irix:
 		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
 		ALLSYMSFLAGS="$${MINUSWL}-all"; \
 		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
-		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
 	fi; \
 	$(LINK_SO_A)
 link_app.irix:
@@ -450,12 +461,12 @@ link_o.hpux:
 	@if ${DETECT_GNU_LD}; then $(DO_GNU_SO); else \
 	$(CALC_VERSIONS); \
 	SHLIB=lib$(LIBNAME).sl; \
-	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
+	expr "$(CFLAGS)" : '.*DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
 	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
@@ -468,7 +479,7 @@ link_a.hpux:
 	ALLSYMSFLAGS='-Wl,-Fl'; \
 	NOALLSYMSFLAGS=''; \
 	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
 	fi; \
 	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
 	$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
@@ -480,26 +491,26 @@ link_app.hpux:
 link_o.aix:
 	@ $(CALC_VERSIONS); \
-	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]\([0-9]*\)'`; \
+	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]*\(64\)'` || :; \
 	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
-	ALLSYMSFLAGS='-bnogc'; \
+	ALLSYMSFLAGS=''; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE'; \
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-G,-bexpall,-bnolibpath,-bM:SRE'; \
-	$(LINK_SO_O); rm -rf lib$(LIBNAME).exp
+	$(LINK_SO_O);
 link_a.aix:
 	@ $(CALC_VERSIONS); \
-	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]\([0-9]*\)'`; \
+	OBJECT_MODE=`expr x$(SHARED_LDFLAGS) : 'x\-[a-z]*\(64\)'` || : ; \
 	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
 	SHLIB=lib$(LIBNAME).so; \
 	SHLIB_SUFFIX=; \
 	ALLSYMSFLAGS='-bnogc'; \
 	NOALLSYMSFLAGS=''; \
-	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -G -bE:lib$(LIBNAME).exp -bM:SRE'; \
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-G,-bexpall,-bnolibpath,-bM:SRE'; \
 	$(LINK_SO_A_VIA_O)
 link_app.aix:
-	LDFLAGS="$(CFLAGS) -blibpath:$(LIBRPATH)"; \
+	LDFLAGS="$(CFLAGS) -Wl,-brtl,-blibpath:$(LIBRPATH):$${LIBPATH:-/usr/lib:/lib}"; \
 	$(LINK_APP)
 link_o.reliantunix:
@@ -538,7 +549,7 @@ symlink.hpux:
 	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
 	$(SYMLINK_SO)
 # The following lines means those specific architectures do no symlinks
-symlink.cygwin symlib.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
+symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath:
 # Compatibility targets
 link_o.bsd-gcc-shared link_o.linux-shared link_o.gnu-shared: link_o.gnu
--- a/52
+++ b/52
@@ -5,9 +5,35 @@
  This file gives a brief overview of the major changes between each OpenSSL
  release. For more details please read the CHANGES file.
  Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
      o Various ciphersuite selection fixes.
      o RFC3779 support.
  Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
      o Changes to ciphersuite selection algorithm
  Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
      o New cipher Camellia
  Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
      o Cipher string fixes.
      o Fixes for VC++ 2005.
      o Updated ECC cipher suite support.
      o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
      o Zlib compression usage fixes.
      o Built in dynamic engine compilation support on Win32.
      o Fixes auto dynamic engine loading in Win32.
  Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
-      o Fix potential SSL 2.0 rollback, CAN-2005-2969
+      o Fix potential SSL 2.0 rollback, CVE-2005-2969
      o Extended Windows CE support
  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
@@ -84,6 +110,30 @@
      o Added initial support for Win64.
      o Added alternate pkg-config files.
  Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
  Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
      o Visual C++ 2005 fixes.
      o Update Windows build system for FIPS.
  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
      o Fix SSL 2.0 Rollback, CVE-2005-2969
      o Allow use of fixed-length exponent on DSA signing
      o Default fixed-window RSA, DSA, DH private-key operations
  Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
      o More compilation issues fixed.
--- a/27
+++ b/27
@@ -1,10 +1,16 @@
- OpenSSL 0.9.8a 11 Oct 2005
+ OpenSSL 0.9.8f-fips-dev test version
- Copyright (c) 1998-2005 The OpenSSL Project
+ Copyright (c) 1998-2007 The OpenSSL Project
 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
 All rights reserved.
 WARNING
 -------
 This version of OpenSSL is an initial port of the FIPS 140-2 code to OpenSSL
 0.9.8. See the file README.FIPS for brief usage details.
 DESCRIPTION
 -----------
@@ -36,12 +42,13 @@
     actually logically part of it. It includes routines for the following:
     Ciphers
-        libdes - EAY's libdes DES encryption package which has been floating
+        libdes - EAY's libdes DES encryption package which was floating
-                 around the net for a few years.  It includes 15
+                 around the net for a few years, and was then relicensed by
-                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+                 him as part of SSLeay.  It includes 15 'modes/variations'
-                 cbc, cfb and ofb; pcbc and a more general form of cfb and
+                 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
-                 ofb) including desx in cbc mode, a fast crypt(3), and
+                 pcbc and a more general form of cfb and ofb) including desx
-                 routines to read passwords from the keyboard.
+                 in cbc mode, a fast crypt(3), and routines to read
                 passwords from the keyboard.
        RC4 encryption,
        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
@@ -113,6 +120,10 @@
 The MDC2 algorithm is patented by IBM.
 NTT and Mitsubishi have patents and pending patents on the Camellia
 algorithm, but allow use at no charge without requiring an explicit
 licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
 INSTALLATION
 ------------
--- a/README.FIPS
+++ b/README.FIPS
@@ -0,0 +1,35 @@
 Brief instructions on using OpenSSL 0.9.8 FIPS test branch.
 To avoid any confusion that this might generate a validate library just
 supplying "fips" on the command line wont work. Additional options are
 needed...
 To build fipscanister and produce a usable distribution the configuration
 option "fipscanisterbuild" is used to either the config or Configure scripts.
 For example:
 ./config fipscanisterbuild
 This builds static libraries in a way similar to the FIPS 1.1.1 distro.
 To build the shared library fipscanister version use the configuration
 options "fipsdso".
 Note that the fipscanister.o file is totally incompatible with the version
 produced by the FIPS 1.1.1 distribution and cannot be made to work with
 it.
 Both options should also work under Windows and VC++. With this version the
 use of MinGW is unnecessary and the normal VC++ build procedure can be
 followed *except* the GNU linker "ld.exe" (for example from MinGW) must be
 accessible somewhere on the PATH. For example:
 perl Configure VC-WIN32 fipsdso
 ms\do_masm
 nmake -f ms\ntdll.mak
 Note that any warnings from a Windows version of "tar" about being unable to
 create symbolic links can be ignored.
--- a/11
+++ b/11
@@ -1,12 +1,21 @@
  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2005/10/11 10:16:06 $
+  ______________                           $Date: 2007/02/23 12:12:27 $
  DEVELOPMENT STATE
    o  OpenSSL 0.9.9:  Under development...
    o  OpenSSL 0.9.8e: Released on February  23rd, 2007
    o  OpenSSL 0.9.8d: Released on September 28th, 2006
    o  OpenSSL 0.9.8c: Released on September  5th, 2006
    o  OpenSSL 0.9.8b: Released on May        4th, 2006
    o  OpenSSL 0.9.8a: Released on October   11th, 2005
    o  OpenSSL 0.9.8:  Released on July       5th, 2005
    o  OpenSSL 0.9.7m: Released on February  23rd, 2007
    o  OpenSSL 0.9.7l: Released on September 28th, 2006
    o  OpenSSL 0.9.7k: Released on September  5th, 2006
    o  OpenSSL 0.9.7j: Released on May        4th, 2006
    o  OpenSSL 0.9.7i: Released on October   14th, 2005
    o  OpenSSL 0.9.7h: Released on October   11th, 2005
    o  OpenSSL 0.9.7g: Released on April     11th, 2005
    o  OpenSSL 0.9.7f: Released on March     22nd, 2005
--- a/334
+++ b/334
@@ -117,14 +117,14 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -145,10 +145,10 @@ $lflags       =
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR
 $cpuid_obj    = 
 $bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -171,8 +171,8 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -198,7 +198,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
+$bn_obj       = bn86-out.o co86-out.o mo86-out.o
 $des_obj      = dx86-out.o yx86-out.o
 $aes_obj      = ax86-out.o
 $bf_obj       = bx86-out.o
@@ -225,7 +225,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -252,12 +252,12 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL
 $cpuid_obj    = x86_64cpuid.o
-$bn_obj       = x86_64-gcc.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o
 $bf_obj       = 
 $md5_obj      = md5-x86_64.o
-$sha1_obj     = 
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
 $rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
@@ -279,7 +279,7 @@ $sys_id       = CYGWIN32
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-cof.o
-$bn_obj       = bn86-cof.o co86-cof.o
+$bn_obj       = bn86-cof.o co86-cof.o mo86-cof.o
 $des_obj      = dx86-cof.o yx86-cof.o
 $aes_obj      = ax86-cof.o
 $bf_obj       = bx86-cof.o
@@ -333,7 +333,7 @@ $sys_id       = MSDOS
 $lflags       = -L/dev/env/WATT_ROOT/lib -lwatt
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
+$bn_obj       = bn86-out.o co86-out.o mo86-out.o
 $des_obj      = dx86-out.o yx86-out.o
 $aes_obj      = ax86-out.o
 $bf_obj       = bx86-out.o
@@ -677,14 +677,14 @@ $arflags      =
 *** aix-cc
 $cc           = cc
-$cflags       = -q32 -O -DB_ENDIAN -qmaxmem=16384
+$cflags       = -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
 $thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR
 $cpuid_obj    = 
-$bn_obj       = aix_ppc32.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -711,7 +711,7 @@ $sys_id       = AIX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR
 $cpuid_obj    = 
-$bn_obj       = aix_ppc32.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -722,12 +722,12 @@ $rc4_obj      =
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
-$shared_target= 
+$shared_target= aix-shared
 $shared_cflag = 
 $shared_ldflag = 
-$shared_extension = 
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
-$arflags      = 
+$arflags      = -X 32
 *** aix3-cc
 $cc           = cc
@@ -758,14 +758,14 @@ $arflags      =
 *** aix64-cc
 $cc           = cc
-$cflags       = -q64 -O -DB_ENDIAN -qmaxmem=16384
+$cflags       = -q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst
 $unistd       = 
-$thread_cflag = (unknown)
+$thread_cflag = -qthreaded
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR
 $cpuid_obj    = 
-$bn_obj       = aix_ppc64.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -783,6 +783,33 @@ $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = -X 64
 *** aix64-gcc
 $cc           = gcc
 $cflags       = -maix64 -O -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_THREAD_SAFE
 $sys_id       = AIX
 $lflags       = 
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
 $shared_target= aix-shared
 $shared_cflag = 
 $shared_ldflag = -maix64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = -X64
 *** aux3-gcc
 $cc           = gcc
 $cflags       = -O2 -DTERMIO
@@ -819,7 +846,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -920,11 +947,11 @@ $arflags      =
 *** darwin-i386-cc
 $cc           = cc
-$cflags       = -O3 -fomit-frame-pointer -fno-common -DB_ENDIAN
+$cflags       = -O3 -fomit-frame-pointer -fno-common
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
-$lflags       = 
+$lflags       = -Wl,-search_paths_first%
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = 
@@ -937,10 +964,10 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = 
+$dso_scheme   = dlfcn
 $shared_target= darwin-shared
-$shared_cflag = -fPIC
+$shared_cflag = -fPIC -fno-common
-$shared_ldflag = -dunamiclib
+$shared_ldflag = -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
 $arflags      = 
@@ -951,10 +978,10 @@ $cflags       = -O3 -DB_ENDIAN
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = MACOSX
-$lflags       = -Wl,-search_paths_first
+$lflags       = -Wl,-search_paths_first%
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = osx_ppc32.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -964,7 +991,7 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = 
+$dso_scheme   = dlfcn
 $shared_target= darwin-shared
 $shared_cflag = -fPIC -fno-common
 $shared_ldflag = -dynamiclib
@@ -1008,7 +1035,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1197,7 +1224,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1224,7 +1251,7 @@ $sys_id       = MACOSX
 $lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = osx_ppc32.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -1234,9 +1261,9 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = 
+$dso_scheme   = dlfcn
 $shared_target= darwin-shared
-$shared_cflag = -fPIC
+$shared_cflag = -fPIC -fno-common
 $shared_ldflag = -dynamiclib
 $shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
 $ranlib       = 
@@ -1278,7 +1305,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1305,7 +1332,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1386,7 +1413,7 @@ $sys_id       =
 $lflags       = -lefence -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1413,7 +1440,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1440,7 +1467,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1467,7 +1494,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1494,7 +1521,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1521,7 +1548,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -1548,7 +1575,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -1575,11 +1602,11 @@ $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -1602,11 +1629,11 @@ $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -1622,14 +1649,14 @@ $arflags      =
 *** debug-steve
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe
+$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -m32 -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -rdynamic -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1791,7 +1818,7 @@ $sys_id       =
 $lflags       = -lnsl -lsocket
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -1926,14 +1953,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -1953,14 +1980,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2088,7 +2115,7 @@ $sys_id       =
 $lflags       = -Wl,+s -ldld
 $bn_ops       = SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = pa-risc2.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2115,7 +2142,7 @@ $sys_id       =
 $lflags       = -Wl,+s -ldld
 $bn_ops       = SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1
 $cpuid_obj    = 
-$bn_obj       = pa-risc2.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2142,14 +2169,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2169,14 +2196,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2196,7 +2223,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = pa-risc2W.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2223,7 +2250,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
 $cpuid_obj    = 
-$bn_obj       = pa-risc2W.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2250,7 +2277,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -2324,14 +2351,14 @@ $arflags      =
 *** irix-mips3-cc
 $cc           = cc
-$cflags       = -n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT
 $cpuid_obj    = 
-$bn_obj       = bn-mips3.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2358,7 +2385,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT
 $cpuid_obj    = 
-$bn_obj       = bn-mips3.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2378,14 +2405,14 @@ $arflags      =
 *** irix64-mips4-cc
 $cc           = cc
-$cflags       = -64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W
+$cflags       = -64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W
 $unistd       = 
 $thread_cflag = -D_SGI_MP_SOURCE
 $sys_id       = 
 $lflags       = 
 $bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
 $cpuid_obj    = 
-$bn_obj       = bn-mips3.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2412,7 +2439,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG
 $cpuid_obj    = 
-$bn_obj       = bn-mips3.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2547,7 +2574,7 @@ $sys_id       =
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-out.o
-$bn_obj       = bn86-out.o co86-out.o
+$bn_obj       = bn86-out.o co86-out.o mo86-out.o
 $des_obj      = dx86-out.o yx86-out.o
 $aes_obj      = ax86-out.o
 $bf_obj       = bx86-out.o
@@ -2574,7 +2601,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -2655,7 +2682,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -2682,14 +2709,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2709,14 +2736,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2736,14 +2763,14 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK
 $cpuid_obj    = 
-$bn_obj       = bn-ia64.o
+$bn_obj       = 
 $des_obj      = 
-$aes_obj      = aes_core.o aes_cbc.o aes-ia64.o
+$aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
-$sha1_obj     = sha1-ia64.o sha256-ia64.o sha512-ia64.o
+$sha1_obj     = 
 $cast_obj     = 
-$rc4_obj      = rc4-ia64.o
+$rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -2763,7 +2790,7 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
 $cpuid_obj    = 
-$bn_obj       = linux_ppc32.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2783,14 +2810,14 @@ $arflags      =
 *** linux-ppc64
 $cc           = gcc
-$cflags       = -bpowerpc64-linux -DB_ENDIAN -DTERMIO -O3 -Wall
+$cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL
 $cpuid_obj    = 
-$bn_obj       = linux_ppc64.o
+$bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
@@ -2803,7 +2830,34 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
-$shared_ldflag = -bpowerpc64-linux
+$shared_ldflag = -m64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 *** linux-s390x
 $cc           = gcc
 $cflags       = -m64 -DB_ENDIAN -DTERMIO -O3 -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
 $cpuid_obj    = 
 $bn_obj       = 
 $des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
 $shared_ldflag = -m64
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
@@ -2817,8 +2871,8 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -2844,11 +2898,11 @@ $sys_id       = ULTRASPARC
 $lflags       = -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -2871,12 +2925,12 @@ $sys_id       =
 $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
 $cpuid_obj    = x86_64cpuid.o
-$bn_obj       = x86_64-gcc.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o
 $bf_obj       = 
 $md5_obj      = md5-x86_64.o
-$sha1_obj     = 
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
 $rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
@@ -2899,10 +2953,10 @@ $lflags       = -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -2925,7 +2979,7 @@ $sys_id       = MINGW32
 $lflags       = -lwsock32 -lgdi32
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT EXPORT_VAR_AS_FN
 $cpuid_obj    = x86cpuid-cof.o
-$bn_obj       = bn86-cof.o co86-cof.o
+$bn_obj       = bn86-cof.o co86-cof.o mo86-cof.o
 $des_obj      = dx86-cof.o yx86-cof.o
 $aes_obj      = ax86-cof.o
 $bf_obj       = bx86-cof.o
@@ -3330,7 +3384,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl
 $bn_ops       = DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -3357,7 +3411,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -3438,8 +3492,8 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -3465,8 +3519,8 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
 $md5_obj      = 
@@ -3492,11 +3546,11 @@ $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -3519,11 +3573,11 @@ $sys_id       = ULTRASPARC
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $cpuid_obj    = 
-$bn_obj       = sparcv8plus.o
+$bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv8plus.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -3573,7 +3627,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -3601,10 +3655,10 @@ $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -3628,10 +3682,10 @@ $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
 $cpuid_obj    = 
 $bn_obj       = 
-$des_obj      = des_enc-sparc.o fcrypt_b.o
+$des_obj      = 
 $aes_obj      = 
 $bf_obj       = 
-$md5_obj      = md5-sparcv9.o
+$md5_obj      = 
 $sha1_obj     = 
 $cast_obj     = 
 $rc4_obj      = 
@@ -3653,15 +3707,15 @@ $thread_cflag = -D_REENTRANT
 $sys_id       = 
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
-$cpuid_obj    = 
+$cpuid_obj    = x86_64cpuid.o
-$bn_obj       = 
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o
 $bf_obj       = 
-$md5_obj      = 
+$md5_obj      = md5-x86_64.o
-$sha1_obj     = 
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
-$rc4_obj      = 
+$rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = dlfcn
@@ -3681,12 +3735,12 @@ $sys_id       =
 $lflags       = -lsocket -lnsl -ldl
 $bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL
 $cpuid_obj    = x86_64cpuid.o
-$bn_obj       = x86_64-gcc.o
+$bn_obj       = x86_64-gcc.o x86_64-mont.o
 $des_obj      = 
-$aes_obj      = 
+$aes_obj      = aes-x86_64.o
 $bf_obj       = 
 $md5_obj      = md5-x86_64.o
-$sha1_obj     = 
+$sha1_obj     = sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
 $cast_obj     = 
 $rc4_obj      = rc4-x86_64.o
 $rmd160_obj   = 
@@ -3897,7 +3951,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG MD2_CHAR RC4_INDEX DES_PTR DES_RISC1 DES_UNROLL
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
@@ -3924,7 +3978,7 @@ $sys_id       =
 $lflags       = -lsocket -lnsl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $cpuid_obj    = x86cpuid-elf.o
-$bn_obj       = bn86-elf.o co86-elf.o
+$bn_obj       = bn86-elf.o co86-elf.o mo86-elf.o
 $des_obj      = dx86-elf.o yx86-elf.o
 $aes_obj      = ax86-elf.o
 $bf_obj       = bx86-elf.o
--- a/apps/CA.pl.in
+++ b/apps/CA.pl.in
@@ -94,6 +94,9 @@ foreach (@ARGV) {
 		mkdir "${CATOP}/private", $DIRMODE;
 		open OUT, ">${CATOP}/index.txt";
 		close OUT;
 		open OUT, ">${CATOP}/crlnumber";
 		print OUT "01\n";
 		close OUT;
 	    }
 	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
 		print "CA certificate filename (or enter to create)\n";
@@ -113,6 +116,7 @@ foreach (@ARGV) {
 		    system ("$CA -create_serial " .
 			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
 			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
 			"-extensions v3_ca " .
 			"-infiles ${CATOP}/$CAREQ ");
 		    $RET=$?;
 		}
--- a/apps/Makefile
+++ b/apps/Makefile
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -146,9 +146,11 @@ int WIN32_rename(const char *oldname,const char *newname);
 #ifndef NON_MAIN
 CONF *config=NULL;
 BIO *bio_err=NULL;
 int in_FIPS_mode=0;
 #else
 extern CONF *config;
 extern BIO *bio_err;
 extern int in_FIPS_mode;
 #endif
 #else
@@ -157,6 +159,7 @@ extern BIO *bio_err;
 extern CONF *config;
 extern char *default_config_file;
 extern BIO *bio_err;
 extern int in_FIPS_mode;
 #endif
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1520,6 +1520,7 @@ err:
 	if (x509) X509_free(x509);
 	X509_CRL_free(crl);
 	NCONF_free(conf);
 	NCONF_free(extconf);
 	OBJ_cleanup();
 	apps_shutdown();
 	OPENSSL_EXIT(ret);
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -66,6 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 #include <openssl/hmac.h>
 #undef BUFSIZE
 #define BUFSIZE	1024*8
@@ -75,7 +76,7 @@
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file);
+	  const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow);
 int MAIN(int, char **);
@@ -100,13 +101,16 @@ int MAIN(int argc, char **argv)
 	EVP_PKEY *sigkey = NULL;
 	unsigned char *sigbuf = NULL;
 	int siglen = 0;
 	unsigned int sig_flags = 0;
 	char *passargin = NULL, *passin = NULL;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
 #endif
 	char *hmac_key=NULL;
 	int non_fips_allow = 0;
 	apps_startup();
-
+ERR_load_crypto_strings();
 	if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
 		{
 		BIO_printf(bio_err,"out of memory\n");
@@ -165,6 +169,27 @@ int MAIN(int argc, char **argv)
 			keyfile=*(++argv);
 			do_verify = 1;
 			}
 		else if (strcmp(*argv,"-x931") == 0)
 			sig_flags = EVP_MD_CTX_FLAG_PAD_X931;
 		else if (strcmp(*argv,"-pss_saltlen") == 0)
 			{
 			int saltlen;
 			if (--argc < 1) break;
 			saltlen=atoi(*(++argv));
 			if (saltlen == -1)
 				sig_flags = EVP_MD_CTX_FLAG_PSS_MREC;
 			else if (saltlen == -2)
 				sig_flags = EVP_MD_CTX_FLAG_PSS_MDLEN;
 			else if (saltlen < -2 || saltlen >= 0xFFFE)
 				{
 				BIO_printf(bio_err, "Invalid PSS salt length %d\n", saltlen);
 				goto end;
 				}
 			else
 				sig_flags = saltlen;
 			sig_flags <<= 16;
 			sig_flags |= EVP_MD_CTX_FLAG_PAD_PSS;
 			}
 		else if (strcmp(*argv,"-signature") == 0)
 			{
 			if (--argc < 1) break;
@@ -188,6 +213,14 @@ int MAIN(int argc, char **argv)
 			out_bin = 1;
 		else if (strcmp(*argv,"-d") == 0)
 			debug=1;
 		else if (strcmp(*argv,"-non-fips-allow") == 0)
 			non_fips_allow=1;
 		else if (!strcmp(*argv,"-hmac"))
 			{
 			if (--argc < 1)
 				break;
 			hmac_key=*++argv;
 			}
 		else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
 			md=m;
 		else
@@ -223,29 +256,33 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
 #endif
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n",
 			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md4,LN_md4);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md2,LN_md2);
 #ifndef OPENSSL_NO_SHA
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha,LN_sha);
 #ifndef OPENSSL_NO_SHA256
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha224,LN_sha224);
 		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha256,LN_sha256);
 #endif
 #ifndef OPENSSL_NO_SHA512
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha384,LN_sha384);
 		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha512,LN_sha512);
 #endif
 #endif
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_ripemd160,LN_ripemd160);
 		err=1;
 		goto end;
@@ -261,7 +298,7 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_set_callback(in,BIO_debug_callback);
 		/* needed for windows 3.1 */
-		BIO_set_callback_arg(in,bio_err);
+		BIO_set_callback_arg(in,(char *)bio_err);
 		}
 	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
@@ -341,8 +378,20 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	}
 	if (non_fips_allow)
 		{
 		EVP_MD_CTX *md_ctx;
 		BIO_get_md_ctx(bmd,&md_ctx);
 		EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
 		}
 	if (sig_flags)
 		{
 		EVP_MD_CTX *md_ctx;
 		BIO_get_md_ctx(bmd,&md_ctx);
 		EVP_MD_CTX_set_flags(md_ctx, sig_flags);
 		}
 	/* we use md as a filter, reading from 'in' */
 	if (!BIO_set_md(bmd,md))
@@ -358,7 +407,7 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)");
+			  siglen,"","(stdin)",bmd,hmac_key,non_fips_allow);
 		}
 	else
 		{
@@ -376,14 +425,15 @@ int MAIN(int argc, char **argv)
 				}
 			if(!out_bin)
 				{
-				size_t len = strlen(name)+strlen(argv[i])+5;
+				size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
 				tmp=tofree=OPENSSL_malloc(len);
-				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
+				BIO_snprintf(tmp,len,"%s%s(%s)= ",
 							 hmac_key ? "HMAC-" : "",name,argv[i]);
 				}
 			else
 				tmp="";
 			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i]);
+				siglen,tmp,argv[i],bmd,hmac_key,non_fips_allow);
 			if(r)
 			    err=r;
 			if(tofree)
@@ -410,11 +460,23 @@ end:
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file)
+	  const char *file,BIO *bmd,const char *hmac_key,int non_fips_allow)
 	{
-	int len;
+	unsigned int len;
 	int i;
 	EVP_MD_CTX *md_ctx;
 	HMAC_CTX hmac_ctx;
 	if (hmac_key)
 		{
 		EVP_MD *md;
 		BIO_get_md(bmd,&md);
 		HMAC_CTX_init(&hmac_ctx);
 		HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
 		BIO_get_md_ctx(bmd,&md_ctx);
 		BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
 		}
 	for (;;)
 		{
 		i=BIO_read(bp,(char *)buf,BUFSIZE);
@@ -457,6 +519,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			return 1;
 			}
 		}
 	else if(hmac_key)
 		{
 		HMAC_Final(&hmac_ctx,buf,&len);
 		HMAC_CTX_cleanup(&hmac_ctx);
 		}
 	else
 		len=BIO_gets(bp,(char *)buf,BUFSIZE);
@@ -464,7 +531,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	else 
 		{
 		BIO_write(out,title,strlen(title));
-		for (i=0; i<len; i++)
+		for (i=0; i<(int)len; i++)
 			{
 			if (sep && (i != 0))
 				BIO_printf(out, ":");
@@ -472,6 +539,10 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			}
 		BIO_printf(out, "\n");
 		}
 	if (hmac_key)
 		{
 		BIO_set_md_ctx(bmd,md_ctx);
 		}
 	return 0;
 	}
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -84,6 +84,10 @@
 * -aes128	- encrypt output if PEM format
 * -aes192	- encrypt output if PEM format
 * -aes256	- encrypt output if PEM format
 * -camellia128 - encrypt output if PEM format
 * -camellia192 - encrypt output if PEM format
 * -camellia256 - encrypt output if PEM format
 * -seed        - encrypt output if PEM format
 * -text	- print a text version
 * -modulus	- print the DSA public key
 */
@@ -211,6 +215,13 @@ bad:
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
 #endif
 		BIO_printf(bio_err," -text           print the key in text\n");
 		BIO_printf(bio_err," -noout          don't print key out\n");
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -347,7 +347,10 @@ bad:
 			}
 	if (noout) 
 		{
 		ret = 0;
 		goto end;
 		}
 	BIO_printf(bio_err, "writing EC key\n");
 	if (outformat == FORMAT_ASN1) 
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -127,6 +127,7 @@ int MAIN(int argc, char **argv)
 	char *engine = NULL;
 #endif
 	const EVP_MD *dgst=NULL;
 	int non_fips_allow = 0;
 	apps_startup();
@@ -261,6 +262,8 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			md= *(++argv);
 			}
 		else if (strcmp(*argv,"-non-fips-allow") == 0)
 			non_fips_allow = 1;
 		else if	((argv[0][0] == '-') &&
 			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
 			{
@@ -314,7 +317,10 @@ bad:
 	if (dgst == NULL)
 		{
-		dgst = EVP_md5();
+		if (in_FIPS_mode)
 			dgst = EVP_sha1();
 		else
 			dgst = EVP_md5();
 		}
 	if (bufsize != NULL)
@@ -340,7 +346,7 @@ bad:
 			}
 		/* It must be large enough for a base64 encoded line */
-		if (n < 80) n=80;
+		if (base64 && n < 80) n=80;
 		bsize=(int)n;
 		if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
@@ -365,12 +371,16 @@ bad:
 		{
 		BIO_set_callback(in,BIO_debug_callback);
 		BIO_set_callback(out,BIO_debug_callback);
-		BIO_set_callback_arg(in,bio_err);
+		BIO_set_callback_arg(in,(char *)bio_err);
-		BIO_set_callback_arg(out,bio_err);
+		BIO_set_callback_arg(out,(char *)bio_err);
 		}
 	if (inf == NULL)
 	        {
 		if (bufsize != NULL)
 			setvbuf(stdin, (char *)NULL, _IONBF, 0);
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 	        }
 	else
 		{
 		if (BIO_read_filename(in,inf) <= 0)
@@ -421,6 +431,8 @@ bad:
 	if (outf == NULL)
 		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
 		if (bufsize != NULL)
 			setvbuf(stdout, (char *)NULL, _IONBF, 0);
 #ifdef OPENSSL_SYS_VMS
 		{
 		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
@@ -447,7 +459,7 @@ bad:
 		if (debug)
 			{
 			BIO_set_callback(b64,BIO_debug_callback);
-			BIO_set_callback_arg(b64,bio_err);
+			BIO_set_callback_arg(b64,(char *)bio_err);
 			}
 		if (olb64)
 			BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
@@ -543,6 +555,11 @@ bad:
 		 */
 		BIO_get_cipher_ctx(benc, &ctx);
 		if (non_fips_allow)
 			EVP_CIPHER_CTX_set_flags(ctx,
 				EVP_CIPH_FLAG_NON_FIPS_ALLOW);
 		if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
 			{
 			BIO_printf(bio_err, "Error setting cipher %s\n",
@@ -565,7 +582,7 @@ bad:
 		if (debug)
 			{
 			BIO_set_callback(benc,BIO_debug_callback);
-			BIO_set_callback_arg(benc,bio_err);
+			BIO_set_callback_arg(benc,(char *)bio_err);
 			}
 		if (printkey)
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -140,6 +140,10 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-idea") == 0)
 			enc=EVP_idea_cbc();
 #endif
 #ifndef OPENSSL_NO_SEED
 		else if (strcmp(*argv,"-seed") == 0)
 			enc=EVP_seed_cbc();
 #endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv,"-aes128") == 0)
 			enc=EVP_aes_128_cbc();
@@ -147,6 +151,14 @@ int MAIN(int argc, char **argv)
 			enc=EVP_aes_192_cbc();
 		else if (strcmp(*argv,"-aes256") == 0)
 			enc=EVP_aes_256_cbc();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		else if (strcmp(*argv,"-camellia128") == 0)
 			enc=EVP_camellia_128_cbc();
 		else if (strcmp(*argv,"-camellia192") == 0)
 			enc=EVP_camellia_192_cbc();
 		else if (strcmp(*argv,"-camellia256") == 0)
 			enc=EVP_camellia_256_cbc();
 #endif
 		else if (**argv != '-' && dsaparams == NULL)
 			{
@@ -170,10 +182,18 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 		BIO_printf(bio_err," -seed\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
 #endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
 #endif
 #ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
 #endif
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -95,6 +95,7 @@ int MAIN(int argc, char **argv)
 	int ret=1;
 	int i,num=DEFBITS;
 	long l;
 	int use_x931 = 0;
 	const EVP_CIPHER *enc=NULL;
 	unsigned long f4=RSA_F4;
 	char *outfile=NULL;
@@ -138,6 +139,8 @@ int MAIN(int argc, char **argv)
 			f4=3;
 		else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
 			f4=RSA_F4;
 		else if (strcmp(*argv,"-x931") == 0)
 			use_x931 = 1;
 #ifndef OPENSSL_NO_ENGINE
 		else if (strcmp(*argv,"-engine") == 0)
 			{
@@ -160,6 +163,10 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-idea") == 0)
 			enc=EVP_idea_cbc();
 #endif
 #ifndef OPENSSL_NO_SEED
 		else if (strcmp(*argv,"-seed") == 0)
 			enc=EVP_seed_cbc();
 #endif
 #ifndef OPENSSL_NO_AES
 		else if (strcmp(*argv,"-aes128") == 0)
 			enc=EVP_aes_128_cbc();
@@ -167,6 +174,14 @@ int MAIN(int argc, char **argv)
 			enc=EVP_aes_192_cbc();
 		else if (strcmp(*argv,"-aes256") == 0)
 			enc=EVP_aes_256_cbc();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		else if (strcmp(*argv,"-camellia128") == 0)
 			enc=EVP_camellia_128_cbc();
 		else if (strcmp(*argv,"-camellia192") == 0)
 			enc=EVP_camellia_192_cbc();
 		else if (strcmp(*argv,"-camellia256") == 0)
 			enc=EVP_camellia_256_cbc();
 #endif
 		else if (strcmp(*argv,"-passout") == 0)
 			{
@@ -187,9 +202,17 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 		BIO_printf(bio_err," -seed\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
 #endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
 #endif
 		BIO_printf(bio_err," -out file       output the key to 'file\n");
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
@@ -246,7 +269,17 @@ bad:
 	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
 		num);
-	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+	if (use_x931)
 		{
 		BIGNUM *pubexp;
 		pubexp = BN_new();
 		if (!BN_set_word(pubexp, f4))
 			goto err;
 		if (!RSA_X931_generate_key_ex(rsa, num, pubexp, &cb))
 			goto err;
 		BN_free(pubexp);
 		}
 	else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
 		goto err;
 	app_RAND_write_file(NULL, bio_err);
--- a/apps/makeapps.com
+++ b/apps/makeapps.com
@@ -143,26 +143,9 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
 	      "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
 	      "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
 	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE;OCSP;PRIME"
 $ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
 	       CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
 	       RSA.OBJ,RSAUTL.OBJ,DSA.OBJ,DSAPARAM.OBJ,EC.OBJ,ECPARAM.OBJ,-
 	       X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
 	       S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
 	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ,ENGINE.OBJ,OCSP.OBJ,PRIME.OBJ
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
     TCPIP_PROGRAMS = ",OPENSSL,"
 $!$ APP_FILES := VERIFY;ASN1PARS;REQ;DGST;DH;ENC;GENDH;ERRSTR;CA;-
 $!	       PKCS7;CRL2P7;CRL;-
 $!	       RSA;DSA;DSAPARAM;-
 $!	       X509;GENRSA;GENDSA;-
 $!	       S_SERVER,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;-
 $!	       S_CLIENT,'OBJ_DIR'S_SOCKET.OBJ,'OBJ_DIR'S_CB.OBJ;-
 $!	       SPEED;-
 $!	       S_TIME,'OBJ_DIR'S_CB.OBJ;VERSION;SESS_ID;CIPHERS;NSEQ
 $!$ TCPIP_PROGRAMS = ",,"
 $!$ IF COMPILER .EQS. "VAXC" THEN -
 $!     TCPIP_PROGRAMS = ",S_SERVER,S_CLIENT,SESS_ID,CIPHERS,S_TIME,"
 $!
 $! Setup exceptional compilations
 $!
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -139,6 +139,7 @@ int MAIN(int argc, char **argv)
 	if (!load_config(bio_err, NULL))
 		goto end;
 	SSL_load_error_strings();
 	OpenSSL_add_ssl_algorithms();
 	args = argv + 1;
 	reqnames = sk_new_null();
 	ids = sk_OCSP_CERTID_new_null();
@@ -726,6 +727,11 @@ int MAIN(int argc, char **argv)
 			BIO_printf(bio_err, "SSL is disabled\n");
 			goto end;
 #endif
 			if (ctx == NULL)
 				{
 				BIO_printf(bio_err, "Error creating SSL context.\n");
 				goto end;
 				}
 			SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
 			sbio = BIO_new_ssl(ctx, 1);
 			cbio = BIO_push(sbio, cbio);
@@ -1221,7 +1227,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
 		return 0;
 	BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
 	i2d_OCSP_RESPONSE_bio(cbio, resp);
-	BIO_flush(cbio);
+	(void)BIO_flush(cbio);
 	return 1;
 	}
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -8,9 +8,8 @@
 HOME			= .
 RANDFILE		= $ENV::HOME/.rnd
-# Extra OBJECT IDENTIFIER info:
+# Uncomment out to enable OpenSSL configuration see config(3)
-#oid_file		= $ENV::HOME/.oid
+# openssl_conf = openssl_init
 oid_section		= new_oids
 # To use this configuration file with the "-extfile" option of the
 # "openssl x509" utility, name here the section containing the
@@ -19,13 +18,22 @@ oid_section		= new_oids
 # (Alternatively, use a configuration file that has only
 # X.509v3 extensions in its main [= default] section.)
 [openssl_init]
 # Extra OBJECT IDENTIFIER info:
 oid_section = new_oids
 alg_section = algs
 [ new_oids ]
-# We can add new OIDs in here for use by 'ca' and 'req'.
+# We can add new OIDs in here for use by any config aware application
 # Add a simple OID like this:
-# testoid1=1.2.3.4
+# shortname=Long Object Identifier Name, 1.2.3.4
 # Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
+# testoid2=OID2 LONG NAME, ${testoid1}.5.6, OTHER OID
 [ algs ]
 # Algorithm configuration options. Currently just fips_mode
 fips_mode = no
 ####################################################################
 [ ca ]
@@ -188,7 +196,7 @@ nsComment			= "OpenSSL Generated Certificate"
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
+authorityKeyIdentifier=keyid,issuer
 # This stuff is for subjectAltName and issuerAltname.
 # Import the email address.
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -56,7 +56,7 @@
 * [including the GNU Public Licence.]
 */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -147,6 +147,7 @@ char *default_config_file=NULL;
 #ifdef MONOLITH
 CONF *config=NULL;
 BIO *bio_err=NULL;
 int in_FIPS_mode=0;
 #endif
@@ -232,6 +233,19 @@ int main(int Argc, char *Argv[])
 	arg.data=NULL;
 	arg.count=0;
 	in_FIPS_mode = 0;
 #ifdef OPENSSL_FIPS
 	if(getenv("OPENSSL_FIPS")) {
 		if (!FIPS_mode_set(1)) {
 			ERR_load_crypto_strings();
 			ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
 			EXIT(1);
 		}
 		in_FIPS_mode = 1;
 		}
 #endif
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
@@ -445,7 +459,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		for (fp=functions; fp->name != NULL; fp++)
 			{
 			nl=0;
 #ifdef OPENSSL_NO_CAMELLIA
 			if (((i++) % 5) == 0)
 #else
 			if (((i++) % 4) == 0)
 #endif
 				{
 				BIO_printf(bio_err,"\n");
 				nl=1;
@@ -466,7 +484,11 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
 					}
 				}
 #ifdef OPENSSL_NO_CAMELLIA
 			BIO_printf(bio_err,"%-15s",fp->name);
 #else
 			BIO_printf(bio_err,"%-18s",fp->name);
 #endif
 			}
 		BIO_printf(bio_err,"\n\n");
 		ret=0;
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -8,9 +8,8 @@
 HOME			= .
 RANDFILE		= $ENV::HOME/.rnd
-# Extra OBJECT IDENTIFIER info:
+# Uncomment out to enable OpenSSL configuration see config(3)
-#oid_file		= $ENV::HOME/.oid
+# openssl_conf = openssl_init
 oid_section		= new_oids
 # To use this configuration file with the "-extfile" option of the
 # "openssl x509" utility, name here the section containing the
@@ -19,13 +18,22 @@ oid_section		= new_oids
 # (Alternatively, use a configuration file that has only
 # X.509v3 extensions in its main [= default] section.)
 [openssl_init]
 # Extra OBJECT IDENTIFIER info:
 oid_section = new_oids
 alg_section = algs
 [ new_oids ]
-# We can add new OIDs in here for use by 'ca' and 'req'.
+# We can add new OIDs in here for use by any config aware application
 # Add a simple OID like this:
-# testoid1=1.2.3.4
+# shortname=Long Object Identifier Name, 1.2.3.4
 # Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
+# testoid2=OID2 LONG NAME, ${testoid1}.5.6, OTHER OID
 [ algs ]
 # Algorithm configuration options. Currently just fips_mode
 fips_mode = no
 ####################################################################
 [ ca ]
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -3,7 +3,7 @@
 * project.
 */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -110,7 +110,7 @@ int MAIN(int argc, char **argv)
    int maciter = PKCS12_DEFAULT_ITER;
    int twopass = 0;
    int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+    int cert_pbe;
    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    int ret = 1;
    int macver = 1;
@@ -127,6 +127,13 @@ int MAIN(int argc, char **argv)
    apps_startup();
 #ifdef OPENSSL_FIPS
    if (FIPS_mode())
 	cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    else
 #endif
    cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
    enc = EVP_des_ede3_cbc();
    if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
@@ -153,14 +160,22 @@ int MAIN(int argc, char **argv)
    			cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
 		else if (!strcmp (*args, "-export")) export_cert = 1;
 		else if (!strcmp (*args, "-des")) enc=EVP_des_cbc();
 		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
 #ifndef OPENSSL_NO_IDEA
 		else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
 #endif
-		else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
+#ifndef OPENSSL_NO_SEED
 		else if (!strcmp(*args, "-seed")) enc=EVP_seed_cbc();
 #endif
 #ifndef OPENSSL_NO_AES
 		else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
 		else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
 		else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		else if (!strcmp(*args,"-camellia128")) enc=EVP_camellia_128_cbc();
 		else if (!strcmp(*args,"-camellia192")) enc=EVP_camellia_192_cbc();
 		else if (!strcmp(*args,"-camellia256")) enc=EVP_camellia_256_cbc();
 #endif
 		else if (!strcmp (*args, "-noiter")) iter = 1;
 		else if (!strcmp (*args, "-maciter"))
@@ -175,7 +190,8 @@ int MAIN(int argc, char **argv)
 				args++;
 				if (!strcmp(*args, "NONE"))
 					cert_pbe = -1;
-				cert_pbe=OBJ_txt2nid(*args);
+				else
 					cert_pbe=OBJ_txt2nid(*args);
 				if(cert_pbe == NID_undef) {
 					BIO_printf(bio_err,
 						 "Unknown PBE algorithm %s\n", *args);
@@ -300,9 +316,16 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 	BIO_printf (bio_err, "-seed         encrypt private keys with seed\n");
 #endif
 #ifndef OPENSSL_NO_AES
 	BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
 	BIO_printf (bio_err, "              encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
 	BIO_printf (bio_err, "              encrypt PEM output with cbc camellia\n");
 #endif
 	BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
 	BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");
@@ -526,8 +549,11 @@ int MAIN(int argc, char **argv)
 		    X509_free(sk_X509_value(chain2, 0));
 		    sk_X509_free(chain2);
 		} else {
-			BIO_printf (bio_err, "Error %s getting chain.\n",
+			if (vret >= 0)
 				BIO_printf (bio_err, "Error %s getting chain.\n",
 					X509_verify_cert_error_string(vret));
 			else
 				ERR_print_errors(bio_err);
 			goto export_end;
 		}			
    	}
@@ -801,7 +827,7 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
 {
 	X509_STORE_CTX store_ctx;
 	STACK_OF(X509) *chn;
-	int i;
+	int i = 0;
 	/* FIXME: Should really check the return status of X509_STORE_CTX_init
 	 * for an error, but how that fits into the return value of this
@@ -809,13 +835,17 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
 	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
 	if (X509_verify_cert(&store_ctx) <= 0) {
 		i = X509_STORE_CTX_get_error (&store_ctx);
 		if (i == 0)
 			/* avoid returning 0 if X509_verify_cert() did not
 			 * set an appropriate error value in the context */
 			i = -1;
 		chn = NULL;
 		goto err;
-	}
+	} else
-	chn =  X509_STORE_CTX_get1_chain(&store_ctx);
+		chn = X509_STORE_CTX_get1_chain(&store_ctx);
 	i = 0;
 	*chain = chn;
 err:
 	X509_STORE_CTX_cleanup(&store_ctx);
 	*chain = chn;
 	return i;
 }	
@@ -825,12 +855,14 @@ int alg_print (BIO *x, X509_ALGOR *alg)
 	PBEPARAM *pbe;
 	const unsigned char *p;
 	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length);
+	pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
 	if (!pbe)
 		return 1;
 	BIO_printf (bio_err, "%s, Iteration %ld\n", 
 		OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
 		ASN1_INTEGER_get(pbe->iter));
 	PBEPARAM_free (pbe);
-	return 0;
+	return 1;
 }
 /* Load all certificates from a given file */
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -165,6 +165,24 @@ FUNCTION functions[] = {
 #endif
 #ifndef OPENSSL_NO_AES
 	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
 #endif
 	{FUNC_TYPE_CIPHER,"base64",enc_main},
 #ifndef OPENSSL_NO_DES
@@ -179,6 +197,9 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_IDEA
 	{FUNC_TYPE_CIPHER,"idea",enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
 	{FUNC_TYPE_CIPHER,"seed",enc_main},
 #endif
 #ifndef OPENSSL_NO_RC4
 	{FUNC_TYPE_CIPHER,"rc4",enc_main},
 #endif
@@ -245,6 +266,18 @@ FUNCTION functions[] = {
 #ifndef OPENSSL_NO_IDEA
 	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
 	{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
 	{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
 	{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
 #endif
 #ifndef OPENSSL_NO_SEED
 	{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
 #endif
 #ifndef OPENSSL_NO_RC2
 	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
 #endif
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -57,14 +57,18 @@ foreach (
 	"aes-128-cbc", "aes-128-ecb",
 	"aes-192-cbc", "aes-192-ecb",
 	"aes-256-cbc", "aes-256-ecb",
 	"camellia-128-cbc", "camellia-128-ecb",
 	"camellia-192-cbc", "camellia-192-ecb",
 	"camellia-256-cbc", "camellia-256-ecb",
 	"base64",
-	"des", "des3", "desx", "idea", "rc4", "rc4-40",
+	"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
 	"rc2", "bf", "cast", "rc5",
 	"des-ecb", "des-ede",    "des-ede3",
 	"des-cbc", "des-ede-cbc","des-ede3-cbc",
 	"des-cfb", "des-ede-cfb","des-ede3-cfb",
 	"des-ofb", "des-ede-ofb","des-ede3-ofb",
-	"idea-cbc","idea-ecb",   "idea-cfb", "idea-ofb",
+	"idea-cbc","idea-ecb",    "idea-cfb", "idea-ofb",
 	"seed-cbc","seed-ecb",    "seed-cfb", "seed-ofb",
 	"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
 	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
 	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
@@ -75,7 +79,9 @@ foreach (
 	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
 	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
 	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
 	elsif ($_ =~ /camellia/)  { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
 	elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
 	elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
 	elsif ($_ =~ /rc4/)  { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
 	elsif ($_ =~ /rc2/)  { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
 	elsif ($_ =~ /bf/)   { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -213,7 +213,7 @@ int MAIN(int argc, char **argv)
 		BIO_write(out, buf, chunk);
 		num -= chunk;
 		}
-	BIO_flush(out);
+	(void)BIO_flush(out);
 	app_RAND_write_file(NULL, bio_err);
 	ret = 0;
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -81,9 +81,13 @@
 * -des		- encrypt output if PEM format with DES in cbc mode
 * -des3	- encrypt output if PEM format
 * -idea	- encrypt output if PEM format
 * -seed	- encrypt output if PEM format
 * -aes128	- encrypt output if PEM format
 * -aes192	- encrypt output if PEM format
 * -aes256	- encrypt output if PEM format
 * -camellia128 - encrypt output if PEM format
 * -camellia192 - encrypt output if PEM format
 * -camellia256 - encrypt output if PEM format
 * -text	- print a text version
 * -modulus	- print the RSA key modulus
 * -check	- verify key consistency
@@ -208,9 +212,16 @@ bad:
 #ifndef OPENSSL_NO_IDEA
 		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 		BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
 #endif
 #ifndef OPENSSL_NO_AES
 		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
 		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
 #endif
 		BIO_printf(bio_err," -text           print the key in text\n");
 		BIO_printf(bio_err," -noout          don't print key out\n");
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -573,5 +573,5 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 			BIO_printf(bio, " ...");
 		BIO_printf(bio, "\n");
 		}
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
 	}
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -188,7 +188,7 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -port port     - use -connect instead\n");
 	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
-	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
+	BIO_printf(bio_err," -verify depth - turn on peer certificate verification\n");
 	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
 	BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
 	BIO_printf(bio_err," -key arg      - Private key file to use, in cert file if\n");
@@ -226,7 +226,7 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
 	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
 	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-	BIO_printf(bio_err,"                 only \"smtp\" and \"pop3\" are supported.\n");
+	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
 #ifndef OPENSSL_NO_ENGINE
 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 #endif
@@ -234,6 +234,15 @@ static void sc_usage(void)
 	}
 enum
 {
 	PROTO_OFF	= 0,
 	PROTO_SMTP,
 	PROTO_POP3,
 	PROTO_IMAP,
 	PROTO_FTP
 };
 int MAIN(int, char **);
 int MAIN(int argc, char **argv)
@@ -260,7 +269,7 @@ int MAIN(int argc, char **argv)
 	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
 	SSL_CTX *ctx=NULL;
 	int ret=1,in_init=1,i,nbio_test=0;
-	int starttls_proto = 0;
+	int starttls_proto = PROTO_OFF;
 	int prexit = 0, vflags = 0;
 	SSL_METHOD *meth=NULL;
 #ifdef sock_type
@@ -269,6 +278,7 @@ int MAIN(int argc, char **argv)
 	int sock_type=SOCK_STREAM;
 	BIO *sbio;
 	char *inrand=NULL;
 	int mbuf_len=0;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine_id=NULL;
 	ENGINE *e=NULL;
@@ -466,9 +476,13 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			++argv;
 			if (strcmp(*argv,"smtp") == 0)
-				starttls_proto = 1;
+				starttls_proto = PROTO_SMTP;
 			else if (strcmp(*argv,"pop3") == 0)
-				starttls_proto = 2;
+				starttls_proto = PROTO_POP3;
 			else if (strcmp(*argv,"imap") == 0)
 				starttls_proto = PROTO_IMAP;
 			else if (strcmp(*argv,"ftp") == 0)
 				starttls_proto = PROTO_FTP;
 			else
 				goto bad;
 			}
@@ -654,7 +668,7 @@ re_start:
 			goto end;
 			}
-		BIO_ctrl_set_connected(sbio, 1, &peer);
+		(void)BIO_ctrl_set_connected(sbio, 1, &peer);
 		if ( enable_timeouts)
 			{
@@ -693,7 +707,7 @@ re_start:
 		{
 		con->debug=1;
 		BIO_set_callback(sbio,bio_dump_callback);
-		BIO_set_callback_arg(sbio,bio_c_out);
+		BIO_set_callback_arg(sbio,(char *)bio_c_out);
 		}
 	if (c_msg)
 		{
@@ -719,18 +733,93 @@ re_start:
 	sbuf_off=0;
 	/* This is an ugly hack that does a lot of assumptions */
-	if (starttls_proto == 1)
+	/* We do have to handle multi-line responses which may come
 	   in a single packet or not. We therefore have to use
 	   BIO_gets() which does need a buffering BIO. So during
 	   the initial chitchat we do push a buffering BIO into the
 	   chain that is removed again later on to not disturb the
 	   rest of the s_client operation. */
 	if (starttls_proto == PROTO_SMTP)
 		{
-		BIO_read(sbio,mbuf,BUFSIZZ);
+		int foundit=0;
 		BIO *fbio = BIO_new(BIO_f_buffer());
 		BIO_push(fbio, sbio);
 		/* wait for multi-line response to end from SMTP */
 		do
 			{
 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
 			}
 		while (mbuf_len>3 && mbuf[3]=='-');
 		/* STARTTLS command requires EHLO... */
 		BIO_printf(fbio,"EHLO openssl.client.net\r\n");
 		(void)BIO_flush(fbio);
 		/* wait for multi-line response to end EHLO SMTP response */
 		do
 			{
 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
 			if (strstr(mbuf,"STARTTLS"))
 				foundit=1;
 			}
 		while (mbuf_len>3 && mbuf[3]=='-');
 		(void)BIO_flush(fbio);
 		BIO_pop(fbio);
 		BIO_free(fbio);
 		if (!foundit)
 			BIO_printf(bio_err,
 				   "didn't found starttls in server response,"
 				   " try anyway...\n");
 		BIO_printf(sbio,"STARTTLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
-	if (starttls_proto == 2)
+	else if (starttls_proto == PROTO_POP3)
 		{
 		BIO_read(sbio,mbuf,BUFSIZZ);
 		BIO_printf(sbio,"STLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
 	else if (starttls_proto == PROTO_IMAP)
 		{
 		int foundit=0;
 		BIO *fbio = BIO_new(BIO_f_buffer());
 		BIO_push(fbio, sbio);
 		BIO_gets(fbio,mbuf,BUFSIZZ);
 		/* STARTTLS command requires CAPABILITY... */
 		BIO_printf(fbio,". CAPABILITY\r\n");
 		(void)BIO_flush(fbio);
 		/* wait for multi-line CAPABILITY response */
 		do
 			{
 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
 			if (strstr(mbuf,"STARTTLS"))
 				foundit=1;
 			}
 		while (mbuf_len>3 && mbuf[0]!='.');
 		(void)BIO_flush(fbio);
 		BIO_pop(fbio);
 		BIO_free(fbio);
 		if (!foundit)
 			BIO_printf(bio_err,
 				   "didn't found STARTTLS in server response,"
 				   " try anyway...\n");
 		BIO_printf(sbio,". STARTTLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
 	else if (starttls_proto == PROTO_FTP)
 		{
 		BIO *fbio = BIO_new(BIO_f_buffer());
 		BIO_push(fbio, sbio);
 		/* wait for multi-line response to end from FTP */
 		do
 			{
 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
 			}
 		while (mbuf_len>3 && mbuf[3]=='-');
 		(void)BIO_flush(fbio);
 		BIO_pop(fbio);
 		BIO_free(fbio);
 		BIO_printf(sbio,"AUTH TLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
 	for (;;)
 		{
@@ -755,7 +844,7 @@ re_start:
 					{
 					BIO_printf(bio_err,"%s",mbuf);
 					/* We don't need to know any more */
-					starttls_proto = 0;
+					starttls_proto = PROTO_OFF;
 					}
 				if (reconnect)
@@ -1214,6 +1303,6 @@ static void print_stuff(BIO *bio, SSL *s, int full)
 	if (peer != NULL)
 		X509_free(peer);
 	/* flush, or debugging output gets mixed with http response */
-	BIO_flush(bio);
+	(void)BIO_flush(bio);
 	}
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1234,7 +1234,7 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 		{
 		con->debug=1;
 		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
 		}
 	if (s_msg)
 		{
@@ -1638,7 +1638,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
 		{
 		con->debug=1;
 		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-		BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
 		}
 	if (s_msg)
 		{
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -145,6 +145,10 @@ int MAIN(int argc, char **argv)
 		else if (!strcmp (*args, "-des")) 
 				cipher = EVP_des_cbc();
 #endif
 #ifndef OPENSSL_NO_SEED
 		else if (!strcmp (*args, "-seed")) 
 				cipher = EVP_seed_cbc();
 #endif
 #ifndef OPENSSL_NO_RC2
 		else if (!strcmp (*args, "-rc2-40")) 
 				cipher = EVP_rc2_40_cbc();
@@ -160,6 +164,14 @@ int MAIN(int argc, char **argv)
 				cipher = EVP_aes_192_cbc();
 		else if (!strcmp(*args,"-aes256"))
 				cipher = EVP_aes_256_cbc();
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		else if (!strcmp(*args,"-camellia128"))
 				cipher = EVP_camellia_128_cbc();
 		else if (!strcmp(*args,"-camellia192"))
 				cipher = EVP_camellia_192_cbc();
 		else if (!strcmp(*args,"-camellia256"))
 				cipher = EVP_camellia_256_cbc();
 #endif
 		else if (!strcmp (*args, "-text")) 
 				flags |= PKCS7_TEXT;
@@ -415,6 +427,9 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-des3          encrypt with triple DES\n");
 		BIO_printf (bio_err, "-des           encrypt with DES\n");
 #endif
 #ifndef OPENSSL_NO_SEED
 		BIO_printf (bio_err, "-seed          encrypt with SEED\n");
 #endif
 #ifndef OPENSSL_NO_RC2
 		BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
 		BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
@@ -423,6 +438,10 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_AES
 		BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
 		BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 		BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n");
 		BIO_printf (bio_err, "               encrypt PEM output with cbc camellia\n");
 #endif
 		BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
 		BIO_printf (bio_err, "-nosigs        don't verify message signature\n");
@@ -638,12 +657,6 @@ int MAIN(int argc, char **argv)
 		if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME))
 			flags |= PKCS7_STREAM;
 		p7 = PKCS7_sign(signer, key, other, in, flags);
 		/* Don't need to rewind for partial signing */
 		if (!(flags & PKCS7_STREAM) && (BIO_reset(in) != 0))
 			{
 			BIO_printf(bio_err, "Can't rewind input file\n");
 			goto end;
 			}
 		}
 	else
 		{
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -164,6 +164,9 @@
 #ifndef OPENSSL_NO_AES
 #include <openssl/aes.h>
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 #include <openssl/camellia.h>
 #endif
 #ifndef OPENSSL_NO_MD2
 #include <openssl/md2.h>
 #endif
@@ -198,6 +201,9 @@
 #ifndef OPENSSL_NO_IDEA
 #include <openssl/idea.h>
 #endif
 #ifndef OPENSSL_NO_SEED
 #include <openssl/seed.h>
 #endif
 #ifndef OPENSSL_NO_BF
 #include <openssl/blowfish.h>
 #endif
@@ -269,7 +275,7 @@ static void print_result(int alg,int run_no,int count,double time_used);
 static int do_multi(int multi);
 #endif
-#define ALGOR_NUM	21
+#define ALGOR_NUM	28
 #define SIZE_NUM	5
 #define RSA_NUM		4
 #define DSA_NUM		3
@@ -279,9 +285,12 @@ static int do_multi(int multi);
 static const char *names[ALGOR_NUM]={
  "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
-  "des cbc","des ede3","idea cbc",
+  "des cbc","des ede3","idea cbc","seed cbc",
  "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc",
-  "aes-128 cbc","aes-192 cbc","aes-256 cbc","evp","sha256","sha512"};
+  "aes-128 cbc","aes-192 cbc","aes-256 cbc",
  "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
  "evp","sha256","sha512",
  "aes-128 ige","aes-192 ige","aes-256 ige"};
 static double results[ALGOR_NUM][SIZE_NUM];
 static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
 static double rsa_results[RSA_NUM][2];
@@ -528,6 +537,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 	IDEA_KEY_SCHEDULE idea_ks;
 #endif
 #ifndef OPENSSL_NO_SEED
 	SEED_KEY_SCHEDULE seed_ks;
 #endif
 #ifndef OPENSSL_NO_BF
 	BF_KEY bf_ks;
 #endif
@@ -548,6 +560,17 @@ int MAIN(int argc, char **argv)
 		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
 		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	static const unsigned char ckey24[24]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
 		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
 	static const unsigned char ckey32[32]=
 		{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
 		 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,
 		 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,
 		 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56};
 #endif
 #ifndef OPENSSL_NO_AES
 #define MAX_BLOCK_SIZE 128
 #else
@@ -567,6 +590,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_AES
 	AES_KEY aes_ks1, aes_ks2, aes_ks3;
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
 #endif
 #define	D_MD2		0
 #define	D_MDC2		1
 #define	D_MD4		2
@@ -578,16 +604,23 @@ int MAIN(int argc, char **argv)
 #define	D_CBC_DES	8
 #define	D_EDE3_DES	9
 #define	D_CBC_IDEA	10
-#define	D_CBC_RC2	11
+#define	D_CBC_SEED	11
-#define	D_CBC_RC5	12
+#define	D_CBC_RC2	12
-#define	D_CBC_BF	13
+#define	D_CBC_RC5	13
-#define	D_CBC_CAST	14
+#define	D_CBC_BF	14
-#define D_CBC_128_AES	15
+#define	D_CBC_CAST	15
-#define D_CBC_192_AES	16
+#define D_CBC_128_AES	16
-#define D_CBC_256_AES	17
+#define D_CBC_192_AES	17
-#define D_EVP		18
+#define D_CBC_256_AES	18
-#define D_SHA256	19
+#define D_CBC_128_CML   19 
-#define D_SHA512	20
+#define D_CBC_192_CML   20
 #define D_CBC_256_CML   21 
 #define D_EVP		22
 #define D_SHA256	23	
 #define D_SHA512	24
 #define D_IGE_128_AES   25
 #define D_IGE_192_AES   26
 #define D_IGE_256_AES   27
 	double d=0.0;
 	long c[ALGOR_NUM][SIZE_NUM];
 #define	R_DSA_512	0
@@ -928,6 +961,15 @@ int MAIN(int argc, char **argv)
 			if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1;
 		else	if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1;
 		else	if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1;
 		else    if (strcmp(*argv,"aes-128-ige") == 0) doit[D_IGE_128_AES]=1;
 		else	if (strcmp(*argv,"aes-192-ige") == 0) doit[D_IGE_192_AES]=1;
 		else	if (strcmp(*argv,"aes-256-ige") == 0) doit[D_IGE_256_AES]=1;
                else
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 			if (strcmp(*argv,"camellia-128-cbc") == 0) doit[D_CBC_128_CML]=1;
 		else    if (strcmp(*argv,"camellia-192-cbc") == 0) doit[D_CBC_192_CML]=1;
 		else    if (strcmp(*argv,"camellia-256-cbc") == 0) doit[D_CBC_256_CML]=1;
 		else
 #endif
 #ifndef OPENSSL_NO_RSA
@@ -971,6 +1013,11 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
 		else
 #endif
 #ifndef OPENSSL_NO_SEED
 		     if (strcmp(*argv,"seed-cbc") == 0) doit[D_CBC_SEED]=1;
 		else if (strcmp(*argv,"seed") == 0) doit[D_CBC_SEED]=1;
 		else
 #endif
 #ifndef OPENSSL_NO_BF
 		     if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
 		else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
@@ -1000,6 +1047,15 @@ int MAIN(int argc, char **argv)
 			}
 		else
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 			if (strcmp(*argv,"camellia") == 0)
 			{
 			doit[D_CBC_128_CML]=1;
 			doit[D_CBC_192_CML]=1;
 			doit[D_CBC_256_CML]=1;
 			}
 		else
 #endif
 #ifndef OPENSSL_NO_RSA
 			if (strcmp(*argv,"rsa") == 0)
 			{
@@ -1107,6 +1163,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err,"idea-cbc ");
 #endif
 #ifndef OPENSSL_NO_SEED
 			BIO_printf(bio_err,"seed-cbc ");
 #endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err,"rc2-cbc  ");
 #endif
@@ -1116,7 +1175,7 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_BF
 			BIO_printf(bio_err,"bf-cbc");
 #endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
 			BIO_printf(bio_err,"\n");
 #endif
@@ -1125,6 +1184,11 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_AES
 			BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
 			BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige ");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 			BIO_printf(bio_err,"\n");
 			BIO_printf(bio_err,"camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
 #endif
 #ifndef OPENSSL_NO_RC4
 			BIO_printf(bio_err,"rc4");
@@ -1154,6 +1218,9 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
 			BIO_printf(bio_err,"idea     ");
 #endif
 #ifndef OPENSSL_NO_SEED
 			BIO_printf(bio_err,"seed     ");
 #endif
 #ifndef OPENSSL_NO_RC2
 			BIO_printf(bio_err,"rc2      ");
 #endif
@@ -1163,15 +1230,19 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_AES
 			BIO_printf(bio_err,"aes      ");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 			BIO_printf(bio_err,"camellia ");
 #endif
 #ifndef OPENSSL_NO_RSA
 			BIO_printf(bio_err,"rsa      ");
 #endif
 #ifndef OPENSSL_NO_BF
 			BIO_printf(bio_err,"blowfish");
 #endif
-#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \
+#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
-    !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \
+    !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
-    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES)
+    !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
    !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
 			BIO_printf(bio_err,"\n");
 #endif
@@ -1265,9 +1336,17 @@ int MAIN(int argc, char **argv)
 	AES_set_encrypt_key(key24,192,&aes_ks2);
 	AES_set_encrypt_key(key32,256,&aes_ks3);
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	Camellia_set_key(key16,128,&camellia_ks1);
 	Camellia_set_key(ckey24,192,&camellia_ks2);
 	Camellia_set_key(ckey32,256,&camellia_ks3);
 #endif
 #ifndef OPENSSL_NO_IDEA
 	idea_set_encrypt_key(key16,&idea_ks);
 #endif
 #ifndef OPENSSL_NO_SEED
 	SEED_set_key(key16,&seed_ks);
 #endif
 #ifndef OPENSSL_NO_RC4
 	RC4_set_key(&rc4_ks,16,key16);
 #endif
@@ -1311,6 +1390,7 @@ int MAIN(int argc, char **argv)
 	c[D_CBC_DES][0]=count;
 	c[D_EDE3_DES][0]=count/3;
 	c[D_CBC_IDEA][0]=count;
 	c[D_CBC_SEED][0]=count;
 	c[D_CBC_RC2][0]=count;
 	c[D_CBC_RC5][0]=count;
 	c[D_CBC_BF][0]=count;
@@ -1318,8 +1398,14 @@ int MAIN(int argc, char **argv)
 	c[D_CBC_128_AES][0]=count;
 	c[D_CBC_192_AES][0]=count;
 	c[D_CBC_256_AES][0]=count;
 	c[D_CBC_128_CML][0]=count;
 	c[D_CBC_192_CML][0]=count;
 	c[D_CBC_256_CML][0]=count;
 	c[D_SHA256][0]=count;
 	c[D_SHA512][0]=count;
 	c[D_IGE_128_AES][0]=count;
 	c[D_IGE_192_AES][0]=count;
 	c[D_IGE_256_AES][0]=count;
 	for (i=1; i<SIZE_NUM; i++)
 		{
@@ -1343,6 +1429,7 @@ int MAIN(int argc, char **argv)
 		c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
 		c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
 		c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
 		c[D_CBC_SEED][i]=c[D_CBC_SEED][i-1]*l0/l1;
 		c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
 		c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
 		c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
@@ -1350,6 +1437,12 @@ int MAIN(int argc, char **argv)
 		c[D_CBC_128_AES][i]=c[D_CBC_128_AES][i-1]*l0/l1;
 		c[D_CBC_192_AES][i]=c[D_CBC_192_AES][i-1]*l0/l1;
 		c[D_CBC_256_AES][i]=c[D_CBC_256_AES][i-1]*l0/l1;
 		c[D_CBC_128_CML][i]=c[D_CBC_128_CML][i-1]*l0/l1;
 		c[D_CBC_192_CML][i]=c[D_CBC_192_CML][i-1]*l0/l1;
 		c[D_CBC_256_CML][i]=c[D_CBC_256_CML][i-1]*l0/l1;
 		c[D_IGE_128_AES][i]=c[D_IGE_128_AES][i-1]*l0/l1;
 		c[D_IGE_192_AES][i]=c[D_IGE_192_AES][i-1]*l0/l1;
 		c[D_IGE_256_AES][i]=c[D_IGE_256_AES][i-1]*l0/l1;
 		}
 #ifndef OPENSSL_NO_RSA
 	rsa_c[R_RSA_512][0]=count/2000;
@@ -1743,6 +1836,93 @@ int MAIN(int argc, char **argv)
 			}
 		}
 	if (doit[D_IGE_128_AES])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_IGE_128_AES],c[D_IGE_128_AES][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_IGE_128_AES][j]); count++)
 				AES_ige_encrypt(buf,buf2,
 					(unsigned long)lengths[j],&aes_ks1,
 					iv,AES_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_IGE_128_AES,j,count,d);
 			}
 		}
 	if (doit[D_IGE_192_AES])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_IGE_192_AES],c[D_IGE_192_AES][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_IGE_192_AES][j]); count++)
 				AES_ige_encrypt(buf,buf2,
 					(unsigned long)lengths[j],&aes_ks2,
 					iv,AES_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_IGE_192_AES,j,count,d);
 			}
 		}
 	if (doit[D_IGE_256_AES])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_IGE_256_AES],c[D_IGE_256_AES][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_IGE_256_AES][j]); count++)
 				AES_ige_encrypt(buf,buf2,
 					(unsigned long)lengths[j],&aes_ks3,
 					iv,AES_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_IGE_256_AES,j,count,d);
 			}
 		}
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
 	if (doit[D_CBC_128_CML])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_CBC_128_CML],c[D_CBC_128_CML][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_CBC_128_CML][j]); count++)
 				Camellia_cbc_encrypt(buf,buf,
 				        (unsigned long)lengths[j],&camellia_ks1,
 				        iv,CAMELLIA_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_CBC_128_CML,j,count,d);
 			}
 		}
 	if (doit[D_CBC_192_CML])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_CBC_192_CML],c[D_CBC_192_CML][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_CBC_192_CML][j]); count++)
 				Camellia_cbc_encrypt(buf,buf,
 				        (unsigned long)lengths[j],&camellia_ks2,
 				        iv,CAMELLIA_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_CBC_192_CML,j,count,d);
 			}
 		}
 	if (doit[D_CBC_256_CML])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_CBC_256_CML],c[D_CBC_256_CML][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_CBC_256_CML][j]); count++)
 				Camellia_cbc_encrypt(buf,buf,
 				        (unsigned long)lengths[j],&camellia_ks3,
 				        iv,CAMELLIA_ENCRYPT);
 			d=Time_F(STOP);
 			print_result(D_CBC_256_CML,j,count,d);
 			}
 		}
 #endif
 #ifndef OPENSSL_NO_IDEA
 	if (doit[D_CBC_IDEA])
@@ -1760,6 +1940,21 @@ int MAIN(int argc, char **argv)
 			}
 		}
 #endif
 #ifndef OPENSSL_NO_SEED
 	if (doit[D_CBC_SEED])
 		{
 		for (j=0; j<SIZE_NUM; j++)
 			{
 			print_message(names[D_CBC_SEED],c[D_CBC_SEED][j],lengths[j]);
 			Time_F(START);
 			for (count=0,run=1; COND(c[D_CBC_SEED][j]); count++)
 				SEED_cbc_encrypt(buf,buf,
 					(unsigned long)lengths[j],&seed_ks,iv,1);
 			d=Time_F(STOP);
 			print_result(D_CBC_SEED,j,count,d);
 			}
 		}
 #endif
 #ifndef OPENSSL_NO_RC2
 	if (doit[D_CBC_RC2])
 		{
@@ -2522,6 +2717,7 @@ static void print_result(int alg,int run_no,int count,double time_used)
 	results[alg][run_no]=((double)count)/time_used*lengths[run_no];
 	}
 #ifdef HAVE_FORK
 static char *sstrsep(char **string, const char *delim)
    {
    char isdelim[256];
@@ -2553,7 +2749,6 @@ static char *sstrsep(char **string, const char *delim)
    return token;
    }
 #ifdef HAVE_FORK
 static int do_multi(int multi)
 	{
 	int n;
--- a/certs/aol1.pem
+++ b/certs/aol1.pem
@@ -0,0 +1,22 @@
 -----BEGIN CERTIFICATE-----
 MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
 MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
 bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
 MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
 ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
 Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
 ADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lk
 hsmj76CGv2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym
 1BW32J/X3HGrfpq/m44zDyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsW
 OqMFf6Dch9Wc/HKpoH145LcxVR5lu9RhsCFg7RAycsWSJR74kEoYeEfffjA3PlAb
 2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP8c9GsEsPPt2IYriMqQko
 O3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0TAQH/BAUw
 AwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAU
 AK3Zo/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
 BQUAA4IBAQB8itEfGDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkF
 Zu90821fnZmv9ov761KyBZiibyrFVL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAb
 LjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft3OJvx8Fi8eNy1gTIdGcL+oir
 oQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43gKd8hdIaC2y+C
 MMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds
 sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7
 -----END CERTIFICATE-----
--- a/certs/aol2.pem
+++ b/certs/aol2.pem
@@ -0,0 +1,33 @@
 -----BEGIN CERTIFICATE-----
 MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
 MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
 bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2
 MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0Ft
 ZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2EgT25saW5lIFJvb3Qg
 Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
 ADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC
 206B89enfHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFci
 KtZHgVdEglZTvYYUAQv8f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2
 JxhP7JsowtS013wMPgwr38oE18aO6lhOqKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9
 BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JNRvCAOVIyD+OEsnpD8l7e
 Xz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0gBe4lL8B
 PeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67
 Xnfn6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEq
 Z8A9W6Wa6897GqidFEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZ
 o2C7HK2JNDJiuEMhBnIMoVxtRsX6Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3
 +L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnjB453cMor9H124HhnAgMBAAGj
 YzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3OpaaEg5+31IqEj
 FNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE
 AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmn
 xPBUlgtk87FYT15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2
 LHo1YGwRgJfMqZJS5ivmae2p+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzccc
 obGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXgJXUjhx5c3LqdsKyzadsXg8n33gy8
 CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//ZoyzH1kUQ7rVyZ2OuMe
 IjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgOZtMA
 DjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2F
 AjgQ5ANh1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUX
 Om/9riW99XJZZLF0KjhfGEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPb
 AZO1XB4Y3WRayhgoPmMEEf0cjQAPuDffZ4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQl
 Zvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuPcX/9XhmgD0uRuMRUvAaw
 RY8mkaKO/qk=
 -----END CERTIFICATE-----
--- a/certs/aoltw1.pem
+++ b/certs/aoltw1.pem
@@ -0,0 +1,23 @@
 -----BEGIN CERTIFICATE-----
 MIID5jCCAs6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
 HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
 IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
 aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyOTA2MDAwMFoXDTM3MTEyMDE1
 MDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
 SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
 IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIw
 DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnej8Mlo2k06AX3dLm/WpcZuS+U
 0pPlLYnKhHw/EEMbjIt8hFj4JHxIzyr9wBXZGH6EGhfT257XyuTZ16pYUYfw8ItI
 TuLCxFlpMGK2MKKMCxGZYTVtfu/FsRkGIBKOQuHfD5YQUqjPnF+VFNivO3ULMSAf
 RC+iYkGzuxgh28pxPIzstrkNn+9R7017EvILDOGsQI93f7DKeHEMXRZxcKLXwjqF
 zQ6axOAAsNUl6twr5JQtOJyJQVdkKGUZHLZEtMgxa44Be3ZZJX8VHIQIfHNlIAqh
 BC4aMqiaILGcLCFZ5/vP7nAtCMpjPiybkxlqpMKX/7eGV4iFbJ4VFitNLLMCAwEA
 AaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoTYwFsuGkABFgFOxj8jY
 PXy+XxIwHwYDVR0jBBgwFoAUoTYwFsuGkABFgFOxj8jYPXy+XxIwDgYDVR0PAQH/
 BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQCKIBilvrMvtKaEAEAwKfq0FHNMeUWn
 9nDg6H5kHgqVfGphwu9OH77/yZkfB2FK4V1Mza3u0FIy2VkyvNp5ctZ7CegCgTXT
 Ct8RHcl5oIBN/lrXVtbtDyqvpxh1MwzqwWEFT2qaifKNuZ8u77BfWgDrvq2g+EQF
 Z7zLBO+eZMXpyD8Fv8YvBxzDNnGGyjhmSs3WuEvGbKeXO/oTLW4jYYehY0KswsuX
 n2Fozy1MBJ3XJU8KDk2QixhWqJNIV9xvrr2eZ1d3iVCzvhGbRWeDhhmH05i9CBoW
 H1iCC+GWaQVLjuyDUTEH1dSf/1l7qG6Fz9NLqUmwX7A5KGgOc90lmt4S
 -----END CERTIFICATE-----
--- a/certs/aoltw2.pem
+++ b/certs/aoltw2.pem
@@ -0,0 +1,34 @@
 -----BEGIN CERTIFICATE-----
 MIIF5jCCA86gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMCVVMx
 HTAbBgNVBAoTFEFPTCBUaW1lIFdhcm5lciBJbmMuMRwwGgYDVQQLExNBbWVyaWNh
 IE9ubGluZSBJbmMuMTcwNQYDVQQDEy5BT0wgVGltZSBXYXJuZXIgUm9vdCBDZXJ0
 aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyOTA2MDAwMFoXDTM3MDkyODIz
 NDMwMFowgYMxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBT0wgVGltZSBXYXJuZXIg
 SW5jLjEcMBoGA1UECxMTQW1lcmljYSBPbmxpbmUgSW5jLjE3MDUGA1UEAxMuQU9M
 IFRpbWUgV2FybmVyIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIw
 DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQ3WggWmRToVbEbJGv8x4vmh6mJ
 7ouZzU9AhqS2TcnZsdw8TQ2FTBVsRotSeJ/4I/1n9SQ6aF3Q92RhQVSji6UI0ilb
 m2BPJoPRYxJWSXakFsKlnUWsi4SVqBax7J/qJBrvuVdcmiQhLE0OcR+mrF1FdAOY
 xFSMFkpBd4aVdQxHAWZg/BXxD+r1FHjHDtdugRxev17nOirYlxcwfACtCJ0zr7iZ
 YYCLqJV+FNwSbKTQ2O9ASQI2+W6p1h2WVgSysy0WVoaP2SBXgM1nEG2wTPDaRrbq
 JS5Gr42whTg0ixQmgiusrpkLjhTXUr2eacOGAgvqdnUxCc4zGSGFQ+aJLZ8lN2fx
 I2rSAG2X+Z/nKcrdH9cG6rjJuQkhn8g/BsXS6RJGAE57COtCPStIbp1n3UsC5ETz
 kxmlJ85per5n0/xQpCyrw2u544BMzwVhSyvcG7mm0tCq9Stz+86QNZ8MUhy/XCFh
 EVsVS6kkUfykXPcXnbDS+gfpj1bkGoxoigTTfFrjnqKhynFbotSg5ymFXQNoKk/S
 Btc9+cMDLz9l+WceR0DTYw/j1Y75hauXTLPXJuuWCpTehTacyH+BCQJJKg71ZDIM
 gtG6aoIbs0t0EfOMd9afv9w3pKdVBC/UMejTRrkDfNoSTllkt1ExMVCgyhwn2RAu
 rda9EGYrw7AiShJbAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
 FE9pbQN+nZ8HGEO8txBO1b+pxCAoMB8GA1UdIwQYMBaAFE9pbQN+nZ8HGEO8txBO
 1b+pxCAoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAO/Ouyugu
 h4X7ZVnnrREUpVe8WJ8kEle7+z802u6teio0cnAxa8cZmIDJgt43d15Ui47y6mdP
 yXSEkVYJ1eV6moG2gcKtNuTxVBFT8zRFASbI5Rq8NEQh3q0l/HYWdyGQgJhXnU7q
 7C+qPBR7V8F+GBRn7iTGvboVsNIYvbdVgaxTwOjdaRITQrcCtQVBynlQboIOcXKT
 RuidDV29rs4prWPVVRaAMCf/drr3uNZK49m1+VLQTkCpx+XCMseqdiThawVQ68W/
 ClTluUI8JPu3B5wwn3la5uBAUhX0/Kr0VvlEl4ftDmVyXr4m+02kLQgH3thcoNyB
 M5kYJRF3p+v9WAksmWsbivNSPxpNSGDxoPYzAlOL7SUJuA0t7Zdz7NeWH45gDtoQ
 my8YJPamTQr5O8t1wswvziRpyQoijlmn94IM19drNZxDAGrElWe6nEXLuA4399xO
 AU++CrYD062KRffaJ00psUjf5BHklka9bAI+1lHIlRcBFanyqqryvy9lG2/QuRqT
 9Y41xICHPpQvZuTpqP9BnHAqTyo5GJUefvthATxRCC4oGKQWDzH9OmwjkyB24f0H
 hdFbP9IcczLd+rn4jM8Ch3qaluTtT4mNU0OrDhPAARW0eTjb/G49nlG2uBOLZ8/5
 fNkiHfZdxRwBL5joeiQYvITX+txyW/fBOmg=
 -----END CERTIFICATE-----
--- a/112
+++ b/112
@@ -48,10 +48,10 @@ done
 # First get uname entries that we use below
-MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
+[ "$MACHINE" ] || MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
-RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
+[ "$RELEASE" ] || RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
-SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
+[ "$SYSTEM" ] || SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
-VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
+[ "$BUILD" ] || VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
 # Now test for ISC and SCO, since it is has a braindamaged uname.
@@ -406,7 +406,7 @@ if [ "$GCCVER" != "" ]; then
  CC=gcc
  # then strip off whatever prefix egcs prepends the number with...
  # Hopefully, this will work for any future prefixes as well.
-  GCCVER=`echo $GCCVER | sed 's/^[a-zA-Z]*\-//'`
+  GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
  # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
  # does give us what we want though, so we use that.  We just just the
  # major and minor version numbers.
@@ -501,20 +501,7 @@ case "$GUESSOS" in
 	OUT="irix-mips3-$CC"
 	;;
  mips4-sgi-irix64)
-	echo "WARNING! If you wish to build 64-bit library, then you have to"
+	OUT="irix64-mips4-$CC"
 	echo "         invoke './Configure irix64-mips4-$CC' *manually*."
 	if [ "$TEST" = "false" -a -t 1 ]; then
 	  echo "         You have about 5 seconds to press Ctrl-C to abort."
 	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
        #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
        #CPU=${CPU:-0}
        #if [ $CPU -ge 5000 ]; then
        #        options="$options -mips4"
        #else
        #        options="$options -mips3"
        #fi
 	OUT="irix-mips3-$CC"
 	;;
  ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
  ppc-apple-darwin*) OUT="darwin-ppc-cc" ;;
@@ -534,25 +521,12 @@ case "$GUESSOS" in
 	fi
 	;;
  ppc64-*-linux2)
-	echo "WARNING! If you wish to build 64-bit library, then you have to"
+	OUT="linux-ppc64"
 	echo "         invoke './Configure linux-ppc64' *manually*."
 	if [ "$TEST" = "false" -a -t 1 ]; then
 	    echo "         You have about 5 seconds to press Ctrl-C to abort."
 	    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
 	OUT="linux-ppc"
 	;;
  ppc-*-linux2) OUT="linux-ppc" ;;
  ia64-*-linux?) OUT="linux-ia64" ;;
  sparc64-*-linux2)
-	echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
+	OUT="linux64-sparcv9" ;;
 	echo "         and wish to build 64-bit library, then you have to"
 	echo "         invoke './Configure linux64-sparcv9' *manually*."
 	if [ "$TEST" = "false" -a -t 1 ]; then
 	  echo "          You have about 5 seconds to press Ctrl-C to abort."
 	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
 	OUT="linux-sparcv9" ;;
  sparc-*-linux2)
 	KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo`
 	case ${KARCH:-sun4} in
@@ -585,53 +559,38 @@ case "$GUESSOS" in
 	OUT="linux-generic32" ;;
  arm*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
  arm*l-*-linux2) OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
-  s390*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
+  sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
  sh*-*-linux2)  OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
  m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
  s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN -DNO_ASM" ;;
  s390x-*-linux2) OUT="linux-s390x" ;;
  x86_64-*-linux?) OUT="linux-x86_64" ;;
  *86-*-linux2) OUT="linux-elf"
 	if [ "$GCCVER" -gt 28 ]; then
          if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=pentium"
+	    options="$options -march=pentium"
          fi
          if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=pentiumpro"
+	    options="$options -march=pentiumpro"
          fi
          if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
-	    options="$options -mcpu=k6"
+	    options="$options -march=k6"
          fi
        fi ;;
  *-*-linux1) OUT="linux-aout" ;;
  *-*-linux2) OUT="linux-generic32" ;;
-  sun4u*-*-solaris2)
+  sun4[uv]*-*-solaris2)
 	OUT="solaris-sparcv9-$CC"
 	ISA64=`(isalist) 2>/dev/null | grep sparcv9`
 	if [ "$ISA64" != "" ]; then
 	    if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
-		echo "WARNING! If you wish to build 64-bit library, then you have to"
+		OUT="solaris64-sparcv9-cc"
 		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
 		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
 		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    elif [ "$CC" = "gcc" -a "$GCC_ARCH" = "-m64" ]; then
 		# $GCC_ARCH denotes default ABI chosen by compiler driver
 		# (first one found on the $PATH). I assume that user
 		# expects certain consistency with the rest of his builds
 		# and therefore switch over to 64-bit. <appro>
 		OUT="solaris64-sparcv9-gcc"
 		echo "WARNING! If you wish to build 32-bit library, then you have to"
 		echo "         invoke './Configure solaris-sparcv9-gcc' *manually*."
 		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
 		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    elif [ "$GCC_ARCH" = "-m32" ]; then
 		echo "NOTICE! If you *know* that your GNU C supports 64-bit/V9 ABI"
 		echo "        and wish to build 64-bit library, then you have to"
 		echo "        invoke './Configure solaris64-sparcv9-gcc' *manually*."
 		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
 		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    fi
 	fi
 	;;
@@ -652,8 +611,8 @@ case "$GUESSOS" in
  *-*-sunos4)		OUT="sunos-$CC" ;;
  *86*-*-bsdi4)		OUT="BSD-x86-elf"; options="$options no-sse2 -ldl" ;;
-  alpha*-*-*bsd*)	OUT="BSD-generic64; options="$options -DL_ENDIAN" ;;
+  alpha*-*-*bsd*)	OUT="BSD-generic64"; options="$options -DL_ENDIAN" ;;
-  powerpc64-*-*bsd*)	OUT="BSD-generic64; options="$options -DB_ENDIAN" ;;
+  powerpc64-*-*bsd*)	OUT="BSD-generic64"; options="$options -DB_ENDIAN" ;;
  sparc64-*-*bsd*)	OUT="BSD-sparc64" ;;
  ia64-*-*bsd*)		OUT="BSD-ia64" ;;
  amd64-*-*bsd*)	OUT="BSD-x86_64" ;;
@@ -698,28 +657,16 @@ case "$GUESSOS" in
 	CPU_VERSION=${CPU_VERSION:-0}
 	# See <sys/unistd.h> for further info on CPU_VERSION.
 	if   [ $CPU_VERSION -ge 768 ]; then	# IA-64 CPU
 	     echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
 	     echo "         If you wish to build 32-bit library, the you have to"
 	     echo "         invoke './Configure hpux-ia64-cc' *manually*."
 	     if [ "$TEST" = "false" -a -t 1 ]; then
 		echo "         You have about 5 seconds to press Ctrl-C to abort."
 		(trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	     fi
 	     OUT="hpux64-ia64-cc"
 	elif [ $CPU_VERSION -ge 532 ]; then	# PA-RISC 2.x CPU
 	     OUT=${OUT:-"hpux-parisc2-${CC}"}
 	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
-		echo "WARNING! If you wish to build 64-bit library then you have to"
+		OUT="hpux64-parisc2-${CC}"
 		echo "         invoke './Configure hpux64-parisc2-cc' *manually*."
 		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
 		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	     fi
 	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
-	     OUT="hpux-parisc-${CC}
+	     OUT="hpux-parisc-${CC}"
 	elif [ $CPU_VERSION -ge 523 ]; then	# PA-RISC 1.0 CPU
-	     OUT="hpux-parisc-${CC}
+	     OUT="hpux-parisc-${CC}"
 	else					# Motorola(?) CPU
 	     OUT="hpux-$CC"
 	fi
@@ -737,15 +684,10 @@ case "$GUESSOS" in
 	else
 	    OUT="aix-cc"
 	    if [ $KERNEL_BITS -eq 64 ]; then
-		echo "WARNING! If you wish to build 64-bit kit, then you have to"
+		OUT="aix64-cc"
 		echo "         invoke './Configure aix64-cc' *manually*."
 		if [ "$TEST" = "false" -a -t 1 ]; then
 		    echo "         You have ~5 seconds to press Ctrl-C to abort."
 		    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    fi
 	fi
-	if (lsattr -E -O -l proc0 | grep -i powerpc) >/dev/null 2>&1; then
+	if (lsattr -E -O -l `lsdev -c processor|awk '{print$1;exit}'` | grep -i powerpc) >/dev/null 2>&1; then
 	    :	# this applies even to Power3 and later, as they return PowerPC_POWER[345]
 	else
 	    options="$options no-asm"
@@ -774,7 +716,7 @@ esac
 #  options="$options -DATALLA"
 #fi
-# gcc < 2.8 does not support -mcpu=ultrasparc
+# gcc < 2.8 does not support -march=ultrasparc
 if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
 then
  echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."
@@ -794,7 +736,7 @@ case "$GUESSOS" in
  i386-*) options="$options 386" ;;
 esac
-for i in bf cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 aes ripemd rsa sha
+for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha
 do
  if [ ! -d crypto/$i ]
  then
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/Makefile
+# OpenSSL/crypto/Makefile
 #
 DIR=		crypto
@@ -33,8 +33,8 @@ GENERAL=Makefile README crypto-lib.com install.com
 LIB= $(TOP)/libcrypto.a
 SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
+LIBSRC=	cryptlib.c dyn_lck.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c o_init.c fips_err.c 
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
+LIBOBJ= cryptlib.o dyn_lck.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_init.o fips_err.o $(CPUID_OBJ)
 SRC= $(LIBSRC)
@@ -47,7 +47,7 @@ ALL=    $(GENERAL) $(SRC) $(HEADER)
 top:
 	@(cd ..; $(MAKE) DIRS=$(DIR) all)
-all: shared
+all: lib
 buildinf.h: ../Makefile
 	( echo "#ifndef MK1MF_BUILD"; \
@@ -94,10 +94,12 @@ links:
 	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
 	@target=links; $(RECURSIVE_MAKE)
-lib:	$(LIBOBJ)
+# lib: and $(LIB): are splitted to avoid end-less loop
-	$(AR) $(LIB) $(LIBOBJ)
+lib:	buildinf.h $(LIB) subdirs
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
 $(LIB):	$(LIBOBJ)
 	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 shared: buildinf.h lib subdirs
 	if [ -n "$(SHARED_LIBS)" ]; then \
@@ -157,6 +159,13 @@ cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
 cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
 cversion.o: cryptlib.h cversion.c
 dyn_lck.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
 dyn_lck.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
 dyn_lck.o: ../include/openssl/err.h ../include/openssl/lhash.h
 dyn_lck.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 dyn_lck.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
 dyn_lck.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
 dyn_lck.o: dyn_lck.c
 ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
 ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
 ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -165,6 +174,13 @@ ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
 ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
 ex_data.o: ex_data.c
 fips_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
 fips_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
 fips_err.o: ../include/openssl/fips.h ../include/openssl/lhash.h
 fips_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 fips_err.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
 fips_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h fips_err.c
 fips_err.o: fips_err.h
 mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
 mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
 mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
@@ -185,6 +201,12 @@ mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
 mem_dbg.o: mem_dbg.c
 o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
 o_dir.o: LPdir_unix.c o_dir.c o_dir.h
 o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
 o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
 o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
 o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
 o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h
 o_init.o: ../include/openssl/symhacks.h o_init.c
 o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
 o_str.o: o_str.c o_str.h
 o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
--- a/crypto/aes/Makefile
+++ b/crypto/aes/Makefile
@@ -23,8 +23,10 @@ TEST=
 APPS=
 LIB=$(TOP)/libcrypto.a
-LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c aes_ctr.c
+LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
-LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o $(AES_ASM_OBJ)
+       aes_ctr.c aes_ige.c
 LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o \
       $(AES_ASM_OBJ)
 SRC= $(LIBSRC)
@@ -39,7 +41,7 @@ top:
 all:	lib
 lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
+	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
@@ -55,6 +57,11 @@ ax86-cof.s: asm/aes-586.pl ../perlasm/x86asm.pl
 ax86-out.s: asm/aes-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) aes-586.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@)
 aes-x86_64.s: asm/aes-x86_64.pl
 	$(PERL) asm/aes-x86_64.pl $@
 # GNU make "catch all"
 aes-%.s:	asm/aes-%.pl;	$(PERL) $< $(CFLAGS) > $@
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -103,6 +110,13 @@ aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
 aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h
 aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
 aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
 aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
 aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
 aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
 aes_misc.o: ../../include/openssl/opensslconf.h
 aes_misc.o: ../../include/openssl/opensslv.h aes_locl.h aes_misc.c
--- a/crypto/aes/aes.h
+++ b/crypto/aes/aes.h
@@ -66,6 +66,10 @@
 #define AES_MAXNR 14
 #define AES_BLOCK_SIZE 16
 #ifdef OPENSSL_FIPS
 #define FIPS_AES_SIZE_T	int
 #endif
 #ifdef  __cplusplus
 extern "C" {
 #endif
@@ -119,6 +123,17 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
 	unsigned char ecount_buf[AES_BLOCK_SIZE],
 	unsigned int *num);
 /* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
 /* NB: the IV is _two_ blocks long */
 void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
 		     const unsigned long length, const AES_KEY *key,
 		     unsigned char *ivec, const int enc);
 /* NB: the IV is _four_ blocks long */
 void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
 			const unsigned long length, const AES_KEY *key,
 			const AES_KEY *key2, const unsigned char *ivec,
 			const int enc);
 #ifdef  __cplusplus
 }
--- a/crypto/aes/aes_cbc.c
+++ b/crypto/aes/aes_cbc.c
@@ -59,6 +59,7 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
 #if !defined(OPENSSL_FIPS_AES_ASM)
 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 		     const unsigned long length, const AES_KEY *key,
 		     unsigned char *ivec, const int enc) {
@@ -129,3 +130,4 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 		}
 	}
 }
 #endif
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -37,6 +37,7 @@
 #include <stdlib.h>
 #include <openssl/aes.h>
 #include <openssl/fips.h>
 #include "aes_locl.h"
 /*
@@ -44,22 +45,14 @@ Te0[x] = S [x].[02, 01, 01, 03];
 Te1[x] = S [x].[03, 02, 01, 01];
 Te2[x] = S [x].[01, 03, 02, 01];
 Te3[x] = S [x].[01, 01, 03, 02];
 Te4[x] = S [x].[01, 01, 01, 01];
 Td0[x] = Si[x].[0e, 09, 0d, 0b];
 Td1[x] = Si[x].[0b, 0e, 09, 0d];
 Td2[x] = Si[x].[0d, 0b, 0e, 09];
 Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01, 01, 01, 01];
+Td4[x] = Si[x].[01];
 */
 #ifdef AES_ASM
 extern const u32 AES_Te[5][256];
 #define Te0 AES_Te[0]
 #define Te1 AES_Te[1]
 #define Te2 AES_Te[2]
 #define Te3 AES_Te[3]
 #else
 static const u32 Te0[256] = {
    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
@@ -324,81 +317,7 @@ static const u32 Te3[256] = {
    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
 };
 #endif
 static const u32 Te4[256] = {
    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
 };
 #ifdef AES_ASM
 extern const u32 AES_Td[5][256];
 #define Td0 AES_Td[0]
 #define Td1 AES_Td[1]
 #define Td2 AES_Td[2]
 #define Td3 AES_Td[3]
 #else
 static const u32 Td0[256] = {
    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
@@ -663,72 +582,39 @@ static const u32 Td3[256] = {
    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
 };
-#endif
+static const u8 Td4[256] = {
-static const u32 Td4[256] = {
+    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
+    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
+    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
+    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
+    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
+    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
+    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
+    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
+    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
+    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
+    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
+    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
+    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
+    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
+    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
+    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
+    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
+    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
+    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
+    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
+    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
+    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
+    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
+    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
+    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
+    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
+    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
+    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
+    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
+    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
+    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
+    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
 };
 static const u32 rcon[] = {
 	0x01000000, 0x02000000, 0x04000000, 0x08000000,
@@ -746,6 +632,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
   	int i = 0;
 	u32 temp;
 #ifdef OPENSSL_FIPS
 	FIPS_selftest_check();
 #endif
 	if (!userKey || !key)
 		return -1;
 	if (bits != 128 && bits != 192 && bits != 256)
@@ -768,10 +658,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp  = rk[3];
 			rk[4] = rk[0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[5] = rk[1] ^ rk[4];
 			rk[6] = rk[2] ^ rk[5];
@@ -788,10 +678,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp = rk[ 5];
 			rk[ 6] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[ 7] = rk[ 1] ^ rk[ 6];
 			rk[ 8] = rk[ 2] ^ rk[ 7];
@@ -810,10 +700,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 		while (1) {
 			temp = rk[ 7];
 			rk[ 8] = rk[ 0] ^
-				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
+				(Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
+				(Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp      ) & 0xff] & 0x0000ff00) ^
+				(Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp >> 24)       ] & 0x000000ff) ^
+				(Te1[(temp >> 24)       ] & 0x000000ff) ^
 				rcon[i];
 			rk[ 9] = rk[ 1] ^ rk[ 8];
 			rk[10] = rk[ 2] ^ rk[ 9];
@@ -823,10 +713,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 			}
 			temp = rk[11];
 			rk[12] = rk[ 4] ^
-				(Te4[(temp >> 24)       ] & 0xff000000) ^
+				(Te2[(temp >> 24)       ] & 0xff000000) ^
-				(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
+				(Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
-				(Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
+				(Te0[(temp >>  8) & 0xff] & 0x0000ff00) ^
-				(Te4[(temp      ) & 0xff] & 0x000000ff);
+				(Te1[(temp      ) & 0xff] & 0x000000ff);
 			rk[13] = rk[ 5] ^ rk[12];
 			rk[14] = rk[ 6] ^ rk[13];
 			rk[15] = rk[ 7] ^ rk[14];
@@ -865,25 +755,25 @@ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
 	for (i = 1; i < (key->rounds); i++) {
 		rk += 4;
 		rk[0] =
-			Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
+			Td0[Te1[(rk[0] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
+			Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[0] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
+			Td3[Te1[(rk[0]      ) & 0xff] & 0xff];
 		rk[1] =
-			Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
+			Td0[Te1[(rk[1] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
+			Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[1] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
+			Td3[Te1[(rk[1]      ) & 0xff] & 0xff];
 		rk[2] =
-			Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
+			Td0[Te1[(rk[2] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
+			Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[2] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
+			Td3[Te1[(rk[2]      ) & 0xff] & 0xff];
 		rk[3] =
-			Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
+			Td0[Te1[(rk[3] >> 24)       ] & 0xff] ^
-			Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
+			Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
-			Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
+			Td2[Te1[(rk[3] >>  8) & 0xff] & 0xff] ^
-			Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
+			Td3[Te1[(rk[3]      ) & 0xff] & 0xff];
 	}
 	return 0;
 }
@@ -1051,31 +941,31 @@ void AES_encrypt(const unsigned char *in, unsigned char *out,
 	 * map cipher state to byte array block:
 	 */
 	s0 =
-		(Te4[(t0 >> 24)       ] & 0xff000000) ^
+		(Te2[(t0 >> 24)       ] & 0xff000000) ^
-		(Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te0[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t3      ) & 0xff] & 0x000000ff) ^
+		(Te1[(t3      ) & 0xff] & 0x000000ff) ^
 		rk[0];
 	PUTU32(out     , s0);
 	s1 =
-		(Te4[(t1 >> 24)       ] & 0xff000000) ^
+		(Te2[(t1 >> 24)       ] & 0xff000000) ^
-		(Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te0[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t0      ) & 0xff] & 0x000000ff) ^
+		(Te1[(t0      ) & 0xff] & 0x000000ff) ^
 		rk[1];
 	PUTU32(out +  4, s1);
 	s2 =
-		(Te4[(t2 >> 24)       ] & 0xff000000) ^
+		(Te2[(t2 >> 24)       ] & 0xff000000) ^
-		(Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te0[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t1      ) & 0xff] & 0x000000ff) ^
+		(Te1[(t1      ) & 0xff] & 0x000000ff) ^
 		rk[2];
 	PUTU32(out +  8, s2);
 	s3 =
-		(Te4[(t3 >> 24)       ] & 0xff000000) ^
+		(Te2[(t3 >> 24)       ] & 0xff000000) ^
-		(Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+		(Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-		(Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+		(Te0[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-		(Te4[(t2      ) & 0xff] & 0x000000ff) ^
+		(Te1[(t2      ) & 0xff] & 0x000000ff) ^
 		rk[3];
 	PUTU32(out + 12, s3);
 }
@@ -1242,31 +1132,31 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
 	 * map cipher state to byte array block:
 	 */
   	s0 =
-   		(Td4[(t0 >> 24)       ] & 0xff000000) ^
+   		(Td4[(t0 >> 24)       ] << 24) ^
-   		(Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+   		(Td4[(t3 >> 16) & 0xff] << 16) ^
-   		(Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+   		(Td4[(t2 >>  8) & 0xff] <<  8) ^
-   		(Td4[(t1      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t1      ) & 0xff])       ^
   		rk[0];
 	PUTU32(out     , s0);
   	s1 =
-   		(Td4[(t1 >> 24)       ] & 0xff000000) ^
+   		(Td4[(t1 >> 24)       ] << 24) ^
-   		(Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+   		(Td4[(t0 >> 16) & 0xff] << 16) ^
-   		(Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+   		(Td4[(t3 >>  8) & 0xff] <<  8) ^
-   		(Td4[(t2      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t2      ) & 0xff])       ^
   		rk[1];
 	PUTU32(out +  4, s1);
   	s2 =
-   		(Td4[(t2 >> 24)       ] & 0xff000000) ^
+   		(Td4[(t2 >> 24)       ] << 24) ^
-   		(Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+   		(Td4[(t1 >> 16) & 0xff] << 16) ^
-   		(Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+   		(Td4[(t0 >>  8) & 0xff] <<  8) ^
-   		(Td4[(t3      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t3      ) & 0xff])       ^
   		rk[2];
 	PUTU32(out +  8, s2);
   	s3 =
-   		(Td4[(t3 >> 24)       ] & 0xff000000) ^
+   		(Td4[(t3 >> 24)       ] << 24) ^
-   		(Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+   		(Td4[(t2 >> 16) & 0xff] << 16) ^
-   		(Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+   		(Td4[(t1 >>  8) & 0xff] <<  8) ^
-   		(Td4[(t0      ) & 0xff] & 0x000000ff) ^
+   		(Td4[(t0      ) & 0xff])       ^
   		rk[3];
 	PUTU32(out + 12, s3);
 }
--- a/crypto/aes/aes_ige.c
+++ b/crypto/aes/aes_ige.c
@@ -0,0 +1,323 @@
 /* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
 /* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 */
 #include "cryptlib.h"
 #include <openssl/aes.h>
 #include "aes_locl.h"
 #define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
 typedef struct {
        unsigned long data[N_WORDS];
 } aes_block_t;
 /* XXX: probably some better way to do this */
 #if defined(__i386__) || defined(__x86_64__)
 #define UNALIGNED_MEMOPS_ARE_FAST 1
 #else
 #define UNALIGNED_MEMOPS_ARE_FAST 0
 #endif
 #if UNALIGNED_MEMOPS_ARE_FAST
 #define load_block(d, s)        (d) = *(const aes_block_t *)(s)
 #define store_block(d, s)       *(aes_block_t *)(d) = (s)
 #else
 #define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
 #define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
 #endif
 /* N.B. The IV for this mode is _twice_ the block size */
 void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
 					 const unsigned long length, const AES_KEY *key,
 					 unsigned char *ivec, const int enc)
 	{
 	unsigned long n;
 	unsigned long len;
 	OPENSSL_assert(in && out && key && ivec);
 	OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
 	OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
 	len = length / AES_BLOCK_SIZE;
 	if (AES_ENCRYPT == enc)
 		{
 		if (in != out &&
 		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
 			{
 			aes_block_t *ivp = (aes_block_t *)ivec;
 			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
 			while (len)
 				{
 				aes_block_t *inp = (aes_block_t *)in;
 				aes_block_t *outp = (aes_block_t *)out;
 				for(n=0 ; n < N_WORDS; ++n)
 					outp->data[n] = inp->data[n] ^ ivp->data[n];
 				AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
 				for(n=0 ; n < N_WORDS; ++n)
 					outp->data[n] ^= iv2p->data[n];
 				ivp = outp;
 				iv2p = inp;
 				--len;
 				in += AES_BLOCK_SIZE;
 				out += AES_BLOCK_SIZE;
 				}
 			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
 			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
 			}
 		else
 			{
 			aes_block_t tmp, tmp2;
 			aes_block_t iv;
 			aes_block_t iv2;
 			load_block(iv, ivec);
 			load_block(iv2, ivec + AES_BLOCK_SIZE);
 			while (len)
 				{
 				load_block(tmp, in);
 				for(n=0 ; n < N_WORDS; ++n)
 					tmp2.data[n] = tmp.data[n] ^ iv.data[n];
 				AES_encrypt((unsigned char *)tmp2.data, (unsigned char *)tmp2.data, key);
 				for(n=0 ; n < N_WORDS; ++n)
 					tmp2.data[n] ^= iv2.data[n];
 				store_block(out, tmp2);
 				iv = tmp2;
 				iv2 = tmp;
 				--len;
 				in += AES_BLOCK_SIZE;
 				out += AES_BLOCK_SIZE;
 				}
 			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
 			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
 			}
 		}
 	else
 		{
 		if (in != out &&
 		    (UNALIGNED_MEMOPS_ARE_FAST || ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(long)==0))
 			{
 			aes_block_t *ivp = (aes_block_t *)ivec;
 			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
 			while (len)
 				{
 				aes_block_t tmp;
 				aes_block_t *inp = (aes_block_t *)in;
 				aes_block_t *outp = (aes_block_t *)out;
 				for(n=0 ; n < N_WORDS; ++n)
 					tmp.data[n] = inp->data[n] ^ iv2p->data[n];
 				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)outp->data, key);
 				for(n=0 ; n < N_WORDS; ++n)
 					outp->data[n] ^= ivp->data[n];
 				ivp = inp;
 				iv2p = outp;
 				--len;
 				in += AES_BLOCK_SIZE;
 				out += AES_BLOCK_SIZE;
 				}
 			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
 			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
 			}
 		else
 			{
 			aes_block_t tmp, tmp2;
 			aes_block_t iv;
 			aes_block_t iv2;
 			load_block(iv, ivec);
 			load_block(iv2, ivec + AES_BLOCK_SIZE);
 			while (len)
 				{
 				load_block(tmp, in);
 				tmp2 = tmp;
 				for(n=0 ; n < N_WORDS; ++n)
 					tmp.data[n] ^= iv2.data[n];
 				AES_decrypt((unsigned char *)tmp.data, (unsigned char *)tmp.data, key);
 				for(n=0 ; n < N_WORDS; ++n)
 					tmp.data[n] ^= iv.data[n];
 				store_block(out, tmp);
 				iv = tmp2;
 				iv2 = tmp;
 				--len;
 				in += AES_BLOCK_SIZE;
 				out += AES_BLOCK_SIZE;
 				}
 			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
 			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
 			}
 		}
 	}
 /*
 * Note that its effectively impossible to do biIGE in anything other
 * than a single pass, so no provision is made for chaining.
 */
 /* N.B. The IV for this mode is _four times_ the block size */
 void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
 						const unsigned long length, const AES_KEY *key,
 						const AES_KEY *key2, const unsigned char *ivec,
 						const int enc)
 	{
 	unsigned long n;
 	unsigned long len = length;
 	unsigned char tmp[AES_BLOCK_SIZE];
 	unsigned char tmp2[AES_BLOCK_SIZE];
 	unsigned char tmp3[AES_BLOCK_SIZE];
 	unsigned char prev[AES_BLOCK_SIZE];
 	const unsigned char *iv;
 	const unsigned char *iv2;
 	OPENSSL_assert(in && out && key && ivec);
 	OPENSSL_assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
 	OPENSSL_assert((length%AES_BLOCK_SIZE) == 0);
 	if (AES_ENCRYPT == enc)
 		{
 		/* XXX: Do a separate case for when in != out (strictly should
 		   check for overlap, too) */
 		/* First the forward pass */ 
 		iv = ivec;
 		iv2 = ivec + AES_BLOCK_SIZE;
 		while (len >= AES_BLOCK_SIZE)
 			{
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] = in[n] ^ iv[n];
 			AES_encrypt(out, out, key);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] ^= iv2[n];
 			iv = out;
 			memcpy(prev, in, AES_BLOCK_SIZE);
 			iv2 = prev;
 			len -= AES_BLOCK_SIZE;
 			in += AES_BLOCK_SIZE;
 			out += AES_BLOCK_SIZE;
 			}
 		/* And now backwards */
 		iv = ivec + AES_BLOCK_SIZE*2;
 		iv2 = ivec + AES_BLOCK_SIZE*3;
 		len = length;
 		while(len >= AES_BLOCK_SIZE)
 			{
 			out -= AES_BLOCK_SIZE;
 			/* XXX: reduce copies by alternating between buffers */
 			memcpy(tmp, out, AES_BLOCK_SIZE);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] ^= iv[n];
 			/*			hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE); */
 			AES_encrypt(out, out, key);
 			/*			hexdump(stdout,"enc", out, AES_BLOCK_SIZE); */
 			/*			hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE); */
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] ^= iv2[n];
 			/*			hexdump(stdout,"out", out, AES_BLOCK_SIZE); */
 			iv = out;
 			memcpy(prev, tmp, AES_BLOCK_SIZE);
 			iv2 = prev;
 			len -= AES_BLOCK_SIZE;
 			}
 		}
 	else
 		{
 		/* First backwards */
 		iv = ivec + AES_BLOCK_SIZE*2;
 		iv2 = ivec + AES_BLOCK_SIZE*3;
 		in += length;
 		out += length;
 		while (len >= AES_BLOCK_SIZE)
 			{
 			in -= AES_BLOCK_SIZE;
 			out -= AES_BLOCK_SIZE;
 			memcpy(tmp, in, AES_BLOCK_SIZE);
 			memcpy(tmp2, in, AES_BLOCK_SIZE);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				tmp[n] ^= iv2[n];
 			AES_decrypt(tmp, out, key);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] ^= iv[n];
 			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
 			iv = tmp3;
 			iv2 = out;
 			len -= AES_BLOCK_SIZE;
 			}
 		/* And now forwards */
 		iv = ivec;
 		iv2 = ivec + AES_BLOCK_SIZE;
 		len = length;
 		while (len >= AES_BLOCK_SIZE)
 			{
 			memcpy(tmp, out, AES_BLOCK_SIZE);
 			memcpy(tmp2, out, AES_BLOCK_SIZE);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				tmp[n] ^= iv2[n];
 			AES_decrypt(tmp, out, key);
 			for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
 				out[n] ^= iv[n];
 			memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
 			iv = tmp3;
 			iv2 = out;
 			len -= AES_BLOCK_SIZE;
 			in += AES_BLOCK_SIZE;
 			out += AES_BLOCK_SIZE;
 			}
 		}
 	}
--- a/crypto/aes/aes_misc.c
+++ b/crypto/aes/aes_misc.c
@@ -53,7 +53,7 @@
 #include <openssl/aes.h>
 #include "aes_locl.h"
-const char *AES_version="AES" OPENSSL_VERSION_PTEXT;
+const char AES_version[]="AES" OPENSSL_VERSION_PTEXT;
 const char *AES_options(void) {
 #ifdef FULL_UNROLL
--- a/crypto/aes/asm/aes-586.pl
+++ b/crypto/aes/asm/aes-586.pl
--- a/crypto/aes/asm/aes-ia64.S
+++ b/crypto/aes/asm/aes-ia64.S
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
--- a/crypto/aes/asm/aes-x86_64.pl
+++ b/crypto/aes/asm/aes-x86_64.pl
--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/asn1/Makefile
+# OpenSSL/crypto/asn1/Makefile
 #
 DIR=	asn1
@@ -63,7 +63,7 @@ pk:	pk.c
 all:	lib
 lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
+	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
@@ -142,9 +142,9 @@ a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_digest.o: ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -250,27 +250,27 @@ a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_sign.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_sign.o: ../cryptlib.h a_sign.c
+a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c
 a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
 a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_strex.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_strex.o: ../cryptlib.h a_strex.c charmap.h
+a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
 a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
 a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -317,8 +317,9 @@ a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_verify.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 a_verify.o: ../../include/openssl/opensslconf.h
 a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -337,8 +338,9 @@ asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn1_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 asn1_gen.o: ../../include/openssl/opensslconf.h
 asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -368,9 +370,9 @@ asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
 asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-asn_moid.o: ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -389,23 +391,23 @@ d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
 d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+d2i_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_pr.o: ../cryptlib.h d2i_pr.c
+d2i_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pr.c
 d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
 d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_pu.o: ../cryptlib.h d2i_pu.c
+d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c
 evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
 evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
 evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -441,71 +443,73 @@ i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
 i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+i2d_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_pr.o: ../cryptlib.h i2d_pr.c
+i2d_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pr.c
 i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
 i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+i2d_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_pu.o: ../cryptlib.h i2d_pu.c
+i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c
 n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
 n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
 n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 n_pkey.o: ../cryptlib.h n_pkey.c
 nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+nsseq.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
 p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
 p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_pbe.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_pbe.o: ../cryptlib.h p5_pbe.c
+p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
 p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
 p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_pbev2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 p5_pbev2.o: ../../include/openssl/opensslconf.h
 p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
 p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -518,41 +522,42 @@ p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p8_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c
+p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p8_pkey.o: ../cryptlib.h p8_pkey.c
 t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
 t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_bitst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_bitst.o: ../cryptlib.h t_bitst.c
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
 t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_crl.o: ../cryptlib.h t_crl.c
+t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c
 t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
@@ -570,57 +575,57 @@ t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_req.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_req.o: ../cryptlib.h t_req.c
+t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c
 t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
 t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_spki.o: ../cryptlib.h t_spki.c
+t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c
 t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_x509.o: ../cryptlib.h t_x509.c
+t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h t_x509.c
 t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
 t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../cryptlib.h t_x509a.c
+t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
 tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@@ -630,13 +635,15 @@ tasn_dec.o: ../../include/openssl/opensslconf.h
 tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
-tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h
-tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
-tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tasn_enc.o: ../../include/openssl/symhacks.h tasn_enc.c
+tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c
 tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
 tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
@@ -671,21 +678,23 @@ x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_algor.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c
+x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_algor.o: x_algor.c
 x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
 x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_attrib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 x_attrib.o: ../../include/openssl/opensslconf.h
 x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
@@ -706,37 +715,40 @@ x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c
+x_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_crl.o: ../cryptlib.h x_crl.c
 x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
-x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_exten.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c
+x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_exten.o: x_exten.c
 x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_info.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_info.o: ../cryptlib.h x_info.c
 x_long.o: ../../e_os.h ../../include/openssl/asn1.h
 x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -752,35 +764,37 @@ x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_name.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c
+x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_name.o: ../cryptlib.h x_name.c
 x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
 x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
 x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
+x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_pkey.o: ../cryptlib.h x_pkey.c
 x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
 x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_pubkey.o: ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -793,76 +807,82 @@ x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_req.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c
+x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_req.o: ../cryptlib.h x_req.c
 x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
 x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_sig.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c
+x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_sig.o: ../cryptlib.h x_sig.c
 x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
 x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c
+x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_spki.o: ../cryptlib.h x_spki.c
 x_val.o: ../../e_os.h ../../include/openssl/asn1.h
 x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_val.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c
+x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_val.o: ../cryptlib.h x_val.c
 x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
 x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
 x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
 x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c
+x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 x_x509.o: ../cryptlib.h x_x509.c
 x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
 x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_x509a.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
-x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c
+x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_x509a.o: ../cryptlib.h x_x509a.c
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -57,6 +57,7 @@
 */
 #include <stdio.h>
 #include <limits.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/asn1.h>
@@ -83,10 +84,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 	{
-	int i,first,len=0,c;
+	int i,first,len=0,c, use_bn;
-	char tmp[24];
+	char ftmp[24], *tmp = ftmp;
 	int tmpsize = sizeof ftmp;
 	const char *p;
 	unsigned long l;
 	BIGNUM *bl = NULL;
 	if (num == 0)
 		return(0);
@@ -98,7 +101,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 	num--;
 	if ((c >= '0') && (c <= '2'))
 		{
-		first=(c-'0')*40;
+		first= c-'0';
 		}
 	else
 		{
@@ -122,6 +125,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 			goto err;
 			}
 		l=0;
 		use_bn = 0;
 		for (;;)
 			{
 			if (num <= 0) break;
@@ -134,7 +138,22 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
 				goto err;
 				}
-			l=l*10L+(long)(c-'0');
+			if (!use_bn && l > (ULONG_MAX / 10L))
 				{
 				use_bn = 1;
 				if (!bl)
 					bl = BN_new();
 				if (!bl || !BN_set_word(bl, l))
 					goto err;
 				}
 			if (use_bn)
 				{
 				if (!BN_mul_word(bl, 10L)
 					|| !BN_add_word(bl, c-'0'))
 					goto err;
 				}
 			else
 				l=l*10L+(long)(c-'0');
 			}
 		if (len == 0)
 			{
@@ -143,14 +162,42 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
 				goto err;
 				}
-			l+=(long)first;
+			if (use_bn)
 				{
 				if (!BN_add_word(bl, first * 40))
 					goto err;
 				}
 			else
 				l+=(long)first*40;
 			}
 		i=0;
-		for (;;)
+		if (use_bn)
 			{
-			tmp[i++]=(unsigned char)l&0x7f;
+			int blsize;
-			l>>=7L;
+			blsize = BN_num_bits(bl);
-			if (l == 0L) break;
+			blsize = (blsize + 6)/7;
 			if (blsize > tmpsize)
 				{
 				if (tmp != ftmp)
 					OPENSSL_free(tmp);
 				tmpsize = blsize + 32;
 				tmp = OPENSSL_malloc(tmpsize);
 				if (!tmp)
 					goto err;
 				}
 			while(blsize--)
 				tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
 			}
 		else
 			{
 			for (;;)
 				{
 				tmp[i++]=(unsigned char)l&0x7f;
 				l>>=7L;
 				if (l == 0L) break;
 				}
 			}
 		if (out != NULL)
 			{
@@ -166,8 +213,16 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
 		else
 			len+=i;
 		}
 	if (tmp != ftmp)
 		OPENSSL_free(tmp);
 	if (bl)
 		BN_free(bl);
 	return(len);
 err:
 	if (tmp != ftmp)
 		OPENSSL_free(tmp);
 	if (bl)
 		BN_free(bl);
 	return(0);
 	}
@@ -178,14 +233,24 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
 	{
-	char buf[80];
+	char buf[80], *p = buf;
 	int i;
 	if ((a == NULL) || (a->data == NULL))
 		return(BIO_write(bp,"NULL",4));
 	i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
-	if (i > (int)sizeof(buf)) i=sizeof buf;
+	if (i > (int)(sizeof(buf) - 1))
-	BIO_write(bp,buf,i);
+		{
 		p = OPENSSL_malloc(i + 1);
 		if (!p)
 			return -1;
 		i2t_ASN1_OBJECT(p,i + 1,a);
 		}
 	if (i <= 0)
 		return BIO_write(bp, "<INVALID>", 9);
 	BIO_write(bp,p,i);
 	if (p != buf)
 		OPENSSL_free(p);
 	return(i);
 	}
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen,
 	q = buf + buflen;
 	outlen = 0;
 	while(p != q) {
-		if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253;
+		if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253;
 		else orflags = 0;
 		switch(type & BUF_TYPE_WIDTH_MASK) {
 			case 4:
@@ -194,8 +194,10 @@ static int do_buf(unsigned char *buf, int buflen,
 			if(i < 0) return -1;	/* Invalid UTF8String */
 			p += i;
 			break;
 			default:
 			return -1;	/* invalid width */
 		}
-		if (p == q) orflags = CHARTYPE_LAST_ESC_2253;
+		if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253;
 		if(type & BUF_TYPE_CONVUTF8) {
 			unsigned char utfbuf[6];
 			int utflen;
@@ -356,12 +358,13 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR
 	}
 	len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
-	if(outlen < 0) return -1;
+	if(len < 0) return -1;
 	outlen += len;
 	if(quotes) outlen += 2;
 	if(!arg) return outlen;
 	if(quotes && !io_ch(arg, "\"", 1)) return -1;
-	do_buf(str->data, str->length, type, flags, NULL, io_ch, arg);
+	if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
 		return -1;
 	if(quotes && !io_ch(arg, "\"", 1)) return -1;
 	return outlen;
 }
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -149,6 +149,7 @@ extern "C" {
 #define B_ASN1_UTF8STRING	0x2000
 #define B_ASN1_UTCTIME		0x4000
 #define B_ASN1_GENERALIZEDTIME	0x8000
 #define B_ASN1_SEQUENCE		0x10000
 /* For use with ASN1_mbstring_copy() */
 #define MBSTRING_FLAG		0x1000
@@ -594,6 +595,7 @@ typedef struct BIT_STRING_BITNAME_st {
 			B_ASN1_UNIVERSALSTRING|\
 			B_ASN1_BMPSTRING|\
 			B_ASN1_UTF8STRING|\
 			B_ASN1_SEQUENCE|\
 			B_ASN1_UNKNOWN
 #define B_ASN1_DIRECTORYSTRING \
@@ -1045,7 +1047,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_ASN1_I2D_FP				 117
 #define ASN1_F_ASN1_INTEGER_SET				 118
 #define ASN1_F_ASN1_INTEGER_TO_BN			 119
-#define ASN1_F_ASN1_ITEM_D2I_FP				 190
+#define ASN1_F_ASN1_ITEM_D2I_FP				 206
 #define ASN1_F_ASN1_ITEM_DUP				 191
 #define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW			 121
 #define ASN1_F_ASN1_ITEM_EX_D2I				 120
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -287,15 +287,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 void ERR_load_ASN1_strings(void)
 	{
 	static int init=1;
 	if (init)
 		{
 		init=0;
 #ifndef OPENSSL_NO_ERR
 	if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL)
 		{
 		ERR_load_strings(0,ASN1_str_functs);
 		ERR_load_strings(0,ASN1_str_reasons);
 #endif
 		}
 #endif
 	}
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -658,6 +658,8 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
 			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
 			goto bad_form;
 			}
 		vtmp.name = NULL;
 		vtmp.section = NULL;
 		vtmp.value = (char *)str;
 		if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean))
 			{
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -64,7 +64,7 @@
 static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max);
 static void asn1_put_length(unsigned char **pp, int length);
-const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
+const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT;
 static int _asn1_check_infinite_end(const unsigned char **p, long len)
 	{
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -88,7 +88,10 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
 		BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
 	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
 		BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
-	else p = ASN1_tag2str(tag);
+	else if (tag > 30)
 		BIO_snprintf(str,sizeof str,"<ASN1 %d>",tag);
 	else
 		p = ASN1_tag2str(tag);
 	if (p2 != NULL)
 		{
--- a/crypto/asn1/asn1t.h
+++ b/crypto/asn1/asn1t.h
@@ -99,7 +99,7 @@ extern "C" {
 #define ASN1_ITEM_start(itname) \
 	const ASN1_ITEM * itname##_it(void) \
 	{ \
-		static const ASN1_ITEM local_it = { \
+		static const ASN1_ITEM local_it = { 
 #define ASN1_ITEM_end(itname) \
 		}; \
--- a/crypto/asn1/asn_moid.c
+++ b/crypto/asn1/asn_moid.c
@@ -149,7 +149,7 @@ static int do_create(char *value, char *name)
 		if (lntmp == NULL)
 			return 0;
 		memcpy(lntmp, ln, p - ln);
-		lntmp[p - ln + 1] = 0;
+		lntmp[p - ln] = 0;
 		oid = OBJ_nid2obj(nid);
 		oid->ln = lntmp;
 		}
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -109,7 +109,7 @@ int RSA_print(BIO *bp, const RSA *x, int off)
 	char str[128];
 	const char *s;
 	unsigned char *m=NULL;
-	int ret=0;
+	int ret=0, mod_len = 0;
 	size_t buf_len=0, i;
 	if (x->n)
@@ -143,27 +143,37 @@ int RSA_print(BIO *bp, const RSA *x, int off)
 		goto err;
 		}
 	if (x->n != NULL)
 		mod_len = BN_num_bits(x->n);
 	if (x->d != NULL)
 		{
 		if(!BIO_indent(bp,off,128))
 		   goto err;
-		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
+		if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len)
 			<= 0) goto err;
 		}
 	if (x->d == NULL)
-		BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
+		BIO_snprintf(str,sizeof str,"Modulus (%d bit):", mod_len);
 	else
 		BUF_strlcpy(str,"modulus:",sizeof str);
 	if (!print(bp,str,x->n,m,off)) goto err;
 	s=(x->d == NULL)?"Exponent:":"publicExponent:";
-	if (!print(bp,s,x->e,m,off)) goto err;
+	if ((x->e != NULL) && !print(bp,s,x->e,m,off))
-	if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
+		goto err;
-	if (!print(bp,"prime1:",x->p,m,off)) goto err;
+	if ((x->d != NULL) && !print(bp,"privateExponent:",x->d,m,off))
-	if (!print(bp,"prime2:",x->q,m,off)) goto err;
+		goto err;
-	if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
+	if ((x->p != NULL) && !print(bp,"prime1:",x->p,m,off))
-	if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
+		goto err;
-	if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
+	if ((x->q != NULL) && !print(bp,"prime2:",x->q,m,off))
 		goto err;
 	if ((x->dmp1 != NULL) && !print(bp,"exponent1:",x->dmp1,m,off))
 		goto err;
 	if ((x->dmq1 != NULL) && !print(bp,"exponent2:",x->dmq1,m,off))
 		goto err;
 	if ((x->iqmp != NULL) && !print(bp,"coefficient:",x->iqmp,m,off))
 		goto err;
 	ret=1;
 err:
 	if (m != NULL) OPENSSL_free(m);
@@ -740,7 +750,7 @@ int DSAparams_print(BIO *bp, const DSA *x)
 		buf_len = (size_t)BN_num_bytes(x->p);
 	else
 		{
-		DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS);
+		DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS);
 		goto err;
 		}
 	if (x->q)
@@ -752,7 +762,7 @@ int DSAparams_print(BIO *bp, const DSA *x)
 	m=(unsigned char *)OPENSSL_malloc(buf_len+10);
 	if (m == NULL)
 		{
-		DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
+		DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
@@ -760,8 +770,8 @@ int DSAparams_print(BIO *bp, const DSA *x)
 		BN_num_bits(x->p)) <= 0)
 		goto err;
 	if (!print(bp,"p:",x->p,m,4)) goto err;
-	if (!print(bp,"q:",x->q,m,4)) goto err;
+	if ((x->q != NULL) && !print(bp,"q:",x->q,m,4)) goto err;
-	if (!print(bp,"g:",x->g,m,4)) goto err;
+	if ((x->g != NULL) && !print(bp,"g:",x->g,m,4)) goto err;
 	ret=1;
 err:
 	if (m != NULL) OPENSSL_free(m);
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -445,9 +445,9 @@ err:
 int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 	{
 	char *s,*c,*b;
-	int ret=0,l,ll,i,first=1;
+	int ret=0,l,i;
-	ll=80-2-obase;
+	l=80-2-obase;
 	b=s=X509_NAME_oneline(name,NULL,0);
 	if (!*s)
@@ -457,7 +457,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 		}
 	s++; /* skip the first slash */
 	l=ll;
 	c=s;
 	for (;;)
 		{
@@ -479,16 +478,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
 			(*s == '\0'))
 #endif
 			{
 			if ((l <= 0) && !first)
 				{
 				first=0;
 				if (BIO_write(bp,"\n",1) != 1) goto err;
 				for (i=0; i<obase; i++)
 					{
 					if (BIO_write(bp," ",1) != 1) goto err;
 					}
 				l=ll;
 				}
 			i=s-c;
 			if (BIO_write(bp,c,i) != i) goto err;
 			c+=i;
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -93,12 +93,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 				int tag, int aclass, char opt, ASN1_TLC *ctx);
 /* Table to convert tags to bit values, used for MSTRING type */
-static unsigned long tag2bit[32] = {
+static const unsigned long tag2bit[32] = {
 0,	0,	0,	B_ASN1_BIT_STRING,	/* tags  0 -  3 */
 B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
 B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
 B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0,	0,	B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,   /* tags 16-19 */
+B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
 B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,       /* tags 20-22 */
 B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,			       /* tags 23-24 */	
 B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,  /* tags 25-27 */
@@ -158,7 +158,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 	const ASN1_EXTERN_FUNCS *ef;
 	const ASN1_AUX *aux = it->funcs;
 	ASN1_aux_cb *asn1_cb;
-	const unsigned char *p, *q;
+	const unsigned char *p = NULL, *q;
 	unsigned char *wp=NULL;	/* BIG FAT WARNING!  BREAKS CONST WHERE USED */
 	unsigned char imphack = 0, oclass;
 	char seq_eoc, seq_nolen, cst, isopt;
@@ -283,6 +283,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
 			{
 			wp = *(unsigned char **)in;
 			imphack = *wp;
 			if (p == NULL)
 				{
 				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
 					ERR_R_NESTED_ASN1_ERROR);
 				goto err;
 				}
 			*wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
 								| it->utype);
 			}
@@ -826,6 +832,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		}
 	else if (ret == -1)
 		return -1;
        ret = 0;
 	/* SEQUENCE, SET and "OTHER" are left in encoded form */
 	if ((utype == V_ASN1_SEQUENCE)
 		|| (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))
@@ -872,7 +879,10 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		 * for UNIVERSAL class and ignore the tag.
 		 */
 		if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
 			{
 			free_cont = 1;
 			goto err;
 			}
 		len = buf.length;
 		/* Append a final null to string */
 		if (!BUF_MEM_grow_clean(&buf, len + 1))
@@ -924,6 +934,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 		if (!*pval)
 			{
 			typ = ASN1_TYPE_new();
 			if (typ == NULL)
 				goto err;
 			*pval = (ASN1_VALUE *)typ;
 			}
 		else
@@ -1167,7 +1179,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
 			return 0;
 #endif
 			}
-		else if (!collect_data(buf, &p, plen))
+		else if (plen && !collect_data(buf, &p, plen))
 			return 0;
 		len -= p - q;
 		}
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -618,11 +618,14 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
 		tbool = (ASN1_BOOLEAN *)pval;
 		if (*tbool == -1)
 			return -1;
-		/* Default handling if value == size field then omit */
+		if (it->utype != V_ASN1_ANY)
-		if (*tbool && (it->size > 0))
+			{
-			return -1;
+			/* Default handling if value == size field then omit */
-		if (!*tbool && !it->size)
+			if (*tbool && (it->size > 0))
-			return -1;
+				return -1;
 			if (!*tbool && !it->size)
 				return -1;
 			}
 		c = (unsigned char)*tbool;
 		cont = &c;
 		len = 1;
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -160,40 +160,40 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len
 					int tag, int aclass, char opt, ASN1_TLC *ctx)
 {
 	const unsigned char *p = *in, *q;
-	STACK *intname = NULL, **intname_pp = &intname;
+	union { STACK *s; ASN1_VALUE *a; } intname = {NULL};
 	union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL};
 	int i, j, ret;
 	X509_NAME *nm = NULL, **nm_pp = &nm;
 	STACK_OF(X509_NAME_ENTRY) *entries;
 	X509_NAME_ENTRY *entry;
 	q = p;
 	/* Get internal representation of Name */
-	ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp,
+	ret = ASN1_item_ex_d2i(&intname.a,
 			       &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
 			       tag, aclass, opt, ctx);
 	if(ret <= 0) return ret;
 	if(*val) x509_name_ex_free(val, NULL);
-	if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err;
+	if(!x509_name_ex_new(&nm.a, NULL)) goto err;
 	/* We've decoded it: now cache encoding */
-	if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
+	if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err;
-	memcpy(nm->bytes->data, q, p - q);
+	memcpy(nm.x->bytes->data, q, p - q);
 	/* Convert internal representation to X509_NAME structure */
-	for(i = 0; i < sk_num(intname); i++) {
+	for(i = 0; i < sk_num(intname.s); i++) {
-		entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
+		entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i);
 		for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
 			entry = sk_X509_NAME_ENTRY_value(entries, j);
 			entry->set = i;
-			if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
+			if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
 				goto err;
 		}
 		sk_X509_NAME_ENTRY_free(entries);
 	}
-	sk_free(intname);
+	sk_free(intname.s);
-	nm->modified = 0;
+	nm.x->modified = 0;
-	*val = (ASN1_VALUE *)nm;
+	*val = nm.a;
 	*in = p;
 	return ret;
 	err:
@@ -219,35 +219,35 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
 static int x509_name_encode(X509_NAME *a)
 {
-	STACK *intname = NULL, **intname_pp = &intname;
+	union { STACK *s; ASN1_VALUE *a; } intname = {NULL};
 	int len;
 	unsigned char *p;
 	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
 	X509_NAME_ENTRY *entry;
 	int i, set = -1;
-	intname = sk_new_null();
+	intname.s = sk_new_null();
-	if(!intname) goto memerr;
+	if(!intname.s) goto memerr;
 	for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
 		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
 		if(entry->set != set) {
 			entries = sk_X509_NAME_ENTRY_new_null();
 			if(!entries) goto memerr;
-			if(!sk_push(intname, (char *)entries)) goto memerr;
+			if(!sk_push(intname.s, (char *)entries)) goto memerr;
 			set = entry->set;
 		}
 		if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
 	}
-	len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL,
+	len = ASN1_item_ex_i2d(&intname.a, NULL,
 			       ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
 	if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
 	p=(unsigned char *)a->bytes->data;
-	ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp,
+	ASN1_item_ex_i2d(&intname.a,
 			 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-	sk_pop_free(intname, sk_internal_free);
+	sk_pop_free(intname.s, sk_internal_free);
 	a->modified = 0;
 	return len;
 	memerr:
-	sk_pop_free(intname, sk_internal_free);
+	sk_pop_free(intname.s, sk_internal_free);
 	ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
 	return -1;
 }
--- a/crypto/asn1/x_req.c
+++ b/crypto/asn1/x_req.c
@@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
+ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
 	ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
 	ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
 	ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -94,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 		ret->ex_pathlen = -1;
 		ret->skid = NULL;
 		ret->akid = NULL;
 #ifndef OPENSSL_NO_RFC3779
 		ret->rfc3779_addr = NULL;
 		ret->rfc3779_asid = NULL;
 #endif
 		ret->aux = NULL;
 		CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
 		break;
@@ -109,6 +113,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 		ASN1_OCTET_STRING_free(ret->skid);
 		AUTHORITY_KEYID_free(ret->akid);
 		policy_cache_free(ret->policy_cache);
 #ifndef OPENSSL_NO_RFC3779
 		sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
 		ASIdentifiers_free(ret->rfc3779_asid);
 #endif
 		if (ret->name != NULL) OPENSSL_free(ret->name);
 		break;
--- a/crypto/bf/Makefile
+++ b/crypto/bf/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/blowfish/Makefile
+# OpenSSL/crypto/blowfish/Makefile
 #
 DIR=	bf
@@ -40,7 +40,7 @@ top:
 all:	lib
 lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
+	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
@@ -103,5 +103,9 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
 bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
 bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
 bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
-bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h
 bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 bf_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 bf_skey.o: bf_locl.h bf_pi.h bf_skey.c
--- a/crypto/bf/bf_ecb.c
+++ b/crypto/bf/bf_ecb.c
@@ -65,7 +65,7 @@
 * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
 */
-const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT;
+const char BF_version[]="Blowfish" OPENSSL_VERSION_PTEXT;
 const char *BF_options(void)
 	{
--- a/crypto/bf/bf_skey.c
+++ b/crypto/bf/bf_skey.c
@@ -59,10 +59,12 @@
 #include <stdio.h>
 #include <string.h>
 #include <openssl/blowfish.h>
 #include <openssl/crypto.h>
 #include <openssl/fips.h>
 #include "bf_locl.h"
 #include "bf_pi.h"
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+FIPS_NON_FIPS_VCIPHER_Init(BF)
 	{
 	int i;
 	BF_LONG *p,ri,in[2];
--- a/crypto/bf/blowfish.h
+++ b/crypto/bf/blowfish.h
@@ -104,7 +104,9 @@ typedef struct bf_key_st
 	BF_LONG S[4*256];
 	} BF_KEY;
- 
+#ifdef OPENSSL_FIPS 
 void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
 #endif
 void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
 void BF_encrypt(BF_LONG *data,const BF_KEY *key);
--- a/crypto/bio/Makefile
+++ b/crypto/bio/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/bio/Makefile
+# OpenSSL/crypto/bio/Makefile
 #
 DIR=	bio
@@ -45,7 +45,7 @@ top:
 all:	lib
 lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
+	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -79,7 +79,7 @@
 #include <openssl/bn.h>         /* To get BN_LLONG properly defined */
 #include <openssl/bio.h>
-#ifdef BN_LLONG
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
 # ifndef HAVE_LONG_LONG
 #  define HAVE_LONG_LONG 1
 # endif
@@ -117,7 +117,7 @@
 #if HAVE_LONG_LONG
 # if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-# define LLONG _int64
+# define LLONG __int64
 # else
 # define LLONG long long
 # endif
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -456,9 +456,6 @@ int BIO_sock_init(void)
 		{
 		int err;
 #ifdef SIGINT
 		signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
 #endif
 		wsa_init_done=1;
 		memset(&wsa_state,0,sizeof(wsa_state));
 		if (WSAStartup(0x0101,&wsa_state)!=0)
@@ -484,11 +481,6 @@ int BIO_sock_init(void)
    if (!wsa_init_done)
    {
 # ifdef SIGINT
        signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
 # endif
        wsa_init_done=1;
        wVerReq = MAKEWORD( 2, 0 );
        err = WSAStartup(wVerReq,&wsaData);
@@ -511,7 +503,7 @@ void BIO_sock_cleanup(void)
 		{
 		wsa_init_done=0;
 #ifndef OPENSSL_SYS_WINCE
-		WSACancelBlockingCall();
+		WSACancelBlockingCall();	/* Winsock 1.1 specific */
 #endif
 		WSACleanup();
 		}
--- a/crypto/bio/bio.h
+++ b/crypto/bio/bio.h
@@ -129,8 +129,8 @@ extern "C" {
 /* dgram BIO stuff */
 #define BIO_CTRL_DGRAM_CONNECT       31  /* BIO dgram special */
 #define BIO_CTRL_DGRAM_SET_CONNECTED 32  /* allow for an externally
-										  * connected socket to be
+					  * connected socket to be
-										  * passed in */ 
+					  * passed in */ 
 #define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
 #define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
 #define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
@@ -146,14 +146,14 @@ extern "C" {
 #define BIO_CTRL_DGRAM_QUERY_MTU          40 /* as kernel for current MTU */
 #define BIO_CTRL_DGRAM_GET_MTU            41 /* get cached value for MTU */
 #define BIO_CTRL_DGRAM_SET_MTU            42 /* set cached value for
-											  * MTU. want to use this
+					      * MTU. want to use this
-                                              * if asking the kernel
+					      * if asking the kernel
-                                              * fails */
+					      * fails */
 #define BIO_CTRL_DGRAM_MTU_EXCEEDED       43 /* check whether the MTU
-											  * was exceed in the
+					      * was exceed in the
-											  * previous write
+					      * previous write
-											  * operation */
+					      * operation */
 #define BIO_CTRL_DGRAM_SET_PEER           44 /* Destination for the data */
@@ -196,28 +196,32 @@ extern "C" {
 */
 #define BIO_FLAGS_MEM_RDONLY	0x200
-#define BIO_set_flags(b,f) ((b)->flags|=(f))
+typedef struct bio_st BIO;
-#define BIO_get_flags(b) ((b)->flags)
+
 void BIO_set_flags(BIO *b, int flags);
 int  BIO_test_flags(const BIO *b, int flags);
 void BIO_clear_flags(BIO *b, int flags);
 #define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
 #define BIO_set_retry_special(b) \
-		((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_set_retry_read(b) \
-		((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_set_retry_write(b) \
-		((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+		BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
 /* These are normally used internally in BIOs */
 #define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
 #define BIO_clear_retry_flags(b) \
-		((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+		BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
 #define BIO_get_retry_flags(b) \
-		((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+		BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
 /* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
+#define BIO_should_read(a)		BIO_test_flags(a, BIO_FLAGS_READ)
-#define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
+#define BIO_should_write(a)		BIO_test_flags(a, BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
+#define BIO_should_io_special(a)	BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
+#define BIO_retry_type(a)		BIO_test_flags(a, BIO_FLAGS_RWS)
-#define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+#define BIO_should_retry(a)		BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
 /* The next three are used in conjunction with the
 * BIO_should_io_special() condition.  After this returns true,
@@ -246,14 +250,14 @@ extern "C" {
 #define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
 #define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
-#define BIO_set_callback(b,cb)		((b)->callback=(cb))
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
-#define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
+void BIO_set_callback(BIO *b, 
-#define BIO_get_callback_arg(b)		((b)->cb_arg)
+	long (*callback)(struct bio_st *,int,const char *,int, long,long));
-#define BIO_get_callback(b)		((b)->callback)
+char *BIO_get_callback_arg(const BIO *b);
-#define BIO_method_name(b)		((b)->method->name)
+void BIO_set_callback_arg(BIO *b, char *arg);
 #define BIO_method_type(b)		((b)->method->type)
-typedef struct bio_st BIO;
+const char * BIO_method_name(const BIO *b);
 int BIO_method_type(const BIO *b);
 typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
@@ -386,6 +390,7 @@ typedef struct bio_f_buffer_ctx_struct
 #define BIO_C_NWRITE0				145
 #define BIO_C_NWRITE				146
 #define BIO_C_RESET_READ_REQUEST		147
 #define BIO_C_SET_MD_CTX			148
 #define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,arg)
@@ -676,17 +681,20 @@ void BIO_copy_next_retry(BIO *b);
 /*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
-#ifndef __GNUC__
+#ifdef __GNUC__
-#define __attribute__(x)
+#  define __bio_h__attr__ __attribute__
 #else
 #  define __bio_h__attr__(x)
 #endif
 int BIO_printf(BIO *bio, const char *format, ...)
-	__attribute__((__format__(__printf__,2,3)));
+	__bio_h__attr__((__format__(__printf__,2,3)));
 int BIO_vprintf(BIO *bio, const char *format, va_list args)
-	__attribute__((__format__(__printf__,2,0)));
+	__bio_h__attr__((__format__(__printf__,2,0)));
 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-	__attribute__((__format__(__printf__,3,4)));
+	__bio_h__attr__((__format__(__printf__,3,4)));
 int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-	__attribute__((__format__(__printf__,3,0)));
+	__bio_h__attr__((__format__(__printf__,3,0)));
 #undef __bio_h__attr__
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -143,15 +143,12 @@ static ERR_STRING_DATA BIO_str_reasons[]=
 void ERR_load_BIO_strings(void)
 	{
 	static int init=1;
 	if (init)
 		{
 		init=0;
 #ifndef OPENSSL_NO_ERR
 	if (ERR_func_error_string(BIO_str_functs[0].error) == NULL)
 		{
 		ERR_load_strings(0,BIO_str_functs);
 		ERR_load_strings(0,BIO_str_reasons);
 #endif
 		}
 #endif
 	}
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -141,6 +141,52 @@ int BIO_free(BIO *a)
 void BIO_vfree(BIO *a)
    { BIO_free(a); }
 void BIO_clear_flags(BIO *b, int flags)
 	{
 	b->flags &= ~flags;
 	}
 int	BIO_test_flags(const BIO *b, int flags)
 	{
 	return (b->flags & flags);
 	}
 void	BIO_set_flags(BIO *b, int flags)
 	{
 	b->flags |= flags;
 	}
 long (*BIO_get_callback(const BIO *b))(struct bio_st *,int,const char *,int, long,long)
 	{
 	return b->callback;
 	}
 void BIO_set_callback(BIO *b, long (*cb)(struct bio_st *,int,const char *,int, long,long))
 	{
 	b->callback = cb;
 	}
 void BIO_set_callback_arg(BIO *b, char *arg)
 	{
 	b->cb_arg = arg;
 	}
 char * BIO_get_callback_arg(const BIO *b)
 	{
 	return b->cb_arg;
 	}
 const char * BIO_method_name(const BIO *b)
 	{
 	return b->method->name;
 	}
 int BIO_method_type(const BIO *b)
 	{
 	return b->method->type;
 	}
 int BIO_read(BIO *b, void *out, int outl)
 	{
 	int i;
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -469,7 +469,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
 		break;
 	case BIO_C_DO_STATE_MACHINE:
 		/* use this one to start the connection */
-		if (!(data->state != BIO_CONN_S_OK))
+		if (data->state != BIO_CONN_S_OK)
 			ret=(long)conn_state(b,data);
 		else
 			ret=1;
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -128,7 +128,10 @@ BIO *BIO_new_file(const char *filename, const char *mode)
 		return(NULL);
 		}
 	if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
 		{
 		fclose(file);
 		return(NULL);
 		}
 	BIO_clear_flags(ret,BIO_FLAGS_UPLINK); /* we did fopen -> we disengage UPLINK */
 	BIO_set_fp(ret,file,BIO_CLOSE);
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/bn/Makefile
+# OpenSSL/crypto/bn/Makefile
 #
 DIR=	bn
@@ -28,13 +28,13 @@ LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
 	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
 	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
 	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
-	bn_depr.c bn_const.c
+	bn_depr.c bn_const.c bn_x931p.c bn_opt.c
 LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
 	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
 	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
 	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
-	bn_depr.o bn_const.o
+	bn_depr.o bn_const.o bn_x931p.o bn_opt.o
 SRC= $(LIBSRC)
@@ -58,7 +58,7 @@ bnbug: bnbug.c ../../libcrypto.a top
 	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
 lib:	$(LIBOBJ)
-	$(AR) $(LIB) $(LIBOBJ)
+	$(ARX) $(LIB) $(LIBOBJ)
 	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
@@ -67,16 +67,22 @@ bn86-elf.s:	asm/bn-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) bn-586.pl elf $(CFLAGS) > ../$@)
 co86-elf.s:	asm/co-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) co-586.pl elf $(CFLAGS) > ../$@)
 mo86-elf.s:	asm/x86-mont.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) x86-mont.pl elf $(CFLAGS) > ../$@)
 # COFF
 bn86-cof.s: asm/bn-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) bn-586.pl coff $(CFLAGS) > ../$@)
 co86-cof.s: asm/co-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) co-586.pl coff $(CFLAGS) > ../$@)
 mo86-cof.s: asm/x86-mont.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) x86-mont.pl coff $(CFLAGS) > ../$@)
 # a.out
 bn86-out.s: asm/bn-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) bn-586.pl a.out $(CFLAGS) > ../$@)
 co86-out.s: asm/co-586.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) co-586.pl a.out $(CFLAGS) > ../$@)
 mo86-out.s: asm/x86-mont.pl ../perlasm/x86asm.pl
 	(cd asm; $(PERL) x86-mont.pl a.out $(CFLAGS) > ../$@)
 sparcv8.o:	asm/sparcv8.S
 	$(CC) $(CFLAGS) -c asm/sparcv8.S
@@ -91,10 +97,15 @@ bn-mips3.o:	asm/mips3.s
 x86_64-gcc.o:	asm/x86_64-gcc.c
 	$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
 x86_64-mont.s:	asm/x86_64-mont.pl
 	$(PERL) asm/x86_64-mont.pl $@
 bn-ia64.s:	asm/ia64.S
 	$(CC) $(CFLAGS) -E asm/ia64.S > $@
 bn-s390x.s:	asm/s390x.S
 	$(CC) $(CFLAGS) -E asm/s390x.S > $@
 # GNU assembler fails to compile PA-RISC2 modules, insist on calling
 # vendor assembler...
 pa-risc2W.o: asm/pa-risc2W.s
@@ -109,6 +120,9 @@ aix_ppc32.s: asm/ppc.pl;	$(PERL) asm/ppc.pl $@
 aix_ppc64.s: asm/ppc.pl;	$(PERL) asm/ppc.pl $@
 osx_ppc32.s: asm/ppc.pl;	$(PERL) $< $@
 # GNU make "catch all"
 %-mont.s:	asm/%-mont.pl;  $(PERL) $< $(CFLAGS) > $@
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@@ -175,6 +189,8 @@ bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
 bn_const.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
 bn_const.o: ../../include/openssl/ossl_typ.h bn.h bn_const.c
 bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -281,6 +297,13 @@ bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
 bn_opt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_opt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_opt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 bn_opt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_opt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_opt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_opt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_opt.c
 bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -339,3 +362,6 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
 bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
 bn_x931p.o: ../../include/openssl/opensslconf.h
 bn_x931p.o: ../../include/openssl/ossl_typ.h bn_x931p.c
--- a/crypto/bn/asm/s390x.S
+++ b/crypto/bn/asm/s390x.S
@@ -0,0 +1,678 @@
 .ident "s390x.S, version 1.0"
 // ====================================================================
 // Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
 // project.
 //
 // Rights for redistribution and usage in source and binary forms are
 // granted according to the OpenSSL license. Warranty of any kind is
 // disclaimed.
 // ====================================================================
 .text
 #define zero	%r0
 // BN_ULONG bn_mul_add_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
 .globl	bn_mul_add_words
 .type	bn_mul_add_words,@function
 .align	4
 bn_mul_add_words:
 	lghi	zero,0		// zero = 0
 	la	%r1,0(%r2)	// put rp aside
 	lghi	%r2,0		// i=0;
 	ltgfr	%r4,%r4
 	bler	%r14		// if (len<=0) return 0;
 	stmg	%r6,%r10,48(%r15)
 	lghi	%r8,0		// carry = 0
 	srag	%r10,%r4,2	// cnt=len/4
 	jz	.Loop1_madd
 .Loop4_madd:
 	lg	%r7,0(%r2,%r3)	// ap[i]
 	mlgr	%r6,%r5		// *=w
 	algr	%r7,%r8		// +=carry
 	alcgr	%r6,zero
 	alg	%r7,0(%r2,%r1)	// +=rp[i]
 	alcgr	%r6,zero
 	stg	%r7,0(%r2,%r1)	// rp[i]=
 	lg	%r9,8(%r2,%r3)
 	mlgr	%r8,%r5
 	algr	%r9,%r6
 	alcgr	%r8,zero
 	alg	%r9,8(%r2,%r1)
 	alcgr	%r8,zero
 	stg	%r9,8(%r2,%r1)
 	lg	%r7,16(%r2,%r3)
 	mlgr	%r6,%r5
 	algr	%r7,%r8
 	alcgr	%r6,zero
 	alg	%r7,16(%r2,%r1)
 	alcgr	%r6,zero
 	stg	%r7,16(%r2,%r1)
 	lg	%r9,24(%r2,%r3)
 	mlgr	%r8,%r5
 	algr	%r9,%r6
 	alcgr	%r8,zero
 	alg	%r9,24(%r2,%r1)
 	alcgr	%r8,zero
 	stg	%r9,24(%r2,%r1)
 	la	%r2,32(%r2)	// i+=4
 	brct	%r10,.Loop4_madd
 	lghi	%r10,3
 	nr	%r4,%r10	// cnt=len%4
 	jz	.Lend_madd
 .Loop1_madd:
 	lg	%r7,0(%r2,%r3)	// ap[i]
 	mlgr	%r6,%r5		// *=w
 	algr	%r7,%r8		// +=carry
 	alcgr	%r6,zero
 	alg	%r7,0(%r2,%r1)	// +=rp[i]
 	alcgr	%r6,zero
 	stg	%r7,0(%r2,%r1)	// rp[i]=
 	lgr	%r8,%r6
 	la	%r2,8(%r2)	// i++
 	brct	%r4,.Loop1_madd
 .Lend_madd:
 	lgr	%r2,%r8
 	lmg	%r6,%r10,48(%r15)
 	br	%r14
 .size	bn_mul_add_words,.-bn_mul_add_words
 // BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
 .globl	bn_mul_words
 .type	bn_mul_words,@function
 .align	4
 bn_mul_words:
 	lghi	zero,0		// zero = 0
 	la	%r1,0(%r2)	// put rp aside
 	lghi	%r2,0		// i=0;
 	ltgfr	%r4,%r4
 	bler	%r14		// if (len<=0) return 0;
 	stmg	%r6,%r10,48(%r15)
 	lghi	%r8,0		// carry = 0
 	srag	%r10,%r4,2	// cnt=len/4
 	jz	.Loop1_mul
 .Loop4_mul:
 	lg	%r7,0(%r2,%r3)	// ap[i]
 	mlgr	%r6,%r5		// *=w
 	algr	%r7,%r8		// +=carry
 	alcgr	%r6,zero
 	stg	%r7,0(%r2,%r1)	// rp[i]=
 	lg	%r9,8(%r2,%r3)
 	mlgr	%r8,%r5
 	algr	%r9,%r6
 	alcgr	%r8,zero
 	stg	%r9,8(%r2,%r1)
 	lg	%r7,16(%r2,%r3)
 	mlgr	%r6,%r5
 	algr	%r7,%r8
 	alcgr	%r6,zero
 	stg	%r7,16(%r2,%r1)
 	lg	%r9,24(%r2,%r3)
 	mlgr	%r8,%r5
 	algr	%r9,%r6
 	alcgr	%r8,zero
 	stg	%r9,24(%r2,%r1)
 	la	%r2,32(%r2)	// i+=4
 	brct	%r10,.Loop4_mul
 	lghi	%r10,3
 	nr	%r4,%r10	// cnt=len%4
 	jz	.Lend_mul
 .Loop1_mul:
 	lg	%r7,0(%r2,%r3)	// ap[i]
 	mlgr	%r6,%r5		// *=w
 	algr	%r7,%r8		// +=carry
 	alcgr	%r6,zero
 	stg	%r7,0(%r2,%r1)	// rp[i]=
 	lgr	%r8,%r6
 	la	%r2,8(%r2)	// i++
 	brct	%r4,.Loop1_mul
 .Lend_mul:
 	lgr	%r2,%r8
 	lmg	%r6,%r10,48(%r15)
 	br	%r14
 .size	bn_mul_words,.-bn_mul_words
 // void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
 .globl	bn_sqr_words
 .type	bn_sqr_words,@function
 .align	4
 bn_sqr_words:
 	ltgfr	%r4,%r4
 	bler	%r14
 	stmg	%r6,%r7,48(%r15)
 	srag	%r1,%r4,2	// cnt=len/4
 	jz	.Loop1_sqr
 .Loop4_sqr:
 	lg	%r7,0(%r3)
 	mlgr	%r6,%r7
 	stg	%r7,0(%r2)
 	stg	%r6,8(%r2)
 	lg	%r7,8(%r3)
 	mlgr	%r6,%r7
 	stg	%r7,16(%r2)
 	stg	%r6,24(%r2)
 	lg	%r7,16(%r3)
 	mlgr	%r6,%r7
 	stg	%r7,32(%r2)
 	stg	%r6,40(%r2)
 	lg	%r7,24(%r3)
 	mlgr	%r6,%r7
 	stg	%r7,48(%r2)
 	stg	%r6,56(%r2)
 	la	%r3,32(%r3)
 	la	%r2,64(%r2)
 	brct	%r1,.Loop4_sqr
 	lghi	%r1,3
 	nr	%r4,%r1		// cnt=len%4
 	jz	.Lend_sqr
 .Loop1_sqr:
 	lg	%r7,0(%r3)
 	mlgr	%r6,%r7
 	stg	%r7,0(%r2)
 	stg	%r6,8(%r2)
 	la	%r3,8(%r3)
 	la	%r2,16(%r2)
 	brct	%r4,.Loop1_sqr
 .Lend_sqr:
 	lmg	%r6,%r7,48(%r15)
 	br	%r14
 .size	bn_sqr_words,.-bn_sqr_words
 // BN_ULONG bn_div_words(BN_ULONG h,BN_ULONG l,BN_ULONG d);
 .globl	bn_div_words
 .type	bn_div_words,@function
 .align	4
 bn_div_words:
 	dlgr	%r2,%r4
 	lgr	%r2,%r3
 	br	%r14
 .size	bn_div_words,.-bn_div_words
 // BN_ULONG bn_add_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
 .globl	bn_add_words
 .type	bn_add_words,@function
 .align	4
 bn_add_words:
 	la	%r1,0(%r2)	// put rp aside
 	lghi	%r2,0		// i=0
 	ltgfr	%r5,%r5
 	bler	%r14		// if (len<=0) return 0;
 	stg	%r6,48(%r15)
 	lghi	%r6,3
 	nr	%r6,%r5		// len%4
 	sra	%r5,2		// len/4, use sra because it sets condition code
 	jz	.Loop1_add	// carry is incidentally cleared if branch taken
 	algr	%r2,%r2		// clear carry
 .Loop4_add:
 	lg	%r0,0(%r2,%r3)
 	alcg	%r0,0(%r2,%r4)
 	stg	%r0,0(%r2,%r1)
 	lg	%r0,8(%r2,%r3)
 	alcg	%r0,8(%r2,%r4)
 	stg	%r0,8(%r2,%r1)
 	lg	%r0,16(%r2,%r3)
 	alcg	%r0,16(%r2,%r4)
 	stg	%r0,16(%r2,%r1)
 	lg	%r0,24(%r2,%r3)
 	alcg	%r0,24(%r2,%r4)
 	stg	%r0,24(%r2,%r1)
 	la	%r2,32(%r2)	// i+=4
 	brct	%r5,.Loop4_add
 	la	%r6,1(%r6)	// see if len%4 is zero ...
 	brct	%r6,.Loop1_add	// without touching condition code:-)
 .Lexit_add:
 	lghi	%r2,0
 	alcgr	%r2,%r2
 	lg	%r6,48(%r15)
 	br	%r14
 .Loop1_add:
 	lg	%r0,0(%r2,%r3)
 	alcg	%r0,0(%r2,%r4)
 	stg	%r0,0(%r2,%r1)
 	la	%r2,8(%r2)	// i++
 	brct	%r6,.Loop1_add
 	j	.Lexit_add
 .size	bn_add_words,.-bn_add_words
 // BN_ULONG bn_sub_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
 .globl	bn_sub_words
 .type	bn_sub_words,@function
 .align	4
 bn_sub_words:
 	la	%r1,0(%r2)	// put rp aside
 	lghi	%r2,0		// i=0
 	ltgfr	%r5,%r5
 	bler	%r14		// if (len<=0) return 0;
 	stg	%r6,48(%r15)
 	lghi	%r6,3
 	nr	%r6,%r5		// len%4
 	sra	%r5,2		// len/4, use sra because it sets condition code
 	jnz	.Loop4_sub	// borrow is incidentally cleared if branch taken
 	slgr	%r2,%r2		// clear borrow
 .Loop1_sub:
 	lg	%r0,0(%r2,%r3)
 	slbg	%r0,0(%r2,%r4)
 	stg	%r0,0(%r2,%r1)
 	la	%r2,8(%r2)	// i++
 	brct	%r6,.Loop1_sub
 	j	.Lexit_sub
 .Loop4_sub:
 	lg	%r0,0(%r2,%r3)
 	slbg	%r0,0(%r2,%r4)
 	stg	%r0,0(%r2,%r1)
 	lg	%r0,8(%r2,%r3)
 	slbg	%r0,8(%r2,%r4)
 	stg	%r0,8(%r2,%r1)
 	lg	%r0,16(%r2,%r3)
 	slbg	%r0,16(%r2,%r4)
 	stg	%r0,16(%r2,%r1)
 	lg	%r0,24(%r2,%r3)
 	slbg	%r0,24(%r2,%r4)
 	stg	%r0,24(%r2,%r1)
 	la	%r2,32(%r2)	// i+=4
 	brct	%r5,.Loop4_sub
 	la	%r6,1(%r6)	// see if len%4 is zero ...
 	brct	%r6,.Loop1_sub	// without touching condition code:-)
 .Lexit_sub:
 	lghi	%r2,0
 	slbgr	%r2,%r2
 	lcgr	%r2,%r2
 	lg	%r6,48(%r15)
 	br	%r14
 .size	bn_sub_words,.-bn_sub_words
 #define c1	%r1
 #define c2	%r5
 #define c3	%r8
 #define mul_add_c(ai,bi,c1,c2,c3)	\
 	lg	%r7,ai*8(%r3);		\
 	mlg	%r6,bi*8(%r4);		\
 	algr	c1,%r7;			\
 	alcgr	c2,%r6;			\
 	alcgr	c3,zero
 // void bn_mul_comba8(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
 .globl	bn_mul_comba8
 .type	bn_mul_comba8,@function
 .align	4
 bn_mul_comba8:
 	stmg	%r6,%r8,48(%r15)
 	lghi	c1,0
 	lghi	c2,0
 	lghi	c3,0
 	lghi	zero,0
 	mul_add_c(0,0,c1,c2,c3);
 	stg	c1,0*8(%r2)
 	lghi	c1,0
 	mul_add_c(0,1,c2,c3,c1);
 	mul_add_c(1,0,c2,c3,c1);
 	stg	c2,1*8(%r2)
 	lghi	c2,0
 	mul_add_c(2,0,c3,c1,c2);
 	mul_add_c(1,1,c3,c1,c2);
 	mul_add_c(0,2,c3,c1,c2);
 	stg	c3,2*8(%r2)
 	lghi	c3,0
 	mul_add_c(0,3,c1,c2,c3);
 	mul_add_c(1,2,c1,c2,c3);
 	mul_add_c(2,1,c1,c2,c3);
 	mul_add_c(3,0,c1,c2,c3);
 	stg	c1,3*8(%r2)
 	lghi	c1,0
 	mul_add_c(4,0,c2,c3,c1);
 	mul_add_c(3,1,c2,c3,c1);
 	mul_add_c(2,2,c2,c3,c1);
 	mul_add_c(1,3,c2,c3,c1);
 	mul_add_c(0,4,c2,c3,c1);
 	stg	c2,4*8(%r2)
 	lghi	c2,0
 	mul_add_c(0,5,c3,c1,c2);
 	mul_add_c(1,4,c3,c1,c2);
 	mul_add_c(2,3,c3,c1,c2);
 	mul_add_c(3,2,c3,c1,c2);
 	mul_add_c(4,1,c3,c1,c2);
 	mul_add_c(5,0,c3,c1,c2);
 	stg	c3,5*8(%r2)
 	lghi	c3,0
 	mul_add_c(6,0,c1,c2,c3);
 	mul_add_c(5,1,c1,c2,c3);
 	mul_add_c(4,2,c1,c2,c3);
 	mul_add_c(3,3,c1,c2,c3);
 	mul_add_c(2,4,c1,c2,c3);
 	mul_add_c(1,5,c1,c2,c3);
 	mul_add_c(0,6,c1,c2,c3);
 	stg	c1,6*8(%r2)
 	lghi	c1,0
 	mul_add_c(0,7,c2,c3,c1);
 	mul_add_c(1,6,c2,c3,c1);
 	mul_add_c(2,5,c2,c3,c1);
 	mul_add_c(3,4,c2,c3,c1);
 	mul_add_c(4,3,c2,c3,c1);
 	mul_add_c(5,2,c2,c3,c1);
 	mul_add_c(6,1,c2,c3,c1);
 	mul_add_c(7,0,c2,c3,c1);
 	stg	c2,7*8(%r2)
 	lghi	c2,0
 	mul_add_c(7,1,c3,c1,c2);
 	mul_add_c(6,2,c3,c1,c2);
 	mul_add_c(5,3,c3,c1,c2);
 	mul_add_c(4,4,c3,c1,c2);
 	mul_add_c(3,5,c3,c1,c2);
 	mul_add_c(2,6,c3,c1,c2);
 	mul_add_c(1,7,c3,c1,c2);
 	stg	c3,8*8(%r2)
 	lghi	c3,0
 	mul_add_c(2,7,c1,c2,c3);
 	mul_add_c(3,6,c1,c2,c3);
 	mul_add_c(4,5,c1,c2,c3);
 	mul_add_c(5,4,c1,c2,c3);
 	mul_add_c(6,3,c1,c2,c3);
 	mul_add_c(7,2,c1,c2,c3);
 	stg	c1,9*8(%r2)
 	lghi	c1,0
 	mul_add_c(7,3,c2,c3,c1);
 	mul_add_c(6,4,c2,c3,c1);
 	mul_add_c(5,5,c2,c3,c1);
 	mul_add_c(4,6,c2,c3,c1);
 	mul_add_c(3,7,c2,c3,c1);
 	stg	c2,10*8(%r2)
 	lghi	c2,0
 	mul_add_c(4,7,c3,c1,c2);
 	mul_add_c(5,6,c3,c1,c2);
 	mul_add_c(6,5,c3,c1,c2);
 	mul_add_c(7,4,c3,c1,c2);
 	stg	c3,11*8(%r2)
 	lghi	c3,0
 	mul_add_c(7,5,c1,c2,c3);
 	mul_add_c(6,6,c1,c2,c3);
 	mul_add_c(5,7,c1,c2,c3);
 	stg	c1,12*8(%r2)
 	lghi	c1,0
 	mul_add_c(6,7,c2,c3,c1);
 	mul_add_c(7,6,c2,c3,c1);
 	stg	c2,13*8(%r2)
 	lghi	c2,0
 	mul_add_c(7,7,c3,c1,c2);
 	stg	c3,14*8(%r2)
 	stg	c1,15*8(%r2)
 	lmg	%r6,%r8,48(%r15)
 	br	%r14
 .size	bn_mul_comba8,.-bn_mul_comba8
 // void bn_mul_comba4(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
 .globl	bn_mul_comba4
 .type	bn_mul_comba4,@function
 .align	4
 bn_mul_comba4:
 	stmg	%r6,%r8,48(%r15)
 	lghi	c1,0
 	lghi	c2,0
 	lghi	c3,0
 	lghi	zero,0
 	mul_add_c(0,0,c1,c2,c3);
 	stg	c1,0*8(%r3)
 	lghi	c1,0
 	mul_add_c(0,1,c2,c3,c1);
 	mul_add_c(1,0,c2,c3,c1);
 	stg	c2,1*8(%r2)
 	lghi	c2,0
 	mul_add_c(2,0,c3,c1,c2);
 	mul_add_c(1,1,c3,c1,c2);
 	mul_add_c(0,2,c3,c1,c2);
 	stg	c3,2*8(%r2)
 	lghi	c3,0
 	mul_add_c(0,3,c1,c2,c3);
 	mul_add_c(1,2,c1,c2,c3);
 	mul_add_c(2,1,c1,c2,c3);
 	mul_add_c(3,0,c1,c2,c3);
 	stg	c1,3*8(%r2)
 	lghi	c1,0
 	mul_add_c(3,1,c2,c3,c1);
 	mul_add_c(2,2,c2,c3,c1);
 	mul_add_c(1,3,c2,c3,c1);
 	stg	c2,4*8(%r2)
 	lghi	c2,0
 	mul_add_c(2,3,c3,c1,c2);
 	mul_add_c(3,2,c3,c1,c2);
 	stg	c3,5*8(%r2)
 	lghi	c3,0
 	mul_add_c(3,3,c1,c2,c3);
 	stg	c1,6*8(%r2)
 	stg	c2,7*8(%r2)
 	stmg	%r6,%r8,48(%r15)
 	br	%r14
 .size	bn_mul_comba4,.-bn_mul_comba4
 #define sqr_add_c(ai,c1,c2,c3)		\
 	lg	%r7,ai*8(%r3);		\
 	mlgr	%r6,%r7;		\
 	algr	c1,%r7;			\
 	alcgr	c2,%r6;			\
 	alcgr	c3,zero
 #define sqr_add_c2(ai,aj,c1,c2,c3)	\
 	lg	%r7,ai*8(%r3);		\
 	mlg	%r6,aj*8(%r3);		\
 	algr	c1,%r7;			\
 	alcgr	c2,%r6;			\
 	alcgr	c3,zero;		\
 	algr	c1,%r7;			\
 	alcgr	c2,%r6;			\
 	alcgr	c3,zero
 // void bn_sqr_comba8(BN_ULONG *r2,BN_ULONG *r3);
 .globl	bn_sqr_comba8
 .type	bn_sqr_comba8,@function
 .align	4
 bn_sqr_comba8:
 	stmg	%r6,%r8,48(%r15)
 	lghi	c1,0
 	lghi	c2,0
 	lghi	c3,0
 	lghi	zero,0
 	sqr_add_c(0,c1,c2,c3);
 	stg	c1,0*8(%r2)
 	lghi	c1,0
 	sqr_add_c2(1,0,c2,c3,c1);
 	stg	c2,1*8(%r2)
 	lghi	c2,0
 	sqr_add_c(1,c3,c1,c2);
 	sqr_add_c2(2,0,c3,c1,c2);
 	stg	c3,2*8(%r2)
 	lghi	c3,0
 	sqr_add_c2(3,0,c1,c2,c3);
 	sqr_add_c2(2,1,c1,c2,c3);
 	stg	c1,3*8(%r2)
 	lghi	c1,0
 	sqr_add_c(2,c2,c3,c1);
 	sqr_add_c2(3,1,c2,c3,c1);
 	sqr_add_c2(4,0,c2,c3,c1);
 	stg	c2,4*8(%r2)
 	lghi	c2,0
 	sqr_add_c2(5,0,c3,c1,c2);
 	sqr_add_c2(4,1,c3,c1,c2);
 	sqr_add_c2(3,2,c3,c1,c2);
 	stg	c3,5*8(%r2)
 	lghi	c3,0
 	sqr_add_c(3,c1,c2,c3);
 	sqr_add_c2(4,2,c1,c2,c3);
 	sqr_add_c2(5,1,c1,c2,c3);
 	sqr_add_c2(6,0,c1,c2,c3);
 	stg	c1,6*8(%r2)
 	lghi	c1,0
 	sqr_add_c2(7,0,c2,c3,c1);
 	sqr_add_c2(6,1,c2,c3,c1);
 	sqr_add_c2(5,2,c2,c3,c1);
 	sqr_add_c2(4,3,c2,c3,c1);
 	stg	c2,7*8(%r2)
 	lghi	c2,0
 	sqr_add_c(4,c3,c1,c2);
 	sqr_add_c2(5,3,c3,c1,c2);
 	sqr_add_c2(6,2,c3,c1,c2);
 	sqr_add_c2(7,1,c3,c1,c2);
 	stg	c3,8*8(%r2)
 	lghi	c3,0
 	sqr_add_c2(7,2,c1,c2,c3);
 	sqr_add_c2(6,3,c1,c2,c3);
 	sqr_add_c2(5,4,c1,c2,c3);
 	stg	c1,9*8(%r2)
 	lghi	c1,0
 	sqr_add_c(5,c2,c3,c1);
 	sqr_add_c2(6,4,c2,c3,c1);
 	sqr_add_c2(7,3,c2,c3,c1);
 	stg	c2,10*8(%r2)
 	lghi	c2,0
 	sqr_add_c2(7,4,c3,c1,c2);
 	sqr_add_c2(6,5,c3,c1,c2);
 	stg	c3,11*8(%r2)
 	lghi	c3,0
 	sqr_add_c(6,c1,c2,c3);
 	sqr_add_c2(7,5,c1,c2,c3);
 	stg	c1,12*8(%r2)
 	lghi	c1,0
 	sqr_add_c2(7,6,c2,c3,c1);
 	stg	c2,13*8(%r2)
 	lghi	c2,0
 	sqr_add_c(7,c3,c1,c2);
 	stg	c3,14*8(%r2)
 	stg	c1,15*8(%r2)
 	lmg	%r6,%r8,48(%r15)
 	br	%r14
 .size	bn_sqr_comba8,.-bn_sqr_comba8
 // void bn_sqr_comba4(BN_ULONG *r2,BN_ULONG *r3);
 .globl bn_sqr_comba4
 .type	bn_sqr_comba4,@function
 .align	4
 bn_sqr_comba4:
 	stmg	%r6,%r8,48(%r15)
 	lghi	c1,0
 	lghi	c2,0
 	lghi	c3,0
 	lghi	zero,0
 	sqr_add_c(0,c1,c2,c3);
 	stg	c1,0*8(%r2)
 	lghi	c1,0
 	sqr_add_c2(1,0,c2,c3,c1);
 	stg	c2,1*8(%r2)
 	lghi	c2,0
 	sqr_add_c(1,c3,c1,c2);
 	sqr_add_c2(2,0,c3,c1,c2);
 	stg	c3,2*8(%r2)
 	lghi	c3,0
 	sqr_add_c2(3,0,c1,c2,c3);
 	sqr_add_c2(2,1,c1,c2,c3);
 	stg	c1,3*8(%r2)
 	lghi	c1,0
 	sqr_add_c(2,c2,c3,c1);
 	sqr_add_c2(3,1,c2,c3,c1);
 	stg	c2,4*8(%r2)
 	lghi	c2,0
 	sqr_add_c2(3,2,c3,c1,c2);
 	stg	c3,5*8(%r2)
 	lghi	c3,0
 	sqr_add_c(3,c1,c2,c3);
 	stg	c1,6*8(%r2)
 	stg	c2,7*8(%r2)
 	lmg	%r6,%r8,48(%r15)
 	br	%r14
 .size	bn_sqr_comba4,.-bn_sqr_comba4
--- a/crypto/bn/asm/sparcv8plus.S
+++ b/crypto/bn/asm/sparcv8plus.S
@@ -162,10 +162,14 @@
 * BN_ULONG w;
 */
 bn_mul_add_words:
 	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_mul_add_words_proceed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
 	nop
 	nop
 	nop
 .L_bn_mul_add_words_proceed:
 	srl	%o3,%g0,%o3	! clruw	%o3
@@ -260,10 +264,14 @@ bn_mul_add_words:
 * BN_ULONG w;
 */
 bn_mul_words:
 	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_mul_words_proceeed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
 	nop
 	nop
 	nop
 .L_bn_mul_words_proceeed:
 	srl	%o3,%g0,%o3	! clruw	%o3
@@ -344,10 +352,14 @@ bn_mul_words:
 * int n;
 */
 bn_sqr_words:
 	sra	%o2,%g0,%o2	! signx %o2
 	brgz,a	%o2,.L_bn_sqr_words_proceeed
 	lduw	[%o1],%g2
 	retl
 	clr	%o0
 	nop
 	nop
 	nop
 .L_bn_sqr_words_proceeed:
 	andcc	%o2,-4,%g0
@@ -445,6 +457,7 @@ bn_div_words:
 * int n;
 */
 bn_add_words:
 	sra	%o3,%g0,%o3	! signx %o3
 	brgz,a	%o3,.L_bn_add_words_proceed
 	lduw	[%o1],%o4
 	retl
@@ -454,7 +467,6 @@ bn_add_words:
 	andcc	%o3,-4,%g0
 	bz,pn	%icc,.L_bn_add_words_tail
 	addcc	%g0,0,%g0	! clear carry flag
 	nop
 .L_bn_add_words_loop:		! wow! 32 aligned!
 	dec	4,%o3
@@ -523,6 +535,7 @@ bn_add_words:
 * int n;
 */
 bn_sub_words:
 	sra	%o3,%g0,%o3	! signx %o3
 	brgz,a	%o3,.L_bn_sub_words_proceed
 	lduw	[%o1],%o4
 	retl
@@ -532,7 +545,6 @@ bn_sub_words:
 	andcc	%o3,-4,%g0
 	bz,pn	%icc,.L_bn_sub_words_tail
 	addcc	%g0,0,%g0	! clear carry flag
 	nop
 .L_bn_sub_words_loop:		! wow! 32 aligned!
 	dec	4,%o3
--- a/crypto/bn/asm/x86-mont.pl
+++ b/crypto/bn/asm/x86-mont.pl
@@ -0,0 +1,591 @@
 #!/usr/bin/env perl
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
 # project. The module is, however, dual licensed under OpenSSL and
 # CRYPTOGAMS licenses depending on where you obtain it. For further
 # details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 # October 2005
 #
 # This is a "teaser" code, as it can be improved in several ways...
 # First of all non-SSE2 path should be implemented (yes, for now it
 # performs Montgomery multiplication/convolution only on SSE2-capable
 # CPUs such as P4, others fall down to original code). Then inner loop
 # can be unrolled and modulo-scheduled to improve ILP and possibly
 # moved to 128-bit XMM register bank (though it would require input
 # rearrangement and/or increase bus bandwidth utilization). Dedicated
 # squaring procedure should give further performance improvement...
 # Yet, for being draft, the code improves rsa512 *sign* benchmark by
 # 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
 # December 2006
 #
 # Modulo-scheduling SSE2 loops results in further 15-20% improvement.
 # Integer-only code [being equipped with dedicated squaring procedure]
 # gives ~40% on rsa512 sign benchmark...
 $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
 push(@INC,"${dir}","${dir}../../perlasm");
 require "x86asm.pl";
 &asm_init($ARGV[0],$0);
 $sse2=0;
 for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
 &external_label("OPENSSL_ia32cap_P") if ($sse2);
 &function_begin("bn_mul_mont");
 $i="edx";
 $j="ecx";
 $ap="esi";	$tp="esi";		# overlapping variables!!!
 $rp="edi";	$bp="edi";		# overlapping variables!!!
 $np="ebp";
 $num="ebx";
 $_num=&DWP(4*0,"esp");			# stack top layout
 $_rp=&DWP(4*1,"esp");
 $_ap=&DWP(4*2,"esp");
 $_bp=&DWP(4*3,"esp");
 $_np=&DWP(4*4,"esp");
 $_n0=&DWP(4*5,"esp");	$_n0q=&QWP(4*5,"esp");
 $_sp=&DWP(4*6,"esp");
 $_bpend=&DWP(4*7,"esp");
 $frame=32;				# size of above frame rounded up to 16n
 	&xor	("eax","eax");
 	&mov	("edi",&wparam(5));	# int num
 	&cmp	("edi",4);
 	&jl	(&label("just_leave"));
 	&lea	("esi",&wparam(0));	# put aside pointer to argument block
 	&lea	("edx",&wparam(1));	# load ap
 	&mov	("ebp","esp");		# saved stack pointer!
 	&add	("edi",2);		# extra two words on top of tp
 	&neg	("edi");
 	&lea	("esp",&DWP(-$frame,"esp","edi",4));	# alloca($frame+4*(num+2))
 	&neg	("edi");
 	# minimize cache contention by arraning 2K window between stack
 	# pointer and ap argument [np is also position sensitive vector,
 	# but it's assumed to be near ap, as it's allocated at ~same
 	# time].
 	&mov	("eax","esp");
 	&sub	("eax","edx");
 	&and	("eax",2047);
 	&sub	("esp","eax");		# this aligns sp and ap modulo 2048
 	&xor	("edx","esp");
 	&and	("edx",2048);
 	&xor	("edx",2048);
 	&sub	("esp","edx");		# this splits them apart modulo 4096
 	&and	("esp",-64);		# align to cache line
 	################################# load argument block...
 	&mov	("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
 	&mov	("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
 	&mov	("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
 	&mov	("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
 	&mov	("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
 	#&mov	("edi",&DWP(5*4,"esi"));# int num
 	&mov	("esi",&DWP(0,"esi"));	# pull n0[0]
 	&mov	($_rp,"eax");		# ... save a copy of argument block
 	&mov	($_ap,"ebx");
 	&mov	($_bp,"ecx");
 	&mov	($_np,"edx");
 	&mov	($_n0,"esi");
 	&lea	($num,&DWP(-3,"edi"));	# num=num-1 to assist modulo-scheduling
 	#&mov	($_num,$num);		# redundant as $num is not reused
 	&mov	($_sp,"ebp");		# saved stack pointer!
 if($sse2) {
 $acc0="mm0";	# mmx register bank layout
 $acc1="mm1";
 $car0="mm2";
 $car1="mm3";
 $mul0="mm4";
 $mul1="mm5";
 $temp="mm6";
 $mask="mm7";
 	&picmeup("eax","OPENSSL_ia32cap_P");
 	&bt	(&DWP(0,"eax"),26);
 	&jnc	(&label("non_sse2"));
 	&mov	("eax",-1);
 	&movd	($mask,"eax");		# mask 32 lower bits
 	&mov	($ap,$_ap);		# load input pointers
 	&mov	($bp,$_bp);
 	&mov	($np,$_np);
 	&xor	($i,$i);		# i=0
 	&xor	($j,$j);		# j=0
 	&movd	($mul0,&DWP(0,$bp));		# bp[0]
 	&movd	($mul1,&DWP(0,$ap));		# ap[0]
 	&movd	($car1,&DWP(0,$np));		# np[0]
 	&pmuludq($mul1,$mul0);			# ap[0]*bp[0]
 	&movq	($car0,$mul1);
 	&movq	($acc0,$mul1);			# I wish movd worked for
 	&pand	($acc0,$mask);			# inter-register transfers
 	&pmuludq($mul1,$_n0q);			# *=n0
 	&pmuludq($car1,$mul1);			# "t[0]"*np[0]*n0
 	&paddq	($car1,$acc0);
 	&movd	($acc1,&DWP(4,$np));		# np[1]
 	&movd	($acc0,&DWP(4,$ap));		# ap[1]
 	&psrlq	($car0,32);
 	&psrlq	($car1,32);
 	&inc	($j);				# j++
 &set_label("1st",16);
 	&pmuludq($acc0,$mul0);			# ap[j]*bp[0]
 	&pmuludq($acc1,$mul1);			# np[j]*m1
 	&paddq	($car0,$acc0);			# +=c0
 	&paddq	($car1,$acc1);			# +=c1
 	&movq	($acc0,$car0);
 	&pand	($acc0,$mask);
 	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
 	&paddq	($car1,$acc0);			# +=ap[j]*bp[0];
 	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
 	&psrlq	($car0,32);
 	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[j-1]=
 	&psrlq	($car1,32);
 	&lea	($j,&DWP(1,$j));
 	&cmp	($j,$num);
 	&jl	(&label("1st"));
 	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[0]
 	&pmuludq($acc1,$mul1);			# np[num-1]*m1
 	&paddq	($car0,$acc0);			# +=c0
 	&paddq	($car1,$acc1);			# +=c1
 	&movq	($acc0,$car0);
 	&pand	($acc0,$mask);
 	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[0];
 	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
 	&psrlq	($car0,32);
 	&psrlq	($car1,32);
 	&paddq	($car1,$car0);
 	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
 	&inc	($i);				# i++
 &set_label("outer");
 	&xor	($j,$j);			# j=0
 	&movd	($mul0,&DWP(0,$bp,$i,4));	# bp[i]
 	&movd	($mul1,&DWP(0,$ap));		# ap[0]
 	&movd	($temp,&DWP($frame,"esp"));	# tp[0]
 	&movd	($car1,&DWP(0,$np));		# np[0]
 	&pmuludq($mul1,$mul0);			# ap[0]*bp[i]
 	&paddq	($mul1,$temp);			# +=tp[0]
 	&movq	($acc0,$mul1);
 	&movq	($car0,$mul1);
 	&pand	($acc0,$mask);
 	&pmuludq($mul1,$_n0q);			# *=n0
 	&pmuludq($car1,$mul1);
 	&paddq	($car1,$acc0);
 	&movd	($temp,&DWP($frame+4,"esp"));	# tp[1]
 	&movd	($acc1,&DWP(4,$np));		# np[1]
 	&movd	($acc0,&DWP(4,$ap));		# ap[1]
 	&psrlq	($car0,32);
 	&psrlq	($car1,32);
 	&paddq	($car0,$temp);			# +=tp[1]
 	&inc	($j);				# j++
 	&dec	($num);
 &set_label("inner");
 	&pmuludq($acc0,$mul0);			# ap[j]*bp[i]
 	&pmuludq($acc1,$mul1);			# np[j]*m1
 	&paddq	($car0,$acc0);			# +=c0
 	&paddq	($car1,$acc1);			# +=c1
 	&movq	($acc0,$car0);
 	&movd	($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
 	&pand	($acc0,$mask);
 	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
 	&paddq	($car1,$acc0);			# +=ap[j]*bp[i]+tp[j]
 	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
 	&psrlq	($car0,32);
 	&movd	(&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
 	&psrlq	($car1,32);
 	&paddq	($car0,$temp);			# +=tp[j+1]
 	&dec	($num);
 	&lea	($j,&DWP(1,$j));		# j++
 	&jnz	(&label("inner"));
 	&mov	($num,$j);
 	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[i]
 	&pmuludq($acc1,$mul1);			# np[num-1]*m1
 	&paddq	($car0,$acc0);			# +=c0
 	&paddq	($car1,$acc1);			# +=c1
 	&movq	($acc0,$car0);
 	&pand	($acc0,$mask);
 	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[i]+tp[num-1]
 	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
 	&psrlq	($car0,32);
 	&psrlq	($car1,32);
 	&movd	($temp,&DWP($frame+4,"esp",$num,4));	# += tp[num]
 	&paddq	($car1,$car0);
 	&paddq	($car1,$temp);
 	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
 	&lea	($i,&DWP(1,$i));		# i++
 	&cmp	($i,$num);
 	&jle	(&label("outer"));
 	&emms	();				# done with mmx bank
 	&jmp	(&label("common_tail"));
 &set_label("non_sse2",16);
 }
 if (0) {
 	&mov	("esp",$_sp);
 	&xor	("eax","eax");	# signal "not fast enough [yet]"
 	&jmp	(&label("just_leave"));
 	# While the below code provides competitive performance for
 	# all key lengthes on modern Intel cores, it's still more
 	# than 10% slower for 4096-bit key elsewhere:-( "Competitive"
 	# means compared to the original integer-only assembler.
 	# 512-bit RSA sign is better by ~40%, but that's about all
 	# one can say about all CPUs...
 } else {
 $inp="esi";	# integer path uses these registers differently
 $word="edi";
 $carry="ebp";
 	&mov	($inp,$_ap);
 	&lea	($carry,&DWP(1,$num));
 	&mov	($word,$_bp);
 	&xor	($j,$j);				# j=0
 	&mov	("edx",$inp);
 	&and	($carry,1);				# see if num is even
 	&sub	("edx",$word);				# see if ap==bp
 	&lea	("eax",&DWP(4,$word,$num,4));		# &bp[num]
 	&or	($carry,"edx");
 	&mov	($word,&DWP(0,$word));			# bp[0]
 	&jz	(&label("bn_sqr_mont"));
 	&mov	($_bpend,"eax");
 	&mov	("eax",&DWP(0,$inp));
 	&xor	("edx","edx");
 &set_label("mull",16);
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[j]*bp[0]
 	&add	($carry,"eax");
 	&lea	($j,&DWP(1,$j));
 	&adc	("edx",0);
 	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
 	&cmp	($j,$num);
 	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
 	&jl	(&label("mull"));
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[num-1]*bp[0]
 	 &mov	($word,$_n0);
 	&add	("eax",$carry);
 	 &mov	($inp,$_np);
 	&adc	("edx",0);
 	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
 	&mov	(&DWP($frame,"esp",$num,4),"eax");	# tp[num-1]=
 	&xor	($j,$j);
 	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
 	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
 	&mov	("eax",&DWP(0,$inp));			# np[0]
 	&mul	($word);				# np[0]*m
 	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
 	&mov	("eax",&DWP(4,$inp));			# np[1]
 	&adc	("edx",0);
 	&inc	($j);
 	&jmp	(&label("2ndmadd"));
 &set_label("1stmadd",16);
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[j]*bp[i]
 	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
 	&lea	($j,&DWP(1,$j));
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
 	&adc	("edx",0);
 	&cmp	($j,$num);
 	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
 	&jl	(&label("1stmadd"));
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[num-1]*bp[i]
 	&add	("eax",&DWP($frame,"esp",$num,4));	# +=tp[num-1]
 	 &mov	($word,$_n0);
 	&adc	("edx",0);
 	 &mov	($inp,$_np);
 	&add	($carry,"eax");
 	&adc	("edx",0);
 	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
 	&xor	($j,$j);
 	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
 	&mov	(&DWP($frame,"esp",$num,4),$carry);	# tp[num-1]=
 	&adc	($j,0);
 	 &mov	("eax",&DWP(0,$inp));			# np[0]
 	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
 	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
 	&mul	($word);				# np[0]*m
 	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
 	&mov	("eax",&DWP(4,$inp));			# np[1]
 	&adc	("edx",0);
 	&mov	($j,1);
 &set_label("2ndmadd",16);
 	&mov	($carry,"edx");
 	&mul	($word);				# np[j]*m
 	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
 	&lea	($j,&DWP(1,$j));
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+1]
 	&adc	("edx",0);
 	&cmp	($j,$num);
 	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j-1]=
 	&jl	(&label("2ndmadd"));
 	&mov	($carry,"edx");
 	&mul	($word);				# np[j]*m
 	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&adc	("edx",0);
 	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
 	&xor	("eax","eax");
 	 &mov	($j,$_bp);				# &bp[i]
 	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
 	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
 	 &lea	($j,&DWP(4,$j));
 	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
 	 &cmp	($j,$_bpend);
 	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
 	&je	(&label("common_tail"));
 	&mov	($word,&DWP(0,$j));			# bp[i+1]
 	&mov	($inp,$_ap);
 	&mov	($_bp,$j);				# &bp[++i]
 	&xor	($j,$j);
 	&xor	("edx","edx");
 	&mov	("eax",&DWP(0,$inp));
 	&jmp	(&label("1stmadd"));
 &set_label("bn_sqr_mont",16);
 $sbit=$num;
 	&mov	($_num,$num);
 	&mov	($_bp,$j);				# i=0
 	&mov	("eax",$word);				# ap[0]
 	&mul	($word);				# ap[0]*ap[0]
 	&mov	(&DWP($frame,"esp"),"eax");		# tp[0]=
 	&mov	($sbit,"edx");
 	&shr	("edx",1);
 	&and	($sbit,1);
 	&inc	($j);
 &set_label("sqr",16);
 	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[j]*ap[0]
 	&add	("eax",$carry);
 	&lea	($j,&DWP(1,$j));
 	&adc	("edx",0);
 	&lea	($carry,&DWP(0,$sbit,"eax",2));
 	&shr	("eax",31);
 	&cmp	($j,$_num);
 	&mov	($sbit,"eax");
 	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
 	&jl	(&label("sqr"));
 	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[num-1]
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[num-1]*ap[0]
 	&add	("eax",$carry);
 	 &mov	($word,$_n0);
 	&adc	("edx",0);
 	 &mov	($inp,$_np);
 	&lea	($carry,&DWP(0,$sbit,"eax",2));
 	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
 	&shr	("eax",31);
 	&mov	(&DWP($frame,"esp",$j,4),$carry);	# tp[num-1]=
 	&lea	($carry,&DWP(0,"eax","edx",2));
 	 &mov	("eax",&DWP(0,$inp));			# np[0]
 	&shr	("edx",31);
 	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num]=
 	&mov	(&DWP($frame+8,"esp",$j,4),"edx");	# tp[num+1]=
 	&mul	($word);				# np[0]*m
 	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
 	&mov	($num,$j);
 	&adc	("edx",0);
 	&mov	("eax",&DWP(4,$inp));			# np[1]
 	&mov	($j,1);
 &set_label("3rdmadd",16);
 	&mov	($carry,"edx");
 	&mul	($word);				# np[j]*m
 	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&mov	("eax",&DWP(4,$inp,$j,4));		# np[j+1]
 	&adc	("edx",0);
 	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j-1]=
 	&mov	($carry,"edx");
 	&mul	($word);				# np[j+1]*m
 	&add	($carry,&DWP($frame+4,"esp",$j,4));	# +=tp[j+1]
 	&lea	($j,&DWP(2,$j));
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+2]
 	&adc	("edx",0);
 	&cmp	($j,$num);
 	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j]=
 	&jl	(&label("3rdmadd"));
 	&mov	($carry,"edx");
 	&mul	($word);				# np[j]*m
 	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
 	&adc	("edx",0);
 	&add	($carry,"eax");
 	&adc	("edx",0);
 	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
 	&mov	($j,$_bp);				# i
 	&xor	("eax","eax");
 	&mov	($inp,$_ap);
 	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
 	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
 	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
 	&cmp	($j,$num);
 	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
 	&je	(&label("common_tail"));
 	&mov	($word,&DWP(4,$inp,$j,4));		# ap[i]
 	&lea	($j,&DWP(1,$j));
 	&mov	("eax",$word);
 	&mov	($_bp,$j);				# ++i
 	&mul	($word);				# ap[i]*ap[i]
 	&add	("eax",&DWP($frame,"esp",$j,4));	# +=tp[i]
 	&adc	("edx",0);
 	&mov	(&DWP($frame,"esp",$j,4),"eax");	# tp[i]=
 	&xor	($carry,$carry);
 	&cmp	($j,$num);
 	&lea	($j,&DWP(1,$j));
 	&je	(&label("sqrlast"));
 	&mov	($sbit,"edx");				# zaps $num
 	&shr	("edx",1);
 	&and	($sbit,1);
 &set_label("sqradd",16);
 	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
 	&mov	($carry,"edx");
 	&mul	($word);				# ap[j]*ap[i]
 	&add	("eax",$carry);
 	&lea	($carry,&DWP(0,"eax","eax"));
 	&adc	("edx",0);
 	&shr	("eax",31);
 	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
 	&lea	($j,&DWP(1,$j));
 	&adc	("eax",0);
 	&add	($carry,$sbit);
 	&adc	("eax",0);
 	&cmp	($j,$_num);
 	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
 	&mov	($sbit,"eax");
 	&jle	(&label("sqradd"));
 	&mov	($carry,"edx");
 	&lea	("edx",&DWP(0,$sbit,"edx",2));
 	&shr	($carry,31);
 &set_label("sqrlast");
 	&mov	($word,$_n0);
 	&mov	($inp,$_np);
 	&imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
 	&add	("edx",&DWP($frame,"esp",$j,4));	# +=tp[num]
 	&mov	("eax",&DWP(0,$inp));			# np[0]
 	&adc	($carry,0);
 	&mov	(&DWP($frame,"esp",$j,4),"edx");	# tp[num]=
 	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num+1]=
 	&mul	($word);				# np[0]*m
 	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
 	&lea	($num,&DWP(-1,$j));
 	&adc	("edx",0);
 	&mov	($j,1);
 	&mov	("eax",&DWP(4,$inp));			# np[1]
 	&jmp	(&label("3rdmadd"));
 }
 &set_label("common_tail",16);
 	&mov	($np,$_np);			# load modulus pointer
 	&mov	($rp,$_rp);			# load result pointer
 	&lea	($tp,&DWP($frame,"esp"));	# [$ap and $bp are zapped]
 	&mov	("eax",&DWP(0,$tp));		# tp[0]
 	&mov	($j,$num);			# j=num-1
 	&xor	($i,$i);			# i=0 and clear CF!
 &set_label("sub",16);
 	&sbb	("eax",&DWP(0,$np,$i,4));
 	&mov	(&DWP(0,$rp,$i,4),"eax");	# rp[i]=tp[i]-np[i]
 	&dec	($j);				# doesn't affect CF!
 	&mov	("eax",&DWP(4,$tp,$i,4));	# tp[i+1]
 	&lea	($i,&DWP(1,$i));		# i++
 	&jge	(&label("sub"));
 	&sbb	("eax",0);			# handle upmost overflow bit
 	&and	($tp,"eax");
 	&not	("eax");
 	&mov	($np,$rp);
 	&and	($np,"eax");
 	&or	($tp,$np);			# tp=carry?tp:rp
 &set_label("copy",16);				# copy or in-place refresh
 	&mov	("eax",&DWP(0,$tp,$num,4));
 	&mov	(&DWP(0,$rp,$num,4),"eax");	# rp[i]=tp[i]
 	&mov	(&DWP($frame,"esp",$num,4),$j);	# zap temporary vector
 	&dec	($num);
 	&jge	(&label("copy"));
 	&mov	("esp",$_sp);		# pull saved stack pointer
 	&mov	("eax",1);
 &set_label("just_leave");
 &function_end("bn_mul_mont");
 &asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
 &asm_finish();
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -1,3 +1,6 @@
 #ifdef __SUNPRO_C
 # include "../bn_asm.c"	/* kind of dirty hack for Sun Studio */
 #else
 /*
 * x86_64 BIGNUM accelerator version 0.1, December 2002.
 *
@@ -591,3 +594,4 @@ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
 	r[6]=c1;
 	r[7]=c2;
 	}
 #endif
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -0,0 +1,213 @@
 #!/usr/bin/env perl
 # ====================================================================
 # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
 # project. The module is, however, dual licensed under OpenSSL and
 # CRYPTOGAMS licenses depending on where you obtain it. For further
 # details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 # October 2005.
 #
 # Montgomery multiplication routine for x86_64. While it gives modest
 # 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
 # than twice, >2x, as fast. Most common rsa1024 sign is improved by
 # respectful 50%. It remains to be seen if loop unrolling and
 # dedicated squaring routine can provide further improvement...
 $output=shift;
 $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
 ( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
 ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
 die "can't locate x86_64-xlate.pl";
 open STDOUT,"| $^X $xlate $output";
 # int bn_mul_mont(
 $rp="%rdi";	# BN_ULONG *rp,
 $ap="%rsi";	# const BN_ULONG *ap,
 $bp="%rdx";	# const BN_ULONG *bp,
 $np="%rcx";	# const BN_ULONG *np,
 $n0="%r8";	# const BN_ULONG *n0,
 $num="%r9";	# int num);
 $lo0="%r10";
 $hi0="%r11";
 $bp="%r12";	# reassign $bp
 $hi1="%r13";
 $i="%r14";
 $j="%r15";
 $m0="%rbx";
 $m1="%rbp";
 $code=<<___;
 .text
 .globl	bn_mul_mont
 .type	bn_mul_mont,\@function,6
 .align	16
 bn_mul_mont:
 	push	%rbx
 	push	%rbp
 	push	%r12
 	push	%r13
 	push	%r14
 	push	%r15
 	lea	2($num),%rax
 	mov	%rsp,%rbp
 	neg	%rax
 	lea	(%rsp,%rax,8),%rsp	# tp=alloca(8*(num+2))
 	and	\$-1024,%rsp		# minimize TLB usage
 	mov	%rbp,8(%rsp,$num,8)	# tp[num+1]=%rsp
 	mov	%rdx,$bp		# $bp reassigned, remember?
 	mov	($n0),$n0		# pull n0[0] value
 	xor	$i,$i			# i=0
 	xor	$j,$j			# j=0
 	mov	($bp),$m0		# m0=bp[0]
 	mov	($ap),%rax
 	mulq	$m0			# ap[0]*bp[0]
 	mov	%rax,$lo0
 	mov	%rdx,$hi0
 	imulq	$n0,%rax		# "tp[0]"*n0
 	mov	%rax,$m1
 	mulq	($np)			# np[0]*m1
 	add	$lo0,%rax		# discarded
 	adc	\$0,%rdx
 	mov	%rdx,$hi1
 	lea	1($j),$j		# j++
 .L1st:
 	mov	($ap,$j,8),%rax
 	mulq	$m0			# ap[j]*bp[0]
 	add	$hi0,%rax
 	adc	\$0,%rdx
 	mov	%rax,$lo0
 	mov	($np,$j,8),%rax
 	mov	%rdx,$hi0
 	mulq	$m1			# np[j]*m1
 	add	$hi1,%rax
 	lea	1($j),$j		# j++
 	adc	\$0,%rdx
 	add	$lo0,%rax		# np[j]*m1+ap[j]*bp[0]
 	adc	\$0,%rdx
 	mov	%rax,-16(%rsp,$j,8)	# tp[j-1]
 	cmp	$num,$j
 	mov	%rdx,$hi1
 	jl	.L1st
 	xor	%rdx,%rdx
 	add	$hi0,$hi1
 	adc	\$0,%rdx
 	mov	$hi1,-8(%rsp,$num,8)
 	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
 	lea	1($i),$i		# i++
 .align	4
 .Louter:
 	xor	$j,$j			# j=0
 	mov	($bp,$i,8),$m0		# m0=bp[i]
 	mov	($ap),%rax		# ap[0]
 	mulq	$m0			# ap[0]*bp[i]
 	add	(%rsp),%rax		# ap[0]*bp[i]+tp[0]
 	adc	\$0,%rdx
 	mov	%rax,$lo0
 	mov	%rdx,$hi0
 	imulq	$n0,%rax		# tp[0]*n0
 	mov	%rax,$m1
 	mulq	($np,$j,8)		# np[0]*m1
 	add	$lo0,%rax		# discarded
 	mov	8(%rsp),$lo0		# tp[1]
 	adc	\$0,%rdx
 	mov	%rdx,$hi1
 	lea	1($j),$j		# j++
 .align	4
 .Linner:
 	mov	($ap,$j,8),%rax
 	mulq	$m0			# ap[j]*bp[i]
 	add	$hi0,%rax
 	adc	\$0,%rdx
 	add	%rax,$lo0		# ap[j]*bp[i]+tp[j]
 	mov	($np,$j,8),%rax
 	adc	\$0,%rdx
 	mov	%rdx,$hi0
 	mulq	$m1			# np[j]*m1
 	add	$hi1,%rax
 	lea	1($j),$j		# j++
 	adc	\$0,%rdx
 	add	$lo0,%rax		# np[j]*m1+ap[j]*bp[i]+tp[j]
 	adc	\$0,%rdx
 	mov	(%rsp,$j,8),$lo0
 	cmp	$num,$j
 	mov	%rax,-16(%rsp,$j,8)	# tp[j-1]
 	mov	%rdx,$hi1
 	jl	.Linner
 	xor	%rdx,%rdx
 	add	$hi0,$hi1
 	adc	\$0,%rdx
 	add	$lo0,$hi1		# pull upmost overflow bit
 	adc	\$0,%rdx
 	mov	$hi1,-8(%rsp,$num,8)
 	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
 	lea	1($i),$i		# i++
 	cmp	$num,$i
 	jl	.Louter
 	lea	(%rsp),$ap		# borrow ap for tp
 	lea	-1($num),$j		# j=num-1
 	mov	($ap),%rax		# tp[0]
 	xor	$i,$i			# i=0 and clear CF!
 	jmp	.Lsub
 .align	16
 .Lsub:	sbb	($np,$i,8),%rax
 	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
 	dec	$j			# doesn't affect CF!
 	mov	8($ap,$i,8),%rax	# tp[i+1]
 	lea	1($i),$i		# i++
 	jge	.Lsub
 	sbb	\$0,%rax		# handle upmost overflow bit
 	and	%rax,$ap
 	not	%rax
 	mov	$rp,$np
 	and	%rax,$np
 	lea	-1($num),$j
 	or	$np,$ap			# ap=borrow?tp:rp
 .align	16
 .Lcopy:					# copy or in-place refresh
 	mov	($ap,$j,8),%rax
 	mov	%rax,($rp,$j,8)		# rp[i]=tp[i]
 	mov	$i,(%rsp,$j,8)		# zap temporary vector
 	dec	$j
 	jge	.Lcopy
 	mov	8(%rsp,$num,8),%rsp	# restore %rsp
 	mov	\$1,%rax
 	pop	%r15
 	pop	%r14
 	pop	%r13
 	pop	%r12
 	pop	%rbp
 	pop	%rbx
 	ret
 .size	bn_mul_mont,.-bn_mul_mont
 .asciz	"Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
 ___
 print $code;
 close STDOUT;
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -245,8 +245,18 @@ extern "C" {
 #define BN_FLG_MALLOCED		0x01
 #define BN_FLG_STATIC_DATA	0x02
-#define BN_FLG_EXP_CONSTTIME	0x04 /* avoid leaking exponent information through timings
+#define BN_FLG_CONSTTIME	0x04 /* avoid leaking exponent information through timing,
-                            	      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
+                                      * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
                                      * BN_div() will call BN_div_no_branch,
                                      * BN_mod_inverse() will call BN_mod_inverse_no_branch.
                                      */
 #ifndef OPENSSL_NO_DEPRECATED
 #define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
                                      /* avoid leaking exponent information through timings
                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
 #endif
 #ifndef OPENSSL_NO_DEPRECATED
 #define BN_FLG_FREE		0x8000	/* used for debuging */
 #endif
@@ -412,9 +422,15 @@ int	BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
 int	BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
 int	BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
 int	BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx);
-/* BN_set_negative(): sets sign of a bignum */
+/** BN_set_negative sets sign of a BIGNUM
 * \param  b  pointer to the BIGNUM object
 * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise 
 */
 void	BN_set_negative(BIGNUM *b, int n);
-/* BN_get_negative():  returns 1 if the bignum is < 0 and 0 otherwise */
+/** BN_is_negative returns 1 if the BIGNUM is negative
 * \param  a  pointer to the BIGNUM object
 * \return 1 if a < 0 and 0 otherwise
 */
 #define BN_is_negative(a) ((a)->neg != 0)
 int	BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
@@ -510,6 +526,26 @@ int	BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
 int	BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
 		int do_trial_division, BN_GENCB *cb);
 int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			void (*cb)(int, int, void *), void *cb_arg,
 			const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
 			const BIGNUM *e, BN_CTX *ctx);
 int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
 int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			BIGNUM *Xp1, BIGNUM *Xp2,
 			const BIGNUM *Xp,
 			const BIGNUM *e, BN_CTX *ctx,
 			void (*cb)(int, int, void *), void *cb_arg);
 int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
 			const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
 int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			BIGNUM *Xp1, BIGNUM *Xp2,
 			const BIGNUM *Xp,
 			const BIGNUM *e, BN_CTX *ctx,
 			BN_GENCB *cb);
 BN_MONT_CTX *BN_MONT_CTX_new(void );
 void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
 int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
@@ -528,7 +564,7 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
 #define	BN_BLINDING_NO_UPDATE	0x00000001
 #define	BN_BLINDING_NO_RECREATE	0x00000002
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
 void BN_BLINDING_free(BN_BLINDING *b);
 int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
@@ -540,7 +576,7 @@ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
 unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
 void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
 BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
 	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
 	BN_MONT_CTX *m_ctx);
@@ -769,6 +805,7 @@ void ERR_load_BN_strings(void);
 #define BN_F_BN_CTX_NEW					 106
 #define BN_F_BN_CTX_START				 129
 #define BN_F_BN_DIV					 107
 #define BN_F_BN_DIV_NO_BRANCH				 138
 #define BN_F_BN_DIV_RECP				 130
 #define BN_F_BN_EXP					 123
 #define BN_F_BN_EXPAND2					 108
@@ -787,6 +824,7 @@ void ERR_load_BN_strings(void);
 #define BN_F_BN_MOD_EXP_RECP				 125
 #define BN_F_BN_MOD_EXP_SIMPLE				 126
 #define BN_F_BN_MOD_INVERSE				 110
 #define BN_F_BN_MOD_INVERSE_NO_BRANCH			 139
 #define BN_F_BN_MOD_LSHIFT_QUICK			 119
 #define BN_F_BN_MOD_MUL_RECIPROCAL			 111
 #define BN_F_BN_MOD_SQRT				 121
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -131,7 +131,7 @@ struct bn_blinding_st
 			  BN_MONT_CTX *m_ctx);
 	};
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod)
 	{
 	BN_BLINDING *ret=NULL;
@@ -151,7 +151,12 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
 		{
 		if ((ret->Ai = BN_dup(Ai)) == NULL) goto err;
 		}
-	ret->mod = mod;
+
 	/* save a copy of mod in the BN_BLINDING structure */
 	if ((ret->mod = BN_dup(mod)) == NULL) goto err;
 	if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
 		BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
 	ret->counter = BN_BLINDING_COUNTER;
 	return(ret);
 err:
@@ -167,6 +172,7 @@ void BN_BLINDING_free(BN_BLINDING *r)
 	if (r->A  != NULL) BN_free(r->A );
 	if (r->Ai != NULL) BN_free(r->Ai);
 	if (r->e  != NULL) BN_free(r->e );
 	if (r->mod != NULL) BN_free(r->mod); 
 	OPENSSL_free(r);
 	}
@@ -278,7 +284,7 @@ void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
 	}
 BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
 	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
 	BN_MONT_CTX *m_ctx)
--- a/crypto/bn/bn_depr.c
+++ b/crypto/bn/bn_depr.c
@@ -109,4 +109,26 @@ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
 	return BN_is_prime_fasttest_ex(a, checks, ctx_passed,
 				do_trial_division, &cb);
 	}
 int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			void (*callback)(int, int, void *), void *cb_arg,
 			const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
 			const BIGNUM *e, BN_CTX *ctx)
 	{
 	BN_GENCB cb;
 	BN_GENCB_set_old(&cb, callback, cb_arg);
 	return BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, &cb);
 	}
 int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
 			BIGNUM *Xp1, BIGNUM *Xp2,
 			const BIGNUM *Xp,
 			const BIGNUM *e, BN_CTX *ctx,
 			void (*callback)(int, int, void *), void *cb_arg)
 	{
 	BN_GENCB cb;
 	BN_GENCB_set_old(&cb, callback, cb_arg);
 	return BN_X931_generate_prime_ex(p, p1, p2, Xp1, Xp2, Xp, e, ctx, &cb);
 	}
 #endif
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -169,13 +169,15 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
 #endif /* OPENSSL_NO_ASM */
-/* BN_div computes  dv := num / divisor,  rounding towards zero, and sets up
+/* BN_div[_no_branch] computes  dv := num / divisor,  rounding towards
- * rm  such that  dv*divisor + rm = num  holds.
+ * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
 * Thus:
 *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
 *     rm->neg == num->neg                 (unless the remainder is zero)
 * If 'dv' or 'rm' is NULL, the respective value is not returned.
 */
 static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
        const BIGNUM *divisor, BN_CTX *ctx);
 int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	   BN_CTX *ctx)
 	{
@@ -185,6 +187,11 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 	BN_ULONG d0,d1;
 	int num_n,div_n;
 	if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0))
 		{
 		return BN_div_no_branch(dv, rm, num, divisor, ctx);
 		}
 	bn_check_top(dv);
 	bn_check_top(rm);
 	bn_check_top(num);
@@ -397,4 +404,229 @@ err:
 	return(0);
 	}
 /* BN_div_no_branch is a special version of BN_div. It does not contain
 * branches that may leak sensitive information.
 */
 static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, 
 	const BIGNUM *divisor, BN_CTX *ctx)
 	{
 	int norm_shift,i,loop;
 	BIGNUM *tmp,wnum,*snum,*sdiv,*res;
 	BN_ULONG *resp,*wnump;
 	BN_ULONG d0,d1;
 	int num_n,div_n;
 	bn_check_top(dv);
 	bn_check_top(rm);
 	bn_check_top(num);
 	bn_check_top(divisor);
 	if (BN_is_zero(divisor))
 		{
 		BNerr(BN_F_BN_DIV_NO_BRANCH,BN_R_DIV_BY_ZERO);
 		return(0);
 		}
 	BN_CTX_start(ctx);
 	tmp=BN_CTX_get(ctx);
 	snum=BN_CTX_get(ctx);
 	sdiv=BN_CTX_get(ctx);
 	if (dv == NULL)
 		res=BN_CTX_get(ctx);
 	else	res=dv;
 	if (sdiv == NULL || res == NULL) goto err;
 	/* First we normalise the numbers */
 	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
 	if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
 	sdiv->neg=0;
 	norm_shift+=BN_BITS2;
 	if (!(BN_lshift(snum,num,norm_shift))) goto err;
 	snum->neg=0;
 	/* Since we don't know whether snum is larger than sdiv,
 	 * we pad snum with enough zeroes without changing its
 	 * value. 
 	 */
 	if (snum->top <= sdiv->top+1) 
 		{
 		if (bn_wexpand(snum, sdiv->top + 2) == NULL) goto err;
 		for (i = snum->top; i < sdiv->top + 2; i++) snum->d[i] = 0;
 		snum->top = sdiv->top + 2;
 		}
 	else
 		{
 		if (bn_wexpand(snum, snum->top + 1) == NULL) goto err;
 		snum->d[snum->top] = 0;
 		snum->top ++;
 		}
 	div_n=sdiv->top;
 	num_n=snum->top;
 	loop=num_n-div_n;
 	/* Lets setup a 'window' into snum
 	 * This is the part that corresponds to the current
 	 * 'area' being divided */
 	wnum.neg   = 0;
 	wnum.d     = &(snum->d[loop]);
 	wnum.top   = div_n;
 	/* only needed when BN_ucmp messes up the values between top and max */
 	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
 	/* Get the top 2 words of sdiv */
 	/* div_n=sdiv->top; */
 	d0=sdiv->d[div_n-1];
 	d1=(div_n == 1)?0:sdiv->d[div_n-2];
 	/* pointer to the 'top' of snum */
 	wnump= &(snum->d[num_n-1]);
 	/* Setup to 'res' */
 	res->neg= (num->neg^divisor->neg);
 	if (!bn_wexpand(res,(loop+1))) goto err;
 	res->top=loop-1;
 	resp= &(res->d[loop-1]);
 	/* space for temp */
 	if (!bn_wexpand(tmp,(div_n+1))) goto err;
 	/* if res->top == 0 then clear the neg value otherwise decrease
 	 * the resp pointer */
 	if (res->top == 0)
 		res->neg = 0;
 	else
 		resp--;
 	for (i=0; i<loop-1; i++, wnump--, resp--)
 		{
 		BN_ULONG q,l0;
 		/* the first part of the loop uses the top two words of
 		 * snum and sdiv to calculate a BN_ULONG q such that
 		 * | wnum - sdiv * q | < sdiv */
 #if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
 		BN_ULONG bn_div_3_words(BN_ULONG*,BN_ULONG,BN_ULONG);
 		q=bn_div_3_words(wnump,d1,d0);
 #else
 		BN_ULONG n0,n1,rem=0;
 		n0=wnump[0];
 		n1=wnump[-1];
 		if (n0 == d0)
 			q=BN_MASK2;
 		else 			/* n0 < d0 */
 			{
 #ifdef BN_LLONG
 			BN_ULLONG t2;
 #if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
 			q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
 #else
 			q=bn_div_words(n0,n1,d0);
 #ifdef BN_DEBUG_LEVITTE
 			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
 X) -> 0x%08X\n",
 				n0, n1, d0, q);
 #endif
 #endif
 #ifndef REMAINDER_IS_ALREADY_CALCULATED
 			/*
 			 * rem doesn't have to be BN_ULLONG. The least we
 			 * know it's less that d0, isn't it?
 			 */
 			rem=(n1-q*d0)&BN_MASK2;
 #endif
 			t2=(BN_ULLONG)d1*q;
 			for (;;)
 				{
 				if (t2 <= ((((BN_ULLONG)rem)<<BN_BITS2)|wnump[-2]))
 					break;
 				q--;
 				rem += d0;
 				if (rem < d0) break; /* don't let rem overflow */
 				t2 -= d1;
 				}
 #else /* !BN_LLONG */
 			BN_ULONG t2l,t2h,ql,qh;
 			q=bn_div_words(n0,n1,d0);
 #ifdef BN_DEBUG_LEVITTE
 			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
 X) -> 0x%08X\n",
 				n0, n1, d0, q);
 #endif
 #ifndef REMAINDER_IS_ALREADY_CALCULATED
 			rem=(n1-q*d0)&BN_MASK2;
 #endif
 #if defined(BN_UMULT_LOHI)
 			BN_UMULT_LOHI(t2l,t2h,d1,q);
 #elif defined(BN_UMULT_HIGH)
 			t2l = d1 * q;
 			t2h = BN_UMULT_HIGH(d1,q);
 #else
 			t2l=LBITS(d1); t2h=HBITS(d1);
 			ql =LBITS(q);  qh =HBITS(q);
 			mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
 #endif
 			for (;;)
 				{
 				if ((t2h < rem) ||
 					((t2h == rem) && (t2l <= wnump[-2])))
 					break;
 				q--;
 				rem += d0;
 				if (rem < d0) break; /* don't let rem overflow */
 				if (t2l < d1) t2h--; t2l -= d1;
 				}
 #endif /* !BN_LLONG */
 			}
 #endif /* !BN_DIV3W */
 		l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
 		tmp->d[div_n]=l0;
 		wnum.d--;
 		/* ingore top values of the bignums just sub the two 
 		 * BN_ULONG arrays with bn_sub_words */
 		if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n+1))
 			{
 			/* Note: As we have considered only the leading
 			 * two BN_ULONGs in the calculation of q, sdiv * q
 			 * might be greater than wnum (but then (q-1) * sdiv
 			 * is less or equal than wnum)
 			 */
 			q--;
 			if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
 				/* we can't have an overflow here (assuming
 				 * that q != 0, but if q == 0 then tmp is
 				 * zero anyway) */
 				(*wnump)++;
 			}
 		/* store part of the result */
 		*resp = q;
 		}
 	bn_correct_top(snum);
 	if (rm != NULL)
 		{
 		/* Keep a copy of the neg flag in num because if rm==num
 		 * BN_rshift() will overwrite it.
 		 */
 		int neg = num->neg;
 		BN_rshift(rm,snum,norm_shift);
 		if (!BN_is_zero(rm))
 			rm->neg = neg;
 		bn_check_top(rm);
 		}
 	bn_correct_top(res);
 	BN_CTX_end(ctx);
 	return(1);
 err:
 	bn_check_top(rm);
 	BN_CTX_end(ctx);
 	return(0);
 	}
 #endif
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
 /* crypto/bn/bn_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -82,6 +82,7 @@ static ERR_STRING_DATA BN_str_functs[]=
 {ERR_FUNC(BN_F_BN_CTX_NEW),	"BN_CTX_new"},
 {ERR_FUNC(BN_F_BN_CTX_START),	"BN_CTX_start"},
 {ERR_FUNC(BN_F_BN_DIV),	"BN_div"},
 {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH),	"BN_div_no_branch"},
 {ERR_FUNC(BN_F_BN_DIV_RECP),	"BN_div_recp"},
 {ERR_FUNC(BN_F_BN_EXP),	"BN_exp"},
 {ERR_FUNC(BN_F_BN_EXPAND2),	"bn_expand2"},
@@ -100,6 +101,7 @@ static ERR_STRING_DATA BN_str_functs[]=
 {ERR_FUNC(BN_F_BN_MOD_EXP_RECP),	"BN_mod_exp_recp"},
 {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE),	"BN_mod_exp_simple"},
 {ERR_FUNC(BN_F_BN_MOD_INVERSE),	"BN_mod_inverse"},
 {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH),	"BN_mod_inverse_no_branch"},
 {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK),	"BN_mod_lshift_quick"},
 {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL),	"BN_mod_mul_reciprocal"},
 {ERR_FUNC(BN_F_BN_MOD_SQRT),	"BN_mod_sqrt"},
@@ -137,15 +139,12 @@ static ERR_STRING_DATA BN_str_reasons[]=
 void ERR_load_BN_strings(void)
 	{
 	static int init=1;
 	if (init)
 		{
 		init=0;
 #ifndef OPENSSL_NO_ERR
 	if (ERR_func_error_string(BN_str_functs[0].error) == NULL)
 		{
 		ERR_load_strings(0,BN_str_functs);
 		ERR_load_strings(0,BN_str_reasons);
 #endif
 		}
 #endif
 	}
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -122,9 +122,9 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 	int i,bits,ret=0;
 	BIGNUM *v,*rr;
-	if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
 		{
-		/* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
 		BNerr(BN_F_BN_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return -1;
 		}
@@ -213,7 +213,7 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
 	if (BN_is_odd(m))
 		{
 #  ifdef MONT_EXP_WORD
-		if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) == 0))
+		if (a->top == 1 && !a->neg && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0))
 			{
 			BN_ULONG A = a->d[0];
 			ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL);
@@ -245,9 +245,9 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	BIGNUM *val[TABLE_SIZE];
 	BN_RECP_CTX recp;
-	if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
 		{
-		/* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
 		BNerr(BN_F_BN_MOD_EXP_RECP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return -1;
 		}
@@ -379,7 +379,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
 	BIGNUM *val[TABLE_SIZE];
 	BN_MONT_CTX *mont=NULL;
-	if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
 		{
 		return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
 		}
@@ -745,9 +745,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
 #define BN_TO_MONTGOMERY_WORD(r, w, mont) \
 		(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-	if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
 		{
-		/* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
 		BNerr(BN_F_BN_MOD_EXP_MONT_WORD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return -1;
 		}
@@ -881,9 +881,9 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	/* Table of variables obtained from 'ctx' */
 	BIGNUM *val[TABLE_SIZE];
-	if (BN_get_flags(p, BN_FLG_EXP_CONSTTIME) != 0)
+	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)
 		{
-		/* BN_FLG_EXP_CONSTTIME only supported by BN_mod_exp_mont() */
+		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
 		BNerr(BN_F_BN_MOD_EXP_SIMPLE,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return -1;
 		}
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -203,6 +203,8 @@ err:
 /* solves ax == 1 (mod n) */
 static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
        const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
 BIGNUM *BN_mod_inverse(BIGNUM *in,
 	const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
 	{
@@ -210,6 +212,11 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
 	BIGNUM *ret=NULL;
 	int sign;
 	if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0))
 		{
 		return BN_mod_inverse_no_branch(in, a, n, ctx);
 		}
 	bn_check_top(a);
 	bn_check_top(n);
@@ -491,3 +498,157 @@ err:
 	bn_check_top(ret);
 	return(ret);
 	}
 /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. 
 * It does not contain branches that may leak sensitive information.
 */
 static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
 	const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
 	{
 	BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL;
 	BIGNUM local_A, local_B;
 	BIGNUM *pA, *pB;
 	BIGNUM *ret=NULL;
 	int sign;
 	bn_check_top(a);
 	bn_check_top(n);
 	BN_CTX_start(ctx);
 	A = BN_CTX_get(ctx);
 	B = BN_CTX_get(ctx);
 	X = BN_CTX_get(ctx);
 	D = BN_CTX_get(ctx);
 	M = BN_CTX_get(ctx);
 	Y = BN_CTX_get(ctx);
 	T = BN_CTX_get(ctx);
 	if (T == NULL) goto err;
 	if (in == NULL)
 		R=BN_new();
 	else
 		R=in;
 	if (R == NULL) goto err;
 	BN_one(X);
 	BN_zero(Y);
 	if (BN_copy(B,a) == NULL) goto err;
 	if (BN_copy(A,n) == NULL) goto err;
 	A->neg = 0;
 	if (B->neg || (BN_ucmp(B, A) >= 0))
 		{
 		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
 	 	 * BN_div_no_branch will be called eventually.
 	 	 */
 		pB = &local_B;
 		BN_with_flags(pB, B, BN_FLG_CONSTTIME);	
 		if (!BN_nnmod(B, pB, A, ctx)) goto err;
 		}
 	sign = -1;
 	/* From  B = a mod |n|,  A = |n|  it follows that
 	 *
 	 *      0 <= B < A,
 	 *     -sign*X*a  ==  B   (mod |n|),
 	 *      sign*Y*a  ==  A   (mod |n|).
 	 */
 	while (!BN_is_zero(B))
 		{
 		BIGNUM *tmp;
 		/*
 		 *      0 < B < A,
 		 * (*) -sign*X*a  ==  B   (mod |n|),
 		 *      sign*Y*a  ==  A   (mod |n|)
 		 */
 		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
 	 	 * BN_div_no_branch will be called eventually.
 	 	 */
 		pA = &local_A;
 		BN_with_flags(pA, A, BN_FLG_CONSTTIME);	
 		/* (D, M) := (A/B, A%B) ... */		
 		if (!BN_div(D,M,pA,B,ctx)) goto err;
 		/* Now
 		 *      A = D*B + M;
 		 * thus we have
 		 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
 		 */
 		tmp=A; /* keep the BIGNUM object, the value does not matter */
 		/* (A, B) := (B, A mod B) ... */
 		A=B;
 		B=M;
 		/* ... so we have  0 <= B < A  again */
 		/* Since the former  M  is now  B  and the former  B  is now  A,
 		 * (**) translates into
 		 *       sign*Y*a  ==  D*A + B    (mod |n|),
 		 * i.e.
 		 *       sign*Y*a - D*A  ==  B    (mod |n|).
 		 * Similarly, (*) translates into
 		 *      -sign*X*a  ==  A          (mod |n|).
 		 *
 		 * Thus,
 		 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
 		 * i.e.
 		 *        sign*(Y + D*X)*a  ==  B  (mod |n|).
 		 *
 		 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
 		 *      -sign*X*a  ==  B   (mod |n|),
 		 *       sign*Y*a  ==  A   (mod |n|).
 		 * Note that  X  and  Y  stay non-negative all the time.
 		 */
 		if (!BN_mul(tmp,D,X,ctx)) goto err;
 		if (!BN_add(tmp,tmp,Y)) goto err;
 		M=Y; /* keep the BIGNUM object, the value does not matter */
 		Y=X;
 		X=tmp;
 		sign = -sign;
 		}
 	/*
 	 * The while loop (Euclid's algorithm) ends when
 	 *      A == gcd(a,n);
 	 * we have
 	 *       sign*Y*a  ==  A  (mod |n|),
 	 * where  Y  is non-negative.
 	 */
 	if (sign < 0)
 		{
 		if (!BN_sub(Y,n,Y)) goto err;
 		}
 	/* Now  Y*a  ==  A  (mod |n|).  */
 	if (BN_is_one(A))
 		{
 		/* Y*a == 1  (mod |n|) */
 		if (!Y->neg && BN_ucmp(Y,n) < 0)
 			{
 			if (!BN_copy(R,Y)) goto err;
 			}
 		else
 			{
 			if (!BN_nnmod(R,Y,n,ctx)) goto err;
 			}
 		}
 	else
 		{
 		BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH,BN_R_NO_INVERSE);
 		goto err;
 		}
 	ret=R;
 err:
 	if ((ret == NULL) && (in == NULL)) BN_free(R);
 	BN_CTX_end(ctx);
 	bn_check_top(ret);
 	return(ret);
 	}
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -1080,7 +1080,8 @@ int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a)
 	BN_zero(a);
 	for (i = 0; p[i] != 0; i++)
 		{
-		BN_set_bit(a, p[i]);
+		if (BN_set_bit(a, p[i]) == 0)
 			return 0;
 		}
 	BN_set_bit(a, 0);
 	bn_check_top(a);
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -481,6 +481,7 @@ BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
 	int cl, int dl);
 BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
 	int cl, int dl);
 int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
 #ifdef  __cplusplus
 }
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -67,7 +67,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
-const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT;
+const char BN_version[]="Big Number" OPENSSL_VERSION_PTEXT;
 /* This stuff appears to be completely unused, so is deprecated */
 #ifndef OPENSSL_NO_DEPRECATED
@@ -139,25 +139,6 @@ const BIGNUM *BN_value_one(void)
 	return(&const_one);
 	}
 char *BN_options(void)
 	{
 	static int init=0;
 	static char data[16];
 	if (!init)
 		{
 		init++;
 #ifdef BN_LLONG
 		BIO_snprintf(data,sizeof data,"bn(%d,%d)",
 			     (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
 #else
 		BIO_snprintf(data,sizeof data,"bn(%d,%d)",
 			     (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
 #endif
 		}
 	return(data);
 	}
 int BN_num_bits_word(BN_ULONG l)
 	{
 	static const char bits[256]={
@@ -763,7 +744,7 @@ int BN_is_bit_set(const BIGNUM *a, int n)
 	i=n/BN_BITS2;
 	j=n%BN_BITS2;
 	if (a->top <= i) return 0;
-	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+	return(((a->d[i])>>j)&((BN_ULONG)1));
 	}
 int BN_mask_bits(BIGNUM *a, int n)
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -55,6 +55,59 @@
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
 /* ====================================================================
 * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
 /*
 * Details about Montgomery multiplication algorithms can be found at
@@ -74,6 +127,21 @@ int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 	{
 	BIGNUM *tmp;
 	int ret=0;
 #if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
 	int num = mont->N.top;
 	if (num>1 && a->top==num && b->top==num)
 		{
 		if (bn_wexpand(r,num) == NULL) return(0);
 		if (bn_mul_mont(r->d,a->d,b->d,mont->N.d,&mont->n0,num))
 			{
 			r->neg = a->neg^b->neg;
 			r->top = num;
 			bn_correct_top(r);
 			return(1);
 			}
 		}
 #endif
 	BN_CTX_start(ctx);
 	tmp = BN_CTX_get(ctx);
@@ -123,7 +191,6 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	max=(nl+al+1); /* allow for overflow (no?) XXX */
 	if (bn_wexpand(r,max) == NULL) goto err;
 	if (bn_wexpand(ret,max) == NULL) goto err;
 	r->neg=a->neg^n->neg;
 	np=n->d;
@@ -175,19 +242,72 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 		}
 	bn_correct_top(r);
-	/* mont->ri will be a multiple of the word size */
+	/* mont->ri will be a multiple of the word size and below code
-#if 0
+	 * is kind of BN_rshift(ret,r,mont->ri) equivalent */
-	BN_rshift(ret,r,mont->ri);
+	if (r->top <= ri)
-#else
+		{
-	ret->neg = r->neg;
+		ret->top=0;
-	x=ri;
+		retn=1;
 		goto err;
 		}
 	al=r->top-ri;
 # define BRANCH_FREE 1
 # if BRANCH_FREE
 	if (bn_wexpand(ret,ri) == NULL) goto err;
 	x=0-(((al-ri)>>(sizeof(al)*8-1))&1);
 	ret->top=x=(ri&~x)|(al&x);	/* min(ri,al) */
 	ret->neg=r->neg;
 	rp=ret->d;
-	ap= &(r->d[x]);
+	ap=&(r->d[ri]);
-	if (r->top < x)
+
-		al=0;
+	{
-	else
+	size_t m1,m2;
-		al=r->top-x;
+
 	v=bn_sub_words(rp,ap,np,ri);
 	/* this ----------------^^ works even in al<ri case
 	 * thanks to zealous zeroing of top of the vector in the
 	 * beginning. */
 	/* if (al==ri && !v) || al>ri) nrp=rp; else nrp=ap; */
 	/* in other words if subtraction result is real, then
 	 * trick unconditional memcpy below to perform in-place
 	 * "refresh" instead of actual copy. */
 	m1=0-(size_t)(((al-ri)>>(sizeof(al)*8-1))&1);	/* al<ri */
 	m2=0-(size_t)(((ri-al)>>(sizeof(al)*8-1))&1);	/* al>ri */
 	m1|=m2;			/* (al!=ri) */
 	m1|=(0-(size_t)v);	/* (al!=ri || v) */
 	m1&=~m2;		/* (al!=ri || v) && !al>ri */
 	nrp=(BN_ULONG *)(((size_t)rp&~m1)|((size_t)ap&m1));
 	}
 	/* 'i<ri' is chosen to eliminate dependency on input data, even
 	 * though it results in redundant copy in al<ri case. */
 	for (i=0,ri-=4; i<ri; i+=4)
 		{
 		BN_ULONG t1,t2,t3,t4;
 		t1=nrp[i+0];
 		t2=nrp[i+1];
 		t3=nrp[i+2];	ap[i+0]=0;
 		t4=nrp[i+3];	ap[i+1]=0;
 		rp[i+0]=t1;	ap[i+2]=0;
 		rp[i+1]=t2;	ap[i+3]=0;
 		rp[i+2]=t3;
 		rp[i+3]=t4;
 		}
 	for (ri+=4; i<ri; i++)
 		rp[i]=nrp[i], ap[i]=0;
 	bn_correct_top(r);
 	bn_correct_top(ret);
 # else
 	if (bn_wexpand(ret,al) == NULL) goto err;
 	ret->top=al;
 	ret->neg=r->neg;
 	rp=ret->d;
 	ap=&(r->d[ri]);
 	al-=4;
 	for (i=0; i<al; i+=4)
 		{
@@ -205,7 +325,7 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	al+=4;
 	for (; i<al; i++)
 		rp[i]=ap[i];
-#endif
+# endif
 #else /* !MONT_WORD */ 
 	BIGNUM *t1,*t2;
@@ -225,10 +345,12 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 	if (!BN_rshift(ret,t2,mont->ri)) goto err;
 #endif /* MONT_WORD */
 #if !defined(BRANCH_FREE) || BRANCH_FREE==0
 	if (BN_ucmp(ret, &(mont->N)) >= 0)
 		{
 		if (!BN_usub(ret,ret,&(mont->N))) goto err;
 		}
 #endif
 	retn=1;
 	bn_check_top(ret);
 err:
@@ -353,18 +475,32 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
 BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
 					const BIGNUM *mod, BN_CTX *ctx)
 	{
-	if (*pmont)
+	int got_write_lock = 0;
-		return *pmont;
+	BN_MONT_CTX *ret;
-	CRYPTO_w_lock(lock);
+
 	CRYPTO_r_lock(lock);
 	if (!*pmont)
 		{
-		*pmont = BN_MONT_CTX_new();
+		CRYPTO_r_unlock(lock);
-		if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx))
+		CRYPTO_w_lock(lock);
 		got_write_lock = 1;
 		if (!*pmont)
 			{
-			BN_MONT_CTX_free(*pmont);
+			ret = BN_MONT_CTX_new();
-			*pmont = NULL;
+			if (ret && !BN_MONT_CTX_set(ret, mod, ctx))
 				BN_MONT_CTX_free(ret);
 			else
 				*pmont = ret;
 			}
 		}
-	CRYPTO_w_unlock(lock);
+	
-	return *pmont;
+	ret = *pmont;
 	if (got_write_lock)
 		CRYPTO_w_unlock(lock);
 	else
 		CRYPTO_r_unlock(lock);
 	return ret;
 	}
--- a/Show More
+++ b/Show More