--- /dev/null
+Copyright (C) 1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with Netscapes SSL.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution, be it the RC4, RSA,
+lhash, DES, etc., code; not just the SSL code. The SSL documentation
+included with this distribution is covered by the same copyright terms
+except that the holder is Tim Hudson (tjh@cryptsoft.com).
+
+Please note that MD2, MD5 and IDEA are publically available standards
+that contain sample implementations, I have re-coded them in my own
+way but there is nothing special about those implementations. The DES
+library is another mater :-).
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of the parts of the library used.
+This can be in the form of a textual message at program startup or
+in documentation (online or textual) provided with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ "This product includes cryptographic software written by
+ Eric Young (eay@cryptsoft.com)"
+ The word 'cryptographic' can be left out if the rouines from the library
+ being used are not cryptographic related :-).
+4. If you include any Windows specific code (or a derivative thereof) from
+ the apps directory (application code) you must include an acknowledgement:
+ "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The licence and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distribution licence
+[including the GNU Public Licence.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
--- /dev/null
+#!/usr/local/bin/perl
+#
+# see PROBLEMS for instructions on what sort of things to do when
+# tracking a bug --tjh
+#
+# extra options
+# -DRSAref build to use RSAref
+# -DNO_IDEA build with no IDEA algorithm
+# -DNO_RC4 build with no RC4 algorithm
+# -DNO_RC2 build with no RC2 algorithm
+# -DNO_BF build with no Blowfish algorithm
+# -DNO_DES build with no DES/3DES algorithm
+# -DNO_MD2 build with no MD2 algorithm
+#
+# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
+# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
+# dependancies but needs to more registers, good for RISC CPU's
+# DES_RISC2 A different RISC variant.
+# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
+# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
+# This is used on the DEC Alpha where long is 8 bytes
+# and int is 4
+# BN_LLONG use the type 'long long' in crypto/bn/bn.h
+# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h
+# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h
+# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_enc.c. This turns on
+# array lookups instead of pointer use.
+# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
+# BF_PTR2 use a pentium/intel specific version.
+
+$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
+
+# MD2_CHAR slags pentium pros
+$x86_gcc_opts="RC4_INDEX MD2_INT BF_PTR2";
+
+# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
+# Don't worry about these normally
+
+$tcc="cc";
+$tflags="-fast -Xa";
+$tbn_mul="";
+$tlib="-lnsl -lsocket";
+#$bits1="SIXTEEN_BIT ";
+#$bits2="THIRTY_TWO_BIT ";
+$bits1="THIRTY_TWO_BIT ";
+$bits2="SIXTY_FOUR_BIT ";
+
+# -DB_ENDIAN slows things down on a sparc
+
+#config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
+# des_asm:bf_asm
+%table=(
+#"b", "$tcc:$tflags:$tlib:$bits1:$tbn_mul::",
+#"bl-4c-2c", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
+#"bl-4c-ri", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
+#"b2-is-ri-dp", "$tcc:$tflags:$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
+
+# A few of my development configs
+"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
+"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"dist", "cc:-O -DNOPROTO::::",
+
+# Basic configs that should work on any box
+"gcc", "gcc:-O3::BN_LLONG:::",
+"cc", "cc:-O -DNOPROTO -DNOCONST:::::",
+
+# My solaris setups
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\
+ -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\
+ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+# DO NOT use /xO[34] on sparc with SC3.0.
+# It is broken, and will not pass the tests
+"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
+ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL BF_PTR:asm/sparc.o::",
+# SC4.0 is ok, better than gcc, except for the bignum stuff.
+# -fast slows things like DES down quite a lot
+"solaris-sparc-sc4","cc:-xO5 -Xa -DB_ENDIAN:-lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+"solaris-usparc-sc4","cc:-xtarget=ultra -xarch=v8plus -Xa -xO5 -DB_ENDIAN:\
+ -lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+
+# Sunos configs, assuming sparc for the gcc one.
+"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::DES_UNROLL:::",
+"sunos-gcc","gcc:-O3 -mv8::BN_LLONG RC4_CHAR DES_UNROLL DES_PTR DES_RISC1:::",
+
+# SGI configurations. If the box is rather old (r3000 cpu), you will
+# probably have to remove the '-mips2' flag. I've only been using
+# IRIX 5.[23].
+#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::",
+"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
+"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::",
+"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
+
+# HPUX config. I've been building on HPUX 9, so the options may be
+# different on version 10. The pa-risc2.o assember file is 2 times
+# faster than the old asm/pa-risc.o version but it may not run on old
+# PA-RISC CPUs. If you have problems, swap back to the old one.
+# Both were generated by gcc, so use the C version with the PA-RISC specific
+# options turned on if you are using gcc.
+"hpux-cc", "cc:-DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive::DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o::",
+"hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
+"hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+
+# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with
+# the new compiler
+"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+
+# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+# x86-lnx.o file file since it is hand tweaked assembler.
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+"FreeBSD", "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+#"bsdi-gcc", "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::",
+#"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o",
+"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::",
+"nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+
+# UnixWare 2.0
+"unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+
+# IBM's AIX.
+"aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+"aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+
+# DGUX, 88100.
+"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+
+# SCO 5
+"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
+
+# Sinix RM400
+"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
+
+# Windows NT, Microsoft Visual C++ 4.0
+
+# hmm... bug in perl under NT, I need to concatinate :-(
+"VC-NT","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN32","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN16","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-W31-16","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+"VC-W31-32","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-MSDOS","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+
+# Borland C++ 4.5
+"BC-32","bcc32:::DES_PTR RC4_INDEX:::",
+"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+);
+
+$postfix="org";
+$Makefile="Makefile.ssl";
+$des_locl="crypto/des/des_locl.h";
+$des ="crypto/des/des.h";
+$bn ="crypto/bn/bn.h";
+$md2 ="crypto/md/md2.h";
+$rc4 ="crypto/rc4/rc4.h";
+$rc4_enc="crypto/rc4/rc4_enc.c";
+$idea ="crypto/idea/idea.h";
+$rc2 ="crypto/rc2/rc2.h";
+$bf ="crypto/bf/bf_locl.h";
+$bn_mulw="bn_mulw.o";
+$des_enc="des_enc.o fcrypt_b.o";
+$bf_enc ="bf_enc.o";
+
+if ($#ARGV < 0)
+ {
+ &bad_target;
+ exit(1);
+ }
+
+$flags="";
+foreach (@ARGV)
+ {
+ if ($_ =~ /^-/)
+ {
+ if ($_ =~ /^-[lL](.*)$/)
+ {
+ $libs.=$_." ";
+ }
+ elsif ($_ =~ /^-D(.*)$/)
+ {
+ $flags.=$_." ";
+ }
+ else
+ {
+ die "unknown options, only -Dxxx, -Lxxx -lxxx supported\n";
+ }
+ }
+ else
+ {
+ die "target already defined - $target\n" if ($target ne "");
+ $target=$_;
+ if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+ }
+ }
+
+if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)=
+ split(/\s*:\s*/,$table{$target});
+$cflags="$flags$cflags" if ($flags ne "");
+$lflags="$libs$lflags"if ($libs ne "");
+
+$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+
+$n=&file_new($Makefile);
+open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
+open(OUT,">".$n) || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ chop;
+ s/^CC=.*$/CC= $cc/;
+ s/^CFLAG=.*$/CFLAG= $cflags/;
+ s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+ s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
+ s/^DES_ENC=.*$/DES_ENC= $des_obj/;
+ s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+ print OUT $_."\n";
+ }
+close(IN);
+close(OUT);
+&Rename($Makefile,&file_old($Makefile));
+&Rename($n,$Makefile);
+print "CC =$cc\n";
+print "CFLAG =$cflags\n";
+print "EX_LIBS=$lflags\n";
+print "BN_MULW=$bn_obj\n";
+print "DES_ENC=$des_obj\n";
+print "BF_ENC =$bf_obj\n";
+
+$des_ptr=0;
+$des_risc1=0;
+$des_risc2=0;
+$des_unroll=0;
+$bn_ll=0;
+$def_int=2;
+$rc4_int=$def_int;
+$md2_int=$def_int;
+$idea_int=$def_int;
+$rc2_int=$def_int;
+$rc4_idx=0;
+$bf_ptr=0;
+@type=("char","short","int","long");
+($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
+
+foreach (sort split(/\s+/,$bn_ops))
+ {
+ $des_ptr=1 if /DES_PTR/;
+ $des_risc1=1 if /DES_RISC1/;
+ $des_risc2=1 if /DES_RISC2/;
+ $des_unroll=1 if /DES_UNROLL/;
+ $des_int=1 if /DES_INT/;
+ $bn_ll=1 if /BN_LLONG/;
+ $rc4_int=0 if /RC4_CHAR/;
+ $rc4_int=3 if /RC4_LONG/;
+ $rc4_idx=1 if /RC4_INDEX/;
+ $md2_int=0 if /MD2_CHAR/;
+ $md2_int=3 if /MD2_LONG/;
+ $idea_int=1 if /IDEA_SHORT/;
+ $idea_int=3 if /IDEA_LONG/;
+ $rc2_int=1 if /RC2_SHORT/;
+ $rc2_int=3 if /RC2_LONG/;
+ $bf_ptr=1 if $_ eq "BF_PTR";
+ $bf_ptr=2 if $_ eq "BF_PTR2";
+ ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
+ }
+
+(($in=$bn) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bn);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
+ { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
+ { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
+ { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
+ { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
+ { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
+ { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bn,&file_old($bn));
+&Rename($n,$bn);
+
+(($in=$des) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des);
+open(IN,"<".$in) || die "unable to read $des:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#define\s+DES_LONG\s+.*/)
+ { printf OUT "#define DES_LONG unsigned %s\n",
+ ($des_int)?'int':'long'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des,&file_old($des));
+&Rename($n,$des);
+
+(($in=$des_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des_locl);
+open(IN,"<".$in) || die "unable to read $des_locl:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#(define|undef)\s+DES_PTR/)
+ { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC1/)
+ { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC2/)
+ { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_UNROLL/)
+ { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des_locl,&file_old($des_locl));
+&Rename($n,$des_locl);
+
+(($in=$rc4) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4);
+open(IN,"<".$in) || die "unable to read $rc4:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC4_INT\s/)
+ { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4,&file_old($rc4));
+&Rename($n,$rc4);
+
+(($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_enc);
+open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+RC4_INDEX/)
+ { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4_enc,&file_old($rc4_enc));
+&Rename($n,$rc4_enc);
+
+(($in=$md2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($md2);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+MD2_INT\s/)
+ { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($md2,&file_old($md2));
+&Rename($n,$md2);
+
+(($in=$idea) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($idea);
+open(IN,"<".$in) || die "unable to read $idea:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+IDEA_INT\s/)
+ {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($idea,&file_old($idea));
+&Rename($n,$idea);
+
+(($in=$rc2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc2);
+open(IN,"<".$in) || die "unable to read $rc2:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC2_INT\s/)
+ {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc2,&file_old($rc2));
+&Rename($n,$rc2);
+
+(($in=$bf) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bf);
+open(IN,"<".$in) || die "unable to read $bf:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#(define|undef)\s+BF_PTR/)
+ {
+ printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
+ printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
+ printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
+ }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bf,&file_old($bf));
+&Rename($n,$bf);
+
+print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
+print "SIXTY_FOUR_BIT mode\n" if $b64;
+print "THIRTY_TWO_BIT mode\n" if $b32;
+print "SIXTEEN_BIT mode\n" if $b16;
+print "EIGHT_BIT mode\n" if $b8;
+print "DES_PTR used\n" if $des_ptr;
+print "DES_RISC1 used\n" if $des_risc1;
+print "DES_RISC2 used\n" if $des_risc2;
+print "DES_UNROLL used\n" if $des_unroll;
+print "DES_INT used\n" if $des_int;
+print "BN_LLONG mode\n" if $bn_ll;
+print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
+print "RC4_INDEX mode\n" if $rc4_idx;
+print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
+print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
+print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
+print "BF_PTR used\n" if $bf_ptr == 1;
+print "BF_PTR2 used\n" if $bf_ptr == 2;
+exit(0);
+
+sub bad_target
+ {
+ print STDERR "Usage: Configure [-Dxxx] [-Lxxx] [-lxxx] os/compiler\n";
+ print STDERR "pick os/compiler from:";
+ $j=0;
+ foreach $i (sort keys %table)
+ {
+ next if /^b-/;
+ print STDERR "\n" if ($j++ % 4) == 0;
+ printf(STDERR "%-18s ",$i);
+ }
+ print STDERR "\n";
+ }
+
+sub Rename
+ {
+ local($from,$to)=@_;
+
+ unlink($to);
+ rename($from,$to) || die "unable to rename $from to $to:$!\n";
+ }
+
+sub file_new { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.new/; $a; }
+sub file_old { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.old/; $a; }
--- /dev/null
+SSLeay 0.8.1 released.
+
+19-Jul-97
+ - Server side initated dynamic renegotiation is broken. I will fix
+ it when I get back from holidays.
+
+15-Jul-97
+ - Quite a few small changes.
+ - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
+
+09-Jul-97
+ - Added 2 new values to the SSL info callback.
+ SSL_CB_START which is passed when the SSL protocol is started
+ and SSL_CB_DONE when it has finished sucsessfully.
+
+08-Jul-97
+ - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
+ that related to DSA public/private keys.
+ - Added all the relevent PEM and normal IO functions to support
+ reading and writing RSAPublic keys.
+ - Changed makefiles to use ${AR} instead of 'ar r'
+
+07-Jul-97
+ - Error in ERR_remove_state() that would leave a dangling reference
+ to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
+ - s_client now prints the X509_NAMEs passed from the server
+ when requesting a client cert.
+ - Added a ssl->type, which is one of SSL_ST_CONNECT or
+ SSL_ST_ACCEPT. I had to add it so I could tell if I was
+ a connect or an accept after the handshake had finished.
+ - SSL_get_client_CA_list(SSL *s) now returns the CA names
+ passed by the server if called by a client side SSL.
+
+05-Jul-97
+ - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
+ 0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com).
+
+04-Jul-97
+ - Fixed some things in X509_NAME_add_entry(), thanks to
+ Matthew Donald <matthew@world.net>.
+ - I had a look at the cipher section and though that it was a
+ bit confused, so I've changed it.
+ - I was not setting up the RC4-64-MD5 cipher correctly. It is
+ a MS special that appears in exported MS Money.
+ - Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3
+ spec. I was missing the two byte length header for the
+ ClientDiffieHellmanPublic value. This is a packet sent from
+ the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+ option will enable SSLeay server side SSLv3 accept either
+ the correct or my 080 packet format.
+ - Fixed a few typos in crypto/pem.org.
+
+02-Jul-97
+ - Alias mapping for EVP_get_(digest|cipher)byname is now
+ performed before a lookup for actual cipher. This means
+ that an alias can be used to 're-direct' a cipher or a
+ digest.
+ - ASN1_read_bio() had a bug that only showed up when using a
+ memory BIO. When EOF is reached in the memory BIO, it is
+ reported as a -1 with BIO_should_retry() set to true.
+
+01-Jul-97
+ - Fixed an error in X509_verify_cert() caused by my
+ miss-understanding how 'do { contine } while(0);' works.
+ Thanks to Emil Sit <sit@mit.edu> for educating me :-)
+
+30-Jun-97
+ - Base64 decoding error. If the last data line did not end with
+ a '=', sometimes extra data would be returned.
+ - Another 'cut and paste' bug in x509.c related to setting up the
+ STDout BIO.
+
+27-Jun-97
+ - apps/ciphers.c was not printing due to an editing error.
+ - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
+ a library build error in util/mk1mf.pl
+
+26-Jun-97
+ - Still did not have the auto 'experimental' code removal
+ script correct.
+ - A few header tweaks for Watcom 11.0 under Win32 from
+ Rolf Lindemann <Lindemann@maz-hh.de>
+ - 0 length OCTET_STRING bug in asn1_parse
+ - A minor fix with an non-existent function in the MS .def files.
+ - A few changes to the PKCS7 stuff.
+
+25-Jun-97
+ SSLeay 0.8.0 finally it gets released.
+
+24-Jun-97
+ Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
+ use a temporary RSA key. This is experimental and needs some more work.
+ Fixed a few Win16 build problems.
+
+23-Jun-97
+ SSLv3 bug. I was not doing the 'lookup' of the CERT structure
+ correctly. I was taking the SSL->ctx->default_cert when I should
+ have been using SSL->cert. The bug was in ssl/s3_srvr.c
+
+20-Jun-97
+ X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
+ rest of the library. Even though I had the code required to do
+ it correctly, apps/req.c was doing the wrong thing. I have fixed
+ and tested everything.
+
+ Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
+
+19-Jun-97
+ Fixed a bug in the SSLv2 server side first packet handling. When
+ using the non-blocking test BIO, the ssl->s2->first_packet flag
+ was being reset when a would-block failure occurred when reading
+ the first 5 bytes of the first packet. This caused the checking
+ logic to run at the wrong time and cause an error.
+
+ Fixed a problem with specifying cipher. If RC4-MD5 were used,
+ only the SSLv3 version would be picked up. Now this will pick
+ up both SSLv2 and SSLv3 versions. This required changing the
+ SSL_CIPHER->mask values so that they only mask the ciphers,
+ digests, authentication, export type and key-exchange algorithms.
+
+ I found that when a SSLv23 session is established, a reused
+ session, of type SSLv3 was attempting to write the SSLv2
+ ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char
+ method has been modified so it will only write out cipher which
+ that method knows about.
+
--- /dev/null
+SSLeay 0.6.5
+
+After quite some time (3 months), the new release. I have been very busy
+for the last few months and so this is mostly bug fixes and improvments.
+
+The main additions are
+
+- assember for x86 DES. For all those gcc based systems, this is a big
+ improvement. From 117,000 DES operation a second on a pentium 100,
+ I now get 191,000. I have also reworked the C version so it
+ now gives 148,000 DESs per second.
+- As mentioned above, the inner DES macros now have some more variant that
+ sometimes help, sometimes hinder performance. There are now 3 options
+ DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
+ and DES_RISC (a more register intensive version of the inner macro).
+ The crypto/des/des_opts.c program, when compiled and run, will give
+ an indication of the correct options to use.
+- The BIO stuff has been improved. Read doc/bio.doc. There are now
+ modules for encryption and base64 encoding and a BIO_printf() function.
+- The CA program will accept simple one line X509v3 extensions in the
+ ssleay.cnf file. Have a look at the example. Currently this just
+ puts the text into the certificate as an OCTET_STRING so currently
+ the more advanced X509v3 data types are not handled but this is enough
+ for the netscape extensions.
+- There is the start of a nicer higher level interface to the X509
+ strucutre.
+- Quite a lot of bug fixes.
+- CRYPTO_malloc_init() (or CRYPTO_set_mem_functions()) can be used
+ to define the malloc(), free() and realloc() routines to use
+ (look in crypto/crypto.h). This is mostly needed for Windows NT/95 when
+ using DLLs and mixing CRT libraries.
+
+In general, read the 'VERSION' file for changes and be aware that some of
+the new stuff may not have been tested quite enough yet, so don't just plonk
+in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
+
+SSLeay 0.6.4 30/08/96 eay
+
+I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
+Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
+
+The main changes in this release
+
+- Thread safe. have a read of doc/threads.doc and play in the mt directory.
+ For anyone using 0.6.3 with threads, I found 2 major errors so consider
+ moving to 0.6.4. I have a test program that builds under NT and
+ solaris.
+- The get session-id callback has changed. Have a read of doc/callback.doc.
+- The X509_cert_verify callback (the SSL_verify callback) now
+ has another argument. Have a read of doc/callback.doc
+- 'ca -preserve', sign without re-ordering the DN. Not tested much.
+- VMS support.
+- Compile time memory leak detection can now be built into SSLeay.
+ Read doc/memory.doc
+- CONF routines now understand '\', '\n', '\r' etc. What this means is that
+ the SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
+- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
+- RC2 key setup is now compatable with Netscape.
+- Modifed server side of SSL implementation, big performance difference when
+ using session-id reuse.
+
+0.6.3
+
+Bug fixes and the addition of some nice stuff to the 'ca' program.
+Have a read of doc/ns-ca.doc for how hit has been modified so
+it can be driven from a CGI script. The CGI script is not provided,
+but that is just being left as an excersize for the reader :-).
+
+0.6.2
+
+This is most bug fixes and functionality improvements.
+
+Additions are
+- More thread debugging patches, the thread stuff is still being
+ tested, but for those keep to play with stuff, have a look in
+ crypto/cryptlib.c. The application needs to define 1 (or optionaly
+ a second) callback that is used to implement locking. Compiling
+ with LOCK_DEBUG spits out lots of locking crud :-).
+ This is what I'm currently working on.
+- SSL_CTX_set_default_passwd_cb() can be used to define the callback
+ function used in the SSL*_file() functions used to load keys. I was
+ always of the opinion that people should call
+ PEM_read_RSAPrivateKey() and pass the callback they want to use, but
+ it appears they just want to use the SSL_*_file() function() :-(.
+- 'enc' now has a -kfile so a key can be read from a file. This is
+ mostly used so that the passwd does not appear when using 'ps',
+ which appears imposible to stop under solaris.
+- X509v3 certificates now work correctly. I even have more examples
+ in my tests :-). There is now a X509_EXTENSION type that is used in
+ X509v3 certificates and CRLv2.
+- Fixed that signature type error :-(
+- Fixed quite a few potential memory leaks and problems when reusing
+ X509, CRL and REQ structures.
+- EVP_set_pw_prompt() now sets the library wide default password
+ prompt.
+- The 'pkcs7' command will now, given the -print_certs flag, output in
+ pem format, all certificates and CRL contained within. This is more
+ of a pre-emtive thing for the new verisign distribution method. I
+ should also note, that this also gives and example in code, of how
+ to do this :-), or for that matter, what is involved in going the
+ other way (list of certs and crl -> pkcs7).
+- Added RSA's DESX to the DES library. It is also available via the
+ EVP_desx_cbc() method and via 'enc desx'.
+
+SSLeay 0.6.1
+
+The main functional changes since 0.6.0 are as follows
+- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
+ that from now on, I'll keep the .def numbers the same so they will be.
+- RSA private key operations are about 2 times faster that 0.6.0
+- The SSL_CTX now has more fields so default values can be put against
+ it. When an SSL structure is created, these default values are used
+ but can be overwritten. There are defaults for cipher, certificate,
+ private key, verify mode and callback. This means SSL session
+ creation can now be
+ ssl=SSL_new()
+ SSL_set_fd(ssl,sock);
+ SSL_accept(ssl)
+ ....
+ All the other uglyness with having to keep a global copy of the
+ private key and certificate/verify mode in the server is now gone.
+- ssl/ssltest.c - one process talking SSL to its self for testing.
+- Storage of Session-id's can be controled via a session_cache_mode
+ flag. There is also now an automatic default flushing of
+ old session-id's.
+- The X509_cert_verify() function now has another parameter, this
+ should not effect most people but it now means that the reason for
+ the failure to verify is now available via SSL_get_verify_result(ssl).
+ You don't have to use a global variable.
+- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
+ application data against the SSL structure. It is upto the application
+ to free the data. I don't use it, but it is available.
+- SSL_CTX_set_cert_verify_callback() can be used to specify a
+ verify callback function that completly replaces my certificate
+ verification code. Xcert should be able to use this :-).
+ The callback is of the form int app_verify_callback(arg,ssl,cert).
+ This needs to be documented more.
+- I have started playing with shared library builds, have a look in
+ the shlib directory. It is very simple. If you need a numbered
+ list of functions, have a look at misc/crypto.num and misc/ssl.num.
+- There is some stuff to do locking to make the library thread safe.
+ I have only started this stuff and have not finished. If anyone is
+ keen to do so, please send me the patches when finished.
+
+So I have finally made most of the additions to the SSL interface that
+I thought were needed.
+
+There will probably be a pause before I make any non-bug/documentation
+related changes to SSLeay since I'm feeling like a bit of a break.
+
+eric - 12 Jul 1996
+I saw recently a comment by some-one that we now seem to be entering
+the age of perpetual Beta software.
+Pioneered by packages like linux but refined to an art form by
+netscape.
+
+I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
+
+There are quite a large number of sections that are 'works in
+progress' in this package. I will also list the major changes and
+what files you should read.
+
+BIO - this is the new IO structure being used everywhere in SSLeay. I
+started out developing this because of microsoft, I wanted a mechanism
+to callback to the application for all IO, so Windows 3.1 DLL
+perversion could be hidden from me and the 15 different ways to write
+to a file under NT would also not be dictated by me at library build
+time. What the 'package' is is an API for a data structure containing
+functions. IO interfaces can be written to conform to the
+specification. This in not intended to hide the underlying data type
+from the application, but to hide it from SSLeay :-).
+I have only really finished testing the FILE * and socket/fd modules.
+There are also 'filter' BIO's. Currently I have only implemented
+message digests, and it is in use in the dgst application. This
+functionality will allow base64/encrypto/buffering modules to be
+'push' into a BIO without it affecting the semantics. I'm also
+working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
+from an event loop which uses the interface.
+It is also possible to 'attach' callbacks to a BIO so they get called
+before and after each operation, alowing extensive debug output
+to be generated (try running dgst with -d).
+
+Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
+functions that used to take FILE *, now take BIO *.
+The wrappers are easy to write
+
+function_fp(fp,x)
+FILE *fp;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL) error.....
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=function_bio(b,x);
+ BIO_free(b);
+ return(ret);
+ }
+Remember, there are no functions that take FILE * in SSLeay when
+compiled for Windows 3.1 DLL's.
+
+--
+I have added a general EVP_PKEY type that can hold a public/private
+key. This is now what is used by the EVP_ functions and is passed
+around internally. I still have not done the PKCS#8 stuff, but
+X509_PKEY is defined and waiting :-)
+
+--
+For a full function name listings, have a look at ms/crypt32.def and
+ms/ssl32.def. These are auto-generated but are complete.
+Things like ASN1_INTEGER_get() have been added and are in here if you
+look. I have renamed a few things, again, have a look through the
+function list and you will probably find what you are after. I intend
+to at least put a one line descrition for each one.....
+
+--
+Microsoft - thats what this release is about, read the MICROSOFT file.
+
+--
+Multi-threading support. I have started hunting through the code and
+flaging where things need to be done. In a state of work but high on
+the list.
+
+--
+For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
+be be you random data device, otherwise 'RFILE' in e_os.h
+will be used, in your home directory. It will be updated
+periodically. The environment variable RANDFILE will override this
+choice and read/write to that file instead. DEVRANDOM is used in
+conjunction to the RFILE/RANDFILE. If you wish to 'seed' the random
+number generator, pick on one of these files.
+
+--
+
+The list of things to read and do
+
+dgst -d
+s_client -state (this uses a callback placed in the SSL state loop and
+ will be used else-where to help debug/monitor what
+ is happening.)
+
+doc/why.doc
+doc/bio.doc <- hmmm, needs lots of work.
+doc/bss_file.doc <- one that is working :-)
+doc/session.doc <- it has changed
+doc/speed.doc
+ also play with ssleay version -a. I have now added a SSLeay()
+ function that returns a version number, eg 0600 for this release
+ which is primarily to be used to check DLL version against the
+ application.
+util/* Quite a few will not interest people, but some may, like
+ mk1mf.pl, mkdef.pl,
+util/do_ms.sh
+
+try
+cc -Iinclude -Icrypto -c crypto/crypto.c
+cc -Iinclude -Issl -c ssl/ssl.c
+You have just built the SSLeay libraries as 2 object files :-)
+
+Have a general rummage around in the bin stall directory and look at
+what is in there, like CA.sh and c_rehash
+
+There are lots more things but it is 12:30am on a Friday night and I'm
+heading home :-).
+
+eric 22-Jun-1996
+This version has quite a few major bug fixes and improvements. It DOES NOT
+do SSLv3 yet.
+
+The main things changed
+- A Few days ago I added the s_mult application to ssleay which is
+ a demo of an SSL server running in an event loop type thing.
+ It supports non-blocking IO, I have finally gotten it right, SSL_accept()
+ can operate in non-blocking IO mode, look at the code to see how :-).
+ Have a read of doc/s_mult as well. This program leaks memory and
+ file descriptors everywhere but I have not cleaned it up yet.
+ This is a demo of how to do non-blocking IO.
+- The SSL session management has been 'worked over' and there is now
+ quite an expansive set of functions to manipulate them. Have a read of
+ doc/session.doc for some-things I quickly whipped up about how it now works.
+ This assume you know the SSLv2 protocol :-)
+- I can now read/write the netscape certificate format, use the
+ -inform/-outform 'net' options to the x509 command. I have not put support
+ for this type in the other demo programs, but it would be easy to add.
+- asn1parse and 'enc' have been modified so that when reading base64
+ encoded files (pem format), they do not require '-----BEGIN' header lines.
+ The 'enc' program had a buffering bug fixed, it can be used as a general
+ base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
+ respecivly. Leaving out the '-a' flag in this case makes the 'enc' command
+ into a form of 'cat'.
+- The 'x509' and 'req' programs have been fixed and modified a little so
+ that they generate self-signed certificates correctly. The test
+ script actually generates a 'CA' certificate and then 'signs' a
+ 'user' certificate. Have a look at this shell script (test/sstest)
+ to see how things work, it tests most possible combinations of what can
+ be done.
+- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
+ of SSL_set_cipher_list() is now the correct API (stops confusion :-).
+ If this function is used in the client, only the specified ciphers can
+ be used, with preference given to the order the ciphers were listed.
+ For the server, if this is used, only the specified ciphers will be used
+ to accept connections. If this 'option' is not used, a default set of
+ ciphers will be used. The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
+ list for all ciphers started against the SSL_CTX. So the order is
+ SSL cipher_list, if not present, SSL_CTX cipher list, if not
+ present, then the library default.
+ What this means is that normally ciphers like
+ NULL-MD5 will never be used. The only way this cipher can be used
+ for both ends to specify to use it.
+ To enable or disable ciphers in the library at build time, modify the
+ first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
+ This file also contains the 'pref_cipher' list which is the default
+ cipher preference order.
+- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
+ options work. They should, and they enable loading and writing the
+ netscape rsa private key format. I will be re-working this section of
+ SSLeay for the next version. What is currently in place is a quick and
+ dirty hack.
+- I've re-written parts of the bignum library. This gives speedups
+ for all platforms. I now provide assembler for use under Windows NT.
+ I have not tested the Windows 3.1 assembler but it is quite simple code.
+ This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
+ and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
+ Basically the times available under linux/solaris x86 can be achieve under
+ Windows NT. I still don't know how these times compare to RSA's BSAFE
+ library but I have been emailing with people and with their help, I should
+ be able to get my library's quite a bit faster still (more algorithm changes).
+ The object file crypto/bn/asm/x86-32.obj should be used when linking
+ under NT.
+- 'make makefile.one' in the top directory will generate a single makefile
+ called 'makefile.one' This makefile contains no perl references and
+ will build the SSLeay library into the 'tmp' and 'out' directories.
+ util/mk1mf.pl >makefile.one is how this makefile is
+ generated. The mk1mf.pl command take several option to generate the
+ makefile for use with cc, gcc, Visual C++ and Borland C++. This is
+ still under development. I have only build .lib's for NT and MSDOS
+ I will be working on this more. I still need to play with the
+ correct compiler setups for these compilers and add some more stuff but
+ basically if you just want to compile the library
+ on a 'non-unix' platform, this is a very very good file to start with :-).
+ Have a look in the 'microsoft' directory for my current makefiles.
+ I have not yet modified things to link with sockets under Windows NT.
+ You guys should be able to do this since this is actually outside of the
+ SSLeay scope :-). I will be doing it for myself soon.
+ util/mk1mf.pl takes quite a few options including no-rc, rsaref and no-sock
+ to build without RC2/RC4, to require RSAref for linking, and to
+ build with no socket code.
+
+- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
+ that was posted to sci.crypt has been added to the library and SSL.
+ I take the view that if RC2 is going to be included in a standard,
+ I'll include the cipher to make my package complete.
+ There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
+ at compile time. I have not tested this recently but it should all work
+ and if you are in the USA and don't want RSA threatening to sue you,
+ you could probably remove the RC4/RC2 code inside these sections.
+ I may in the future include a perl script that does this code
+ removal automatically for those in the USA :-).
+- I have removed all references to sed in the makefiles. So basically,
+ the development environment requires perl and sh. The build environment
+ does not (use the makefile.one makefile).
+ The Configure script still requires perl, this will probably stay that way
+ since I have perl for Windows NT :-).
+
+eric (03-May-1996)
+
+PS Have a look in the VERSION file for more details on the changes and
+ bug fixes.
+I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
+things up. This version will be quite stable, mostly because I'm on
+holidays until 10-March-1996. For any problems in the interum, send email
+to Tim Hudson <tjh@mincom.oz.au>.
+
+SSLeay 0.5.0
+
+12-12-95
+This is going out before it should really be released.
+
+I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
+this for 11 weeks or get things out. It is still going to change a
+lot in the next week so if you do grab this version, please test and
+give me feed back ASAP, inculuding questions on how to do things with
+the library. This will prompt me to write documentation so I don't
+have to answer the same question again :-).
+
+This 'pre' release version is for people who are interested in the
+library. The applications will have to be changed to use
+the new version of the SSL interface. I intend to finish more
+documentation before I leave but until then, look at the programs in
+the apps directory. As far as code goes, it is much much nicer than
+the old version.
+
+The current library works, has no memory leaks (as far as I can tell)
+and is far more bug free that 0.4.5d. There are no global variable of
+consequence (I believe) and I will produce some documentation that
+tell where to look for those people that do want to do multi-threaded
+stuff.
+
+There should be more documentation. Have a look in the
+doc directory. I'll be adding more before I leave, it is a start
+by mostly documents the crypto library. Tim Hudson will update
+the web page ASAP. The spelling and grammar are crap but
+it is better than nothing :-)
+
+Reasons to start playing with version 0.5.0
+- All the programs in the apps directory build into one ssleay binary.
+- There is a new version of the 'req' program that generates certificate
+ requests, there is even documentation for this one :-)
+- There is a demo certification authorithy program. Currently it will
+ look at the simple database and update it. It will generate CRL from
+ the data base. You need to edit the database by hand to revoke a
+ certificate, it is my aim to use perl5/Tk but I don't have time to do
+ this right now. It will generate the certificates but the management
+ scripts still need to be written. This is not a hard task.
+- Things have been cleaned up alot.
+- Have a look at the enc and dgst programs in the apps directory.
+- It supports v3 of x509 certiticates.
+
+
+Major things missing.
+- I have been working on (and thinging about) the distributed x509
+ hierachy problem. I have not had time to put my solution in place.
+ It will have to wait until I come back.
+- I have not put in CRL checking in the certificate verification but
+ it would not be hard to do. I was waiting until I could generate my
+ own CRL (which has only been in the last week) and I don't have time
+ to put it in correctly.
+- Montgomery multiplication need to be implemented. I know the
+ algorithm, just ran out of time.
+- PKCS#7. I can load and write the DER version. I need to re-work
+ things to support BER (if that means nothing, read the ASN1 spec :-).
+- Testing of the higher level digital envelope routines. I have not
+ played with the *_seal() and *_open() type functions. They are
+ written but need testing. The *_sign() and *_verify() functions are
+ rock solid.
+- PEM. Doing this and PKCS#7 have been dependant on the distributed
+ x509 heirachy problem. I started implementing my ideas, got
+ distracted writing a CA program and then ran out of time. I provide
+ the functionality of RSAref at least.
+- Re work the asm. code for the x86. I've changed by low level bignum
+ interface again, so I really need to tweak the x86 stuff. gcc is
+ good enough for the other boxes.
+
--- /dev/null
+# Installation of SSLeay.
+# It depends on perl for a few bits but those steps can be skipped and
+# the top level makefile edited by hand
+
+# When bringing the SSLeay distribution back from the evil intel world
+# of Windows NT, do the following to make it nice again under unix :-)
+# You don't normally need to run this.
+sh util/fixNT.sh # This only works for NT now - eay - 21-Jun-1996
+
+# If you have perl, and it is not in /usr/local/bin, you can run
+perl util/perlpath.pl /new/path
+# and this will fix the paths in all the scripts. DO NOT put
+# /new/path/perl, just /new/path. The build
+# environment always run scripts as 'perl perlscript.pl' but some of the
+# 'applications' are easier to usr with the path fixed.
+
+# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl
+# to set the install locations if you don't like
+# the default location of /usr/local/ssl
+# Do this by running
+perl util/ssldir.pl /new/ssl/home
+# if you have perl, or by hand if not.
+
+# If things have been stuffed up with the sym links, run
+make -f Makefile.ssl links
+# This will re-populate lib/include with symlinks and for each
+# directory, link Makefile to Makefile.ssl
+
+# Setup the machine dependent stuff for the top level makefile
+# and some select .h files
+# If you don't have perl, this will bomb, in which case just edit the
+# top level Makefile.ssl
+./Configure 'system type'
+
+# The 'Configure' command contains default configuration parameters
+# for lots of machines. Configure edits 5 lines in the top level Makefile
+# It modifies the following values in the following files
+Makefile.ssl CC CFLAG EX_LIBS BN_MULW
+crypto/des/des.h DES_LONG
+crypto/des/des_locl.h DES_PTR
+crypto/md/md2.h MD2_INT
+crypto/rc4/rc4.h RC4_INT
+crypto/rc4/rc4_enc.c RC4_INDEX
+crypto/rc2/rc2.h RC2_INT
+crypto/bf/bf_locl.h BF_INT
+crypto/idea/idea.h IDEA_INT
+crypto/bn/bn.h BN_LLONG (and defines one of SIXTY_FOUR_BIT,
+ SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT,
+ SIXTEEN_BIT or EIGHT_BIT)
+Please remember that all these files are actually copies of the file with
+a .org extention. So if you change crypto/des/des.h, the next time
+you run Configure, it will be runover by a 'configured' version of
+crypto/des/des.org. So to make the changer the default, change the .org
+files. The reason these files have to be edited is because most of
+these modifications change the size of fundamental data types.
+While in theory this stuff is optional, it often makes a big
+difference in performance and when using assember, it is importaint
+for the 'Bignum bits' match those required by the assember code.
+A warning for people using gcc with sparc cpu's. Gcc needs the -mv8
+flag to use the hardware multiply instruction which was not present in
+earlier versions of the sparc CPU. I define it by default. If you
+have an old sparc, and it crashes, try rebuilding with this flag
+removed. I am leaving this flag on by default because it makes
+things run 4 times faster :-)
+
+# clean out all the old stuff
+make clean
+
+# Do a make depend only if you have the makedepend command installed
+# This is not needed but it does make things nice when developing.
+make depend
+
+# make should build everything
+make
+
+# fix up the demo certificate hash directory if it has been stuffed up.
+make rehash
+
+# test everything
+make test
+
+# install the lot
+make install
+
+# It is worth noting that all the applications are built into the one
+# program, ssleay, which is then has links from the other programs
+# names to it.
+# The applicatons can be built by themselves, just don't define the
+# 'MONOLITH' flag. So to build the 'enc' program stand alone,
+gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a
+
+# Other useful make options are
+make makefile.one
+# which generate a 'makefile.one' file which will build the complete
+# SSLeay distribution with temp. files in './tmp' and 'installable' files
+# in './out'
+
+# Have a look at running
+perl util/mk1mf.pl help
+# this can be used to generate a single makefile and is about the only
+# way to generate makefiles for windows.
+
+# There is actually a final way of building SSLeay.
+gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c
+gcc -O2 -c -Issl -Iinclude ssl/ssl.c
+# and you now have the 2 libraries as single object files :-).
+# If you want to use the assember code for your particular platform
+# (DEC alpha/x86 are the main ones, the other assember is just the
+# output from gcc) you will need to link the assember with the above generated
+# object file and also do the above compile as
+gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c
+
+This last option is probably the best way to go when porting to another
+platform or building shared libraries. It is not good for development so
+I don't normally use it.
+
+To build shared libararies under unix, have a look in shlib, basically
+you are on your own, but it is quite easy and all you have to do
+is compile 2 (or 3) files.
+
+For mult-threading, have a read of doc/threads.doc. Again it is quite
+easy and normally only requires some extra callbacks to be defined
+by the application.
+The examples for solaris and windows NT/95 are in the mt directory.
+
+have fun
+
+eric 25-Jun-1997
--- /dev/null
+The Microsoft World.
+
+The good news, to build SSLeay for the Microsft World
+
+Windows 3.1 DLL's
+perl Configure VC-WIN16
+nmake -f ms\w31dll.mak
+
+Windows NT/95 DLL's
+perl Configure VC-WIN32
+nmake -f ms\ntdll.mak
+
+Now the bad news
+All builds were done using Microsofts Visual C++ 1.52c and [45].x.
+If you are a borland person, you are probably going to have to help me
+finish the stuff in util/pl/BC*pl
+
+All builds were made under Windows NT - this means long filenames, so
+you may have problems under Windows 3.1 but probably not under 95.
+
+Because file pointers don't work in DLL's under Windows 3.1 (well at
+least stdin/stdout don't and I don't like having to differentiate
+between these and other file pointers), I now use the BIO file-pointer
+module, which needs to be linked into your application. You can either
+use the memory buffer BIO for IO, or compile bss_file.c into your
+application, it is in the apps directory and is just a copy of
+crypto/buffer/bss_file.c with #define APPS_WIN16 added.
+I have not yet automated the makefile to automatically copy it into 'out'
+for a win 3.1 build....
+
+All callbacks passed into SSLeay for Windows 3.1 need to be of type
+_far _loadds.
+
+I don't support building with the pascal calling convention.
+
+The DLL and static builds are large memory model.
+
+To build static libraries for NT/95 or win 3.1
+
+perl util/mk1mf.pl VC-WIN32 > mf-stat.nt
+perl util/mk1mf.pl VC-WIN16 > mf-stat.w31
+for DLL's
+perl util/mk1mf.pl dll VC-WIN32 > mf-dll.nt
+perl util/mk1mf.pl dll VC-WIN16 > mf-dll.w31
+
+Again you will notice that if you dont have perl, you cannot do this.
+
+Now the next importaint issue. Running Configure!
+I have small assember code files for critical big number library operation
+in crypto/bn/asm. There is, asm code, object files and uuencode
+object files. They are
+x86nt32.asm - 32bit flat memory model assember - suitable Win32
+x86w16.asm - 16bit assember - used in the msdos build.
+x86w32.asm - 32bit assember, win 3.1 segments, used for win16 build.
+
+If you feel compelled to build the 16bit maths routines in the windows 3.1
+build,
+perl Configure VC-W31-16
+perl util/mk1mf.pl dll VC-W31-16 > mf-dll.w31
+
+If you hate assember and don't want anything to do with it,
+perl util/mk1mf.pl no-asm VC-WIN16 > mf-dll.w31
+will work for any of the makefile generations.
+
+There are more options to mk1mf.pl but these all leave the temporary
+files in 'tmp' and the output files in 'out' by default.
+
+The NT build is done for console mode.
+
+The Windows 3.1 version of SSLeay uses quickwin, the interface is ugly
+but it is better than nothing. If you want ugly, try doing anything
+that involves getting a password. I decided to be ugly instead of
+echoing characters. For Windows 3.1 I would just sugest using the
+msdos version of the ssleay application for command line work.
+The QuickWin build is primarily for testing.
+
+For both NT and Windows 3.1, I have not written the code so that
+s_client, s_server can take input from the keyboard. You can happily
+start applications up in separate windows, watch them handshake, and then sit
+there for-ever. I have not had the time to get this working, and I've
+been able to test things from a unix box to the NT box :-).
+Try running ssleay s_server on the windows box
+(with either -cert ../apps/server.pem -www)
+and run ssleay s_time from another window.
+This often stuffs up on Windows 3.1, but I'm not worried since this is
+probably a problem with my demo applications, not the libraries.
+
+After a build of one of the version of microsoft SSLeay,
+'cd ms' and then run 'test'. This should check everything out and
+even does a trial run of generating certificates.
+'test.bat' requires that perl be install, you be in the ms directory
+(not the test directory, thats for unix so stay out :-) and that the
+build output directory be ../out
+
+On a last note, you will probably get division by zero errors and
+stuff after a build. This is due to your own inability to follow
+instructions :-).
+
+The reasons for the problem is probably one of the following.
+
+1) You did not run Configure. This is critical for windows 3.1 when
+ using assember. The values in crypto/bn/bn.h must match the
+ ones requred for the assember code. (remember that if you
+ edit crypto/bn/bn.h by hand, it will be clobered the next time
+ you run Configure by the contents of crypto/bn/bn.org).
+ SSLeay version -o will list the compile options.
+ For VC-WIN32 you need bn(64,32) or bn(32,32)
+ For VC-W31-32/VC-WIN16 you need bn(32,32)
+ For VC-W31-16 you need bn(32,16) or bn(16,16)
+ For VC-MSDOS you need bn(32,16) or bn(16,16).
+
+ The first number will be 2 times bigger than the second if
+ BN_LLONG is defined in bn.h and the size of the second number
+ depends on the 'bits' defined at the start of bn.h. Have a
+ look, it's all reasonably clear.
+ If you want to start messing with 8 bit builds and things like
+ that, build without the assember by re-generating a makefile
+ via 'perl util/mk1mf.pl no-asm'.
+2) You tried to build under MS-DOS or Windows 3.1 using the /G3
+ option. Don't. It is buggy (thats why you just got that
+ error) and unless you want to work out which optimising flag
+ to turn off, I'm not going to help you :-). I also noticed
+ that code often ran slower when compiled with /G3.
+3) Under NT/95, malloc goes stupid. You are probably linking with
+ the wrong library, there are problems if you mix the threaded
+ and non-threaded libraries (due to the DLL being staticly
+ linked with one and the applicaion using another.
+
+Well hopefully thats most of the MS issues handled, see you in ssl-users :-).
+
+eric 30-Aug-1996
+
+SSLeay 0.6.5
+For Windows 95/NT, add CRYPTO_malloc_init() to your program before any
+calls to the SSLeay libraries. This function will insert callbacks so that
+the SSLeay libraries will use the same malloc(), free() and realloc() as
+your application so 'problem 3)' mentioned above will go away.
+
+There is now DES assember for Windows NT/95. The file is
+crypto/des/asm/win32.asm and replaces crypto/des/des_enc.c in the build.
+
+There is also Blowfish assember for Windows NT/95. The file is
+crypto/bf/asm/win32.asm and replaces crypto/bf/bf_enc.c in the build.
+
+eric 25-Jun-1997
+
--- /dev/null
+RELATIVE_DIRECTORY=.
+AR=ar r
+BASENAME=SSLeay
+BF_ENC=bf_enc.o
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-O -DNOPROTO
+DES_ENC=des_enc.o fcrypt_b.o
+DIRS=crypto ssl rsaref apps test tools
+EDIRS=times doc bugs util include certs ms shlib mt demos
+EX_HEADER=
+EX_LIBS=
+GENERAL=Makefile
+HEADER=e_os.h
+INSTALLTOP=/usr/local/ssl
+LIBS=libcrypto.a libssl.a
+MAKE=make -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MAN1=1
+MAN3=3
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
+NAME=SSLeay-0.8.1
+ONEDIRS=out tmp
+PEX_LIBS=-L. -L.. -L../.. -L../../..
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHELL=/bin/sh
+TARFILE=SSLeay-0.8.1.tar
+TOP=.
+VERSION=0.8.1
+WDIRS=windows
+WTARFILE=SSLeay-0.8.1-win.tar
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto
+ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
+DIR=crypto
+EXHEADER=crypto.h cryptall.h
+EX_LIBS=
+GENERAL=Makefile README
+HEADER=cryptlib.h date.h crypto.h cryptall.h
+INCLUDE=-I. -I../include
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libcrypto.a
+LIBOBJ=cryptlib.o mem.o cversion.o
+LIBS=
+LIBSRC=cryptlib.c mem.c cversion.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+RM=/bin/rm -f
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md
+ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=md
+EXHEADER=md2.h md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md2.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
+LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+TEST=md2test.c md5test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/sha
+ALL=Makefile sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha_locl.h sha.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=sha
+EXHEADER=sha.h
+GENERAL=Makefile
+HEADER=sha_locl.h sha.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+TEST=shatest.c sha1test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/mdc2
+ALL=Makefile mdc2dgst.c mdc2_one.c mdc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=mdc2
+EXHEADER=mdc2.h
+GENERAL=Makefile
+HEADER=mdc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=mdc2dgst.o mdc2_one.o
+LIBSRC=mdc2dgst.c mdc2_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=mdc2dgst.c mdc2_one.c
+TEST=mdc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/des
+ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DES_ENC=des_enc.o fcrypt_b.o
+DIR=des
+EXHEADER=des.h
+GENERAL=Makefile des.org des_locl.org
+HEADER=des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+TEST=destest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc4
+ALL=Makefile rc4_enc.c rc4.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc4
+EXHEADER=rc4.h
+GENERAL=Makefile
+HEADER=rc4.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc4_enc.o
+LIBSRC=rc4_enc.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc4_enc.c
+TEST=rc4test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/idea
+ALL=Makefile i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c idea_lcl.h idea.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=idea
+EXHEADER=idea.h
+GENERAL=Makefile
+HEADER=idea_lcl.h idea.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+TEST=ideatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bf
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+APPS=
+AR=ar r
+BF_ENC=bf_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=bf
+EXHEADER=blowfish.h
+GENERAL=Makefile
+HEADER=bf_pi.h bf_locl.h blowfish.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+TEST=bftest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bn
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+APPS=
+AR=ar r
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bn
+ERR=bn
+ERRC=bn_err
+EXHEADER=bn.h
+GENERAL=Makefile
+HEADER=bn_lcl.h bn_prime.h bn.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+TEST=bntest.c exptest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rsa
+ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=rsa
+ERR=rsa
+ERRC=rsa_err
+EXHEADER=rsa.h
+GENERAL=Makefile
+HEADER=rsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
+LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dsa
+ALL=Makefile dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c dsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dsa
+ERR=dsa
+ERRC=dsa_err
+EXHEADER=dsa.h
+GENERAL=Makefile
+HEADER=dsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o dsa_err.o
+LIBSRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+TEST=dsatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dh
+ALL=Makefile dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dh
+ERR=dh
+ERRC=dh_err
+EXHEADER=dh.h
+GENERAL=Makefile
+HEADER=dh.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+LIBSRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+TEST=dhtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/buffer
+ALL=Makefile buffer.c buf_err.c buffer.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=buffer
+ERR=buffer
+ERRC=buf_err
+EXHEADER=buffer.h
+GENERAL=Makefile
+HEADER=buffer.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=buffer.o buf_err.o
+LIBSRC=buffer.c buf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=buffer.c buf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bio
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bio
+ERR=bio
+ERRC=bio_err
+EXHEADER=bio.h
+GENERAL=Makefile
+HEADER=bio.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/stack
+ALL=Makefile stack.c stack.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=stack
+EXHEADER=stack.h
+GENERAL=Makefile
+HEADER=stack.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=stack.o
+LIBSRC=stack.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=stack.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/lhash
+ALL=Makefile lhash.c lh_stats.c lhash.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=lhash
+EXHEADER=lhash.h
+GENERAL=Makefile
+HEADER=lhash.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=lhash.o lh_stats.o
+LIBSRC=lhash.c lh_stats.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=lhash.c lh_stats.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rand
+ALL=Makefile md_rand.c randfile.c rand.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rand
+EXHEADER=rand.h
+GENERAL=Makefile
+HEADER=rand.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md_rand.o randfile.o
+LIBSRC=md_rand.c randfile.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md_rand.c randfile.c
+TEST=randtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/err
+ALL=Makefile err.c err_all.c err_prn.c err.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=error
+EXHEADER=err.h
+GENERAL=Makefile
+HEADER=err.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=err.o err_all.o err_prn.o
+LIBSRC=err.c err_all.c err_prn.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=err.c err_all.c err_prn.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/objects
+ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=objects
+ERR=objects
+ERRC=obj_err
+EXHEADER=objects.h
+GENERAL=Makefile README
+HEADER=objects.h obj_dat.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=obj_dat.o obj_lib.o obj_err.o
+LIBSRC=obj_dat.c obj_lib.c obj_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=obj_dat.c obj_lib.c obj_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/evp
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=evp
+ERR=evp
+ERRC=evp_err
+EXHEADER=evp.h
+GENERAL=Makefile
+HEADER=evp.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pem
+ALL=Makefile pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c pem.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+CTX_SIZE=ctx_size
+DIR=pem
+ERR=pem
+ERRC=pem_err
+EXHEADER=pem.h
+GENERAL=Makefile
+HEADER=pem.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o
+LIBSRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/asn1
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=asn1
+ERR=asn1
+ERRC=asn1_err
+EXHEADER=asn1.h asn1_mac.h
+GENERAL=Makefile README
+HEADER=asn1.h asn1_mac.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/x509
+ALL=Makefile README x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c x509.h x509_vfy.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=x509
+ERR=x509
+ERRC=x509_err
+EXHEADER=x509.h x509_vfy.h
+GENERAL=Makefile README
+HEADER=x509.h x509_vfy.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=x509_def.o x509_d2.o x509_r2x.o x509_cmp.o x509_obj.o x509_req.o x509_vfy.o x509_set.o x509rset.o x509_err.o x509name.o x509_v3.o x509_ext.o x509pack.o x509type.o x509_lu.o x_all.o x509_txt.o by_file.o by_dir.o v3_net.o v3_x509.o
+LIBSRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/conf
+ALL=Makefile conf.c conf_err.c conf_lcl.h conf.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=conf
+ERR=conf
+ERRC=conf_err
+EXHEADER=conf.h
+GENERAL=Makefile
+HEADER=conf_lcl.h conf.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=conf.o conf_err.o
+LIBSRC=conf.c conf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=conf.c conf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/txt_db
+ALL=Makefile txt_db.c txt_db.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=txt_db
+EXHEADER=txt_db.h
+GENERAL=Makefile
+HEADER=txt_db.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=txt_db.o
+LIBSRC=txt_db.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=txt_db.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pkcs7
+ALL=Makefile README pk7_lib.c pkcs7err.c pk7_doit.c pkcs7.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=pkcs7
+ERR=pkcs7
+ERRC=pkcs7err
+EXHEADER=pkcs7.h
+GENERAL=Makefile README
+HEADER=pkcs7.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pk7_lib.o pkcs7err.o pk7_doit.o
+LIBSRC=pk7_lib.c pkcs7err.c pk7_doit.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pk7_lib.c pkcs7err.c pk7_doit.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=ssl
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=ssl
+ERR=ssl
+ERRC=ssl_err
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+GENERAL=Makefile README
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libssl.a
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+TEST=ssltest.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=rsaref
+ALL=Makefile rsaref.c rsar_err.c rsaref.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=rsaref
+ERR=rsaref
+ERRC=rsar_err
+EXHEADER=
+GENERAL=Makefile
+HEADER= rsaref.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libRSAglue.a
+LIBOBJ=rsaref.o rsar_err.o
+LIBSRC=rsaref.c rsar_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsaref.c rsar_err.c
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=apps
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
+A_OBJ=apps.o
+A_SRC=apps.c
+CC=cc
+CFLAG=-g -static
+CFLAGS=-DMONOLITH -I../include -g -static
+DIR=apps
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+EXE=ssleay
+EXHEADER=
+EX_LIBS=
+E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+GENERAL=Makefile
+HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+PROGS=ssleay.c
+RM=/bin/rm -f
+SCRIPTS=CA.sh der_chop
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SSLEAY=ssleay
+S_OBJ=s_cb.o s_socket.o
+S_SRC=s_cb.c s_socket.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=test
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+BFTEST=bftest
+BNTEST=bntest
+CC=cc
+CFLAG=-g
+CFLAGS=-I../include -g
+DESTEST=destest
+DHTEST=dhtest
+DIR=test
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+DSATEST=dsatest
+EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXHEADER=
+EXPTEST=exptest
+EX_LIBS=-lnsl -lsocket
+GENERAL=Makefile.ssl
+HEADER=
+IDEATEST=ideatest
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -fMakefile.ssl
+MAKEFILE=Makefile.ssl
+MD2TEST=md2test
+MD5TEST=md5test
+MDC2TEST=mdc2test
+METHTEST=methtest
+OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+PEX_LIBS=
+RANDTEST=randtest
+RC2TEST=rc2test
+RC4TEST=rc4test
+SHA1TEST=sha1test
+SHATEST=shatest
+SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SSLTEST=ssltest
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=tools
+APPS=c_hash c_info c_issuer c_name c_rehash
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=tools
+GENERAL=Makefile.ssl
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
--- /dev/null
+#
+# Makefile for all the SSL related library routines and utilities
+VERSION = 0.8.1a
+#
+# make install will install:
+# libraries into $INSTALLTOP/lib
+# headers into $INSTALLTOP/include
+# utilities into $INSTALLTOP/bin
+#
+# By default INSTALLTOP is set to /usr/local/ssl
+# If you want things install elsewere, consider running
+# perl util/ssldir.pl /new/path
+#
+# Interesting Mailing Lists:
+# ssl-bugs@mincom.oz.au
+# ssl-users@mincom.oz.au
+#
+# To join the Mailing Lists:
+# ssl-bugs-request@mincom.oz.au
+# ssl-users-request@mincom.oz.au
+#
+# If you must get hold of people directly (we much prefer the above
+# lists to be used if the question is of general interest!):
+# Eric Young <eay@cryptsoft.com>
+# Tim Hudson <tjh@cryptsoft.com>
+# or both <ssleay@cryptsoft.com>
+#
+# The primary distribution of SSLeay is from
+# ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
+#
+# NOCONST - Define for C compilers that don't like the const key word.
+# NOPROTO - Define in if your compiler does not support prototypes.
+# RSAref - Define if we are to link with RSAref.
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4 - Define to build without the RC4 algorithm
+# NO_RC2 - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
+# SSL_ALLOW_ADH - define if you want the server to be able to use the
+# SSLv3 anon-DH ciphers.
+# SSL_ALLOW_ENULL - define if you want the server to be able to use the
+# NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+
+
+CC= cc
+CFLAG= -O -DNOPROTO
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+PEX_LIBS= -L. -L.. -L../.. -L../../..
+EX_LIBS=
+#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
+AR=ar r
+
+# Set BN_MULW to bn_mulw.o if you want to use the C version
+#BN_MULW= asm/x86-lnx.o
+BN_MULW= bn_mulw.o
+#BN_MULW= asm/x86-lnx.o # elf
+#BN_MULW= asm/x86-sol.o # solaris
+#BN_MULW= asm/x86-lnxa.o # a.out, FreeBSD
+#BN_MULW= asm/x86-bsdi.o # bsdi
+#BN_MULW= asm/alpha.o # DEC Alpha
+#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC
+#BN_MULW= asm/r3000.o # SGI MIPS cpu
+#BN_MULW= asm/sparc.o # Sun solaris/SunOS
+#BN_MULW= asm/x86nt32.o # Windows 95/NT
+#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1
+
+# Set DES_ENC to des_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+DES_ENC= des_enc.o fcrypt_b.o
+#DES_ENC= des_enc.o fcrypt_b.o # C
+#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o # solaris
+#DES_ENC= asm/dx86-out.o asm/cx86-out.o # a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o # bsdi
+
+# Set BF_ENC to bf_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+BF_ENC= bf_enc.o
+#BF_ENC= bf_enc.o # C
+#BF_ENC= asm/bx86-elf.o # elf
+#BF_ENC= asm/bx86-sol.o # solaris
+#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o # bsdi
+
+DIRS= crypto ssl rsaref apps test tools
+# dirs in crypto to build
+SDIRS= \
+ md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+ buffer bio stack lhash rand err objects \
+ evp pem asn1 x509 conf txt_db pkcs7
+
+# If you change the INSTALLTOP, make sure to also change the values
+# in crypto/location.h
+INSTALLTOP=/usr/local/ssl
+
+MAKEFILE= Makefile.ssl
+MAKE= make -f Makefile.ssl
+
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+
+TOP= .
+ONEDIRS=out tmp
+EDIRS= times doc bugs util include certs ms shlib mt demos
+MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+ README TODO HISTORY README.066 README.080 \
+ VERSION PROBLEMS MINFO makefile.one e_os.h \
+ MICROSOFT makevms.com
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+
+GENERAL= Makefile
+BASENAME= SSLeay
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= $(NAME).tar
+WTARFILE= $(NAME)-win.tar
+EX_HEADER=
+HEADER= e_os.h
+
+all:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+ done;
+
+sub_all:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+ done;
+
+clean:
+ /bin/rm -f *.o core a.out fluff *.map
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "cleaning $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' clean ); \
+ /bin/rm -f $(LIBS); \
+ done;
+ /bin/rm -f *.a *.o speed.* *.map *.so .pure core
+ /bin/rm -f $(TARFILE)
+ @for i in $(ONEDIRS) ;\
+ do \
+ /bin/rm -f $$i/*; \
+ done
+
+makefile.one: files
+ perl util/mk1mf.pl >makefile.one; \
+ sh util/do_ms.sh
+
+files: MINFO
+ perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making 'files' in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' files ); \
+ done;
+
+links:
+ /bin/rm -f Makefile;
+ ./util/point.sh Makefile.ssl Makefile;
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making links in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' links ); \
+ done;
+ # @(cd apps; sh ./mklinks)
+ sh tools/c_rehash certs
+
+dclean:
+ /bin/rm -f *.bak
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "undoing makedepend in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' dclean ); \
+ done;
+
+rehash:
+ @(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
+
+test: tests
+
+tests:
+ (cd test; echo "testing $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+ @apps/ssleay version -a
+
+depend:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making dependancies $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' depend ); \
+ done;
+
+lint:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making lint $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' lint ); \
+ done;
+
+tags:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making tags $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' tags ); \
+ done;
+
+errors:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making errors in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' errors ); \
+ done;
+
+tar:
+ @(cd ..;\
+ mv $(BASENAME) $(NAME); \
+ export STUFF; \
+ for i in $(MISC) $(DIRS) $(EDIRS) $(ONEDIRS) ;\
+ do \
+ STUFF="$$STUFF $(NAME)/$$i"; \
+ done; \
+ tar cf $(NAME)/$(TARFILE) $$STUFF; \
+ mv $(NAME) $(BASENAME) )
+ gzip -f $(TARFILE)
+
+dist:
+ perl Configure dist
+ @$(MAKE) dist_pem_h
+ @$(MAKE) SDIRS='${SDIRS}' clean
+ @$(MAKE) SDIRS='${SDIRS}' dclean
+ @(cd apps; sh ./rmlinks)
+ @$(MAKE) makefile.one
+ @$(MAKE) tar
+
+dist_pem_h:
+ (cd crypto/pem; $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
+
+install: all
+ @-mkdir -p $(INSTALLTOP)/bin 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/lib 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/include 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/certs 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/private 2>/dev/null
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "installing $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' install ); \
+ done
+ @for i in $(LIBS) ;\
+ do \
+ ( echo installing $$i; \
+ cp $$i $(INSTALLTOP)/lib; \
+ sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
+ chmod 644 $(INSTALLTOP)/lib/$$i ); \
+ done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
--- /dev/null
+If you have any problems with SSLeay then please take the following
+steps:
+
+ Remove the ASM version of the BN routines (edit Configure)
+ Remove the compiler optimisation flags
+ Add in the compiler debug flags (-g)
+
+Note: if using gcc then remove -fomit-frame-pointer before you try
+ to debug things.
+
+If you wish to report a bug then please include the following information
+in any bug report:
+
+ SSLeay Details
+ - Version, most of these details can be got from the
+ 'ssleay version -a' command.
+ Operating System Details
+ - OS Name
+ - OS Version
+ - Hardware platform
+ Compiler Details
+ - Name
+ - Version
+ Application Details
+ - Name
+ - Version
+ Problem Description
+ - include steps that will reproduce the problem (if known)
+ Stack Traceback (if the application dumps core)
+
+For example:
+
+ SSLeay-0.5.1a
+ SunOS 5.3, SPARC, SunC 3.0
+ SSLtelnet-0.7
+
+ Core dumps when using telnet with SSL support in bn_mul() with
+ the following stack trackback
+ ...
+
+
+Report the bug to either
+ ssleay@mincom.oz.au (Eric and Tim)
+or
+ ssl-bugs@mincom.oz.au (mailing list of active developers)
+
+
+Tim Hudson
+tjh@mincom.oz.au
+
--- /dev/null
+ SSLeay 0.8.1b 29-Jun-1998
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+This directory contains Eric Young's (eay@cryptsoft.com) implementation
+of SSL and supporting libraries.
+
+The current version of this library is available from
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+There are patches to a number of internet applications which can be found in
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
+
+A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com>
+can be found at
+ http://www.psy.uq.oz.au/~ftp/Crypto
+
+Additional documentation is being slowly written by Eric Young, and is being
+added to http://www.cryptsoft.com/ssleay/doc. It will normally also be
+available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay
+
+This Library and programs are FREE for commercial and non-commercial
+usage. The only restriction is that I must be attributed with the
+development of this code. See the COPYRIGHT file for more details.
+Donations would still be accepted :-).
+
+THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6
+
+The package includes
+
+libssl.a:
+ My implementation of SSLv2, SSLv3 and the required code to support
+ both SSLv2 and SSLv3 in the one server.
+
+libcrypto.a:
+ General encryption and X509 stuff needed by SSL but not
+ actually logically part of it. It includes routines for the following:
+
+ Ciphers
+ libdes - My libdes DES encryption package which has been floating
+ around the net for a few years. It includes 15
+ 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+ cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
+ including desx in cbc mode,
+ a fast crypt(3), and routines to read passwords from the
+ keyboard.
+ RC4 encryption,
+ RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
+
+ Digests
+ MD5 and MD2 message digest algorithms, fast implementations,
+ SHA (SHA-0) and SHA-1 message digest algorithms,
+ MDC2 message digest. A DES based hash that is polular on smart cards.
+
+ Public Key
+ RSA encryption/decryption/generation. There is no limit
+ on the number of bits.
+ DSA encryption/decryption/generation. There is no limit on the
+ number of bits.
+ Diffie-Hellman key-exchange/key generation. There is no limit
+ on the number of bits.
+
+ X509v3 certificates
+ X509 encoding/decoding into/from binary ASN1 and a PEM
+ based ascii-binary encoding which supports encryption with
+ a private key.
+ Program to generate RSA and DSA certificate requests and to
+ generate RSA and DSA certificates.
+
+ Systems
+ The normal digital envelope routines and base64 encoding.
+ Higher level access to ciphers and digests by name. New ciphers can be
+ loaded at run time.
+ The BIO io system which is a simple non-blocking IO abstraction.
+ Current methods supported are file descriptors, sockets,
+ socket accept, socket connect, memory buffer, buffering,
+ SSL client/server, file pointer, encryption, digest,
+ non-blocking testing and null.
+ Data structures
+ A dynamically growing hashing system
+ A simple stack.
+ A Configuration loader that uses a format similar to MS .ini files.
+
+Programs in this package include
+ enc - a general encryption program that can encrypt/decrypt using
+ one of 17 different cipher/mode combinations. The
+ input/output can also be converted to/from base64
+ ascii encoding.
+ dgst - a generate message digesting program that will generate
+ message digests for any of md2, md5, sha (sha-0 or sha-1)
+ or mdc2.
+ asn1parse - parse and display the structure of an asn1 encoded
+ binary file.
+ rsa - Manipulate RSA private keys.
+ dsa - Manipulate DSA private keys.
+ dh - Manipulate Diffie-Hellman parameter files.
+ dsaparam- Manipulate and generate DSA parameter files.
+ crl - Manipulate certificate revocation lists.
+ crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+ x509 - Manipulate x509 certificates, self-sign certificates.
+ req - Manipulate PKCS#10 certificate requests and also
+ generate certificate requests.
+ genrsa - Generates an arbitrary sized RSA private key.
+ gendh - Generates a set of Diffie-Hellman parameters, the prime
+ will be a strong prime.
+ ca - Create certificates from PKCS#10 certificate requests.
+ This program also maintains a database of certificates
+ issued.
+ verify - Check x509 certificate signatures.
+ speed - Benchmark SSLeay's ciphers.
+ s_server- A test SSL server.
+ s_client- A test SSL client.
+ s_time - Benchmark SSL performance of SSL server programs.
+ errstr - Convert from SSLeay hex error codes to a readable form.
+
+Documents avaliable are
+ A Postscript and html reference manual
+ (written by Tim Hudson tjh@cryptsoft.com).
+
+ A list of text protocol references I used.
+ An initial version of the library manual.
+
+To install this package, read the INSTALL file.
+For the Microsoft word, read MICROSOFT
+This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
+SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
+LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.
+
+Multithreading has been tested under Windows NT and Solaris 2.5.1
+
+Due to time constraints, the current release has only be rigorously tested
+on Solaris 2.[45], Linux and Windows NT.
+
+For people in the USA, it is possible to compile SSLeay to use RSA
+Inc.'s public key library, RSAref. From my understanding, it is
+claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
+Read doc/rsaref.doc on how to build with RSAref.
+
+Read the documentation in the doc directory. It is quite rough,
+but it lists the functions, you will probably have to look at
+the code to work out how to used them. I will be working on
+documentation. Look at the example programs.
+
+There should be a SSL reference manual which is being put together by
+Tim Hudson (tjh@cryptsoft.com) in the same location as this
+distribution. This contains a lot more information that is very
+useful. For a description of X509 Certificates, their use, and
+certification, read rfc1421, rfc1422, rfc1423 and rfc1424. ssl/README
+also goes over the mechanism.
+
+We have setup some mailing lists for use by people that are interested
+in helping develop this code and/or ask questions.
+ ssl-bugs@mincom.oz.au
+ ssl-users@mincom.oz.au
+ ssl-bugs-request@mincom.oz.au
+ ssl-users-request@mincom.oz.au
+
+I have recently read about a new form of software, that which is in
+a permanent state of beta release. Linux and Netscape are 2 good
+examples of this, and I would also add SSLeay to this category.
+The Current stable release is 0.6.6. It has a few minor problems.
+0.8.0 is not call compatable so make sure you have the correct version
+of SSLeay to link with.
+
+eric (Jun 1997)
+
+Eric Young (eay@cryptsoft.com)
+86 Taunton St.
+Annerley 4103.
+Australia.
+
--- /dev/null
+
+SSLeay 0.6.6 13-Jan-1997
+
+The main additions are
+
+- assember for x86 DES improvments.
+ From 191,000 per second on a pentium 100, I now get 281,000. The inner
+ loop and the IP/FP modifications are from
+ Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his
+ contribution.
+- The 'DES macros' introduced in 0.6.5 now have 3 types.
+ DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which
+ is best and there is a summery of mine in crypto/des/options.txt
+- A few bug fixes.
+- Added blowfish. It is not used by SSL but all the other stuff that
+ deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
+ There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'.
+ BF_PTR2 is pentium/x86 specific. The correct option is setup in
+ the 'Configure' script.
+- There is now a 'get client certificate' callback which can be
+ 'non-blocking'. If more details are required, let me know. It will
+ documented more in SSLv3 when I finish it.
+- Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test'
+ now tests the ca program.
+- Lots of little things modified and tweaked.
+
+eric
--- /dev/null
+This version of SSLeay has quite a lot of things different from the
+previous version.
+
+Basically check all callback parameters, I will be producing documentation
+about how to use things in th future. Currently I'm just getting 080 out
+the door. Please not that there are several ways to do everything, and
+most of the applications in the apps directory are hybrids, some using old
+methods and some using new methods.
+
+Have a look in demos/bio for some very simple programs and
+apps/s_client.c and apps/s_server.c for some more advanced versions.
+Notes are definitly needed but they are a week or so away.
+
+Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
+---
+Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
+get those people that want to move to using the new code base off to
+a quick start.
+
+Note that Eric has tidied up a lot of the areas of the API that were
+less than desirable and renamed quite a few things (as he had to break
+the API in lots of places anyrate). There are a whole pile of additional
+functions for making dealing with (and creating) certificates a lot
+cleaner.
+
+01-Jul-97
+Tim Hudson
+tjh@cryptsoft.com
+
+---8<---
+
+To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
+use something like the following (assuming you #include "crypto.h" which
+is something that you really should be doing).
+
+#if SSLEAY_VERSION_NUMBER >= 0x0800
+#define SSLEAY8
+#endif
+
+buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
+ too if you are working with BIO internal stuff (as distinct
+ from simply using the interface in an opaque manner)
+
+#include "bio.h" - required along with "buffer.h" if you write
+ your own BIO routines as the buffer and bio
+ stuff that was intermixed has been separated
+ out
+
+envelope.h -> evp.h (which should have been done ages ago)
+
+Initialisation ... don't forget these or you end up with code that
+is missing the bits required to do useful things (like ciphers):
+
+SSLeay_add_ssl_algorithms()
+(probably also want SSL_load_error_strings() too but you should have
+ already had that call in place)
+
+SSL_CTX_new() - requires an extra method parameter
+ SSL_CTX_new(SSLv23_method())
+ SSL_CTX_new(SSLv2_method())
+ SSL_CTX_new(SSLv3_method())
+
+ OR to only have the server or the client code
+ SSL_CTX_new(SSLv23_server_method())
+ SSL_CTX_new(SSLv2_server_method())
+ SSL_CTX_new(SSLv3_server_method())
+ or
+ SSL_CTX_new(SSLv23_client_method())
+ SSL_CTX_new(SSLv2_client_method())
+ SSL_CTX_new(SSLv3_client_method())
+
+SSL_set_default_verify_paths() ... renamed to the more appropriate
+SSL_CTX_set_default_verify_paths()
+
+If you want to use client certificates then you have to add in a bit
+of extra stuff in that a SSLv3 server sends a list of those CAs that
+it will accept certificates from ... so you have to provide a list to
+SSLeay otherwise certain browsers will not send client certs.
+
+SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+
+X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0)
+ or provide a buffer and size to copy the
+ result into
+
+X509_add_cert -> X509_STORE_add_cert (and you might want to read the
+ notes on X509_NAME structure changes too)
+
+
+VERIFICATION CODE
+=================
+
+The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
+more accurately reflect things.
+
+The verification callback args are now packaged differently so that
+extra fields for verification can be added easily in future without
+having to break things by adding extra parameters each release :-)
+
+X509_cert_verify_error_string -> X509_verify_cert_error_string
+
+
+BIO INTERNALS
+=============
+
+Eric has fixed things so that extra flags can be introduced in
+the BIO layer in future without having to play with all the BIO
+modules by adding in some macros.
+
+The ugly stuff using
+ b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
+becomes
+ BIO_clear_retry_flags(b)
+
+ b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
+becomes
+ BIO_set_retry_read(b)
+
+Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
+
+
+
+OTHER THINGS
+============
+
+X509_NAME has been altered so that it isn't just a STACK ... the STACK
+is now in the "entries" field ... and there are a pile of nice functions
+for getting at the details in a much cleaner manner.
+
+SSL_CTX has been altered ... "cert" is no longer a direct member of this
+structure ... things are now down under "cert_store" (see x509_vfy.h) and
+things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
+If your code "knows" about this level of detail then it will need some
+surgery.
+
+If you depending on the incorrect spelling of a number of the error codes
+then you will have to change your code as these have been fixed.
+
+ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
+has been all along so this makes things clearer.
+ify_cert_error_string(ctx->error));
+
+SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
+ and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
+
+
--- /dev/null
+- The loading of the netscape RC4 encrypted key is a crock of pig pellets.
+ It will be reworked along with a nice general mechanism for encrypting
+ ASN.1 stuff. [ Jun 96 ] I've cleaned up private keys internally but
+ still have not done PKCS#8 support.
+
+- Winsock support in s_client/s_server for windows nt/3.1 is a crock.
+ I will probably not get this fixed for a while, it is just there so
+ I could test things.
+
+- Be able to generate DSS certificates.
+
+- Add CRL to the X509 verification stuff, this will probably be added with
+ SSLv3.
+
++ X509 callback. I need to callback the application to retrieve certificates
+ and CRL.
+
+*<- designates the things I'm activly working on.
++<- designates that which I have next in the queue.
+
+====
+
+X509v3 extensions
+verify certificate chains
+X509 cert lookup methods
+RSA/DSA/DH methods mostly for smart cards
+dsa cert generation
+
--- /dev/null
+SSLeay 0.8.1
+ - Mostly bug fixes. There is an Ephemeral DH cipher problem which
+ is fixed.
+
+SSLeay 0.8.0
+ - New release, for those that are wondering what happend to
+ 0.7.x, call it our internal development version :-)
+ - There have been lots of changes, mostly the addition of SSLv3.
+ - There have been many additions from people and amongst
+ others, C2Net has assisted greatly.
+
+SSLeay 0.6.6
+ SSLeay 0.8.0 is not upward compatable with SSLeay 0.6.6, so
+ if your application requires 0.6.6, use it. There have been
+ lots of bug fixes to 0.8.x that have not been applied to 0.6.6
+ so use 0.8.0+ in preference.
+
+PORTING 0.6.6 to 0.8.0
+ I'll be documenting this over the next few weeks but as
+ pressures have been increasing for making SSLv3 support
+ available I'm shipping it without this documentation as I
+ basically have not had time to write it (too busy earning a
+ living :-)
+
--- /dev/null
+#!/bin/sh
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+# some setup stuff to be done before you can use it and this makes
+# things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh Added more things ... including CA -signcert which
+# converts a certificate to a request and then signs it.
+# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
+# environment variable so this can be driven from
+# a script.
+# 25-Jul-96 eay Cleaned up filenames some more.
+# 11-Jun-96 eay Fixed a few filename missmatches.
+# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# default ssleay.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+DAYS="-days 365"
+REQ="ssleay req $SSLEAY_CONFIG"
+CA="ssleay ca $SSLEAY_CONFIG"
+VERIFY="ssleay verify"
+X509="ssleay x509"
+
+CATOP=./demoCA
+CAKEY=./cakey.pem
+CACERT=./cacert.pem
+
+for i
+do
+case $i in
+-\?|-h|-help)
+ echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
+ exit 0
+ ;;
+-newcert)
+ # create a certificate
+ $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Certificate (and private key) is in newreq.pem"
+ ;;
+-newreq)
+ # create a certificate request
+ $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Request (and private key) is in newreq.pem"
+ ;;
+-newca)
+ # if explictly asked for or it doesn't exist then setup the directory
+ # structure that Eric likes to manage things
+ NEW="1"
+ if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
+ # create the directory hierarchy
+ mkdir ${CATOP}
+ mkdir ${CATOP}/certs
+ mkdir ${CATOP}/crl
+ mkdir ${CATOP}/newcerts
+ mkdir ${CATOP}/private
+ echo "01" > ${CATOP}/serial
+ touch ${CATOP}/index.txt
+ fi
+ if [ ! -f ${CATOP}/private/$CAKEY ]; then
+ echo "CA certificate filename (or enter to create)"
+ read FILE
+
+ # ask user for existing CA certificate
+ if [ "$FILE" ]; then
+ cp $FILE ${CATOP}/private/$CAKEY
+ RET=$?
+ else
+ echo "Making CA certificate ..."
+ $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
+ -out ${CATOP}/$CACERT $DAYS
+ RET=$?
+ fi
+ fi
+ ;;
+-xsign)
+ $CA -policy policy_anything -infiles newreq.pem
+ RET=$?
+ ;;
+-sign|-signreq)
+ $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
+ RET=$?
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-signcert)
+ echo "Cert passphrase will be requested twice - bug?"
+ $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
+ $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-verify)
+ shift
+ if [ -z "$1" ]; then
+ $VERIFY -CAfile $CATOP/$CACERT newcert.pem
+ RET=$?
+ else
+ for j
+ do
+ $VERIFY -CAfile $CATOP/$CACERT $j
+ if [ $? != 0 ]; then
+ RET=$?
+ fi
+ done
+ fi
+ exit 0
+ ;;
+*)
+ echo "Unknown arg $i";
+ exit 1
+ ;;
+esac
+done
+exit $RET
+
--- /dev/null
+#
+# SSLeay/apps/Makefile.ssl
+#
+
+DIR= apps
+TOP= ..
+CC= cc
+INCLUDES= -I../include
+CFLAG= -g -static
+INSTALLTOP= /usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+RM= /bin/rm -f
+
+PEX_LIBS=
+EX_LIBS=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+SSLEAY= ssleay
+
+SCRIPTS=CA.sh der_chop
+
+EXE= $(SSLEAY)
+
+E_EXE= verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
+ rsa dsa dsaparam \
+ x509 genrsa s_server s_client speed \
+ s_time version pkcs7 crl2pkcs7 sess_id ciphers
+
+PROGS= $(SSLEAY).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ= s_cb.o s_socket.o
+S_SRC= s_cb.c s_socket.c
+
+E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
+ gendsa.o pkcs7.o crl2p7.o crl.o \
+ rsa.o dsa.o dsaparam.o \
+ x509.o genrsa.o s_server.o s_client.o speed.o \
+ s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
+ ciphers.o
+
+# pem_mail.o
+
+E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
+ gendsa.c pkcs7.c crl2p7.c crl.c \
+ rsa.c dsa.c dsaparam.c \
+ x509.c genrsa.c s_server.c s_client.c speed.c \
+ s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
+ ciphers.c
+
+# pem_mail.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER= apps.h progs.h s_apps.h \
+ testdsa.h testrsa.h \
+ $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ @(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: exe
+
+exe: $(EXE)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+ $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+sreq.o: req.c
+ $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+install: mklinks
+ @for i in $(EXE) $(SCRIPTS) mklinks; \
+ do \
+ (echo installing $$i; \
+ cp $$i $(INSTALLTOP)/bin/$$i; \
+ chmod 755 $(INSTALLTOP)/bin/$$i ); \
+ done; \
+ cp ssleay.cnf $(INSTALLTOP)/lib
+ chmod 644 $(INSTALLTOP)/lib/ssleay.cnf
+ cd $(INSTALLTOP)/bin; \
+ /bin/sh ./mklinks; \
+ /bin/rm -f ./mklinks
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+errors:
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+ /bin/rm -f req
+
+$(DLIBSSL):
+ (cd ../ssl; $(MAKE))
+
+$(DLIBCRYPTO):
+ (cd ../crypto; $(MAKE))
+
+$(SSLEAY): progs.h $(E_OBJ) $(SSLEAY).o $(DLIBCRYPTO) $(DLIBSSL)
+ $(RM) $(SSLEAY)
+ $(CC) -o $(SSLEAY) $(CFLAGS) $(SSLEAY).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
+
+progs.h:
+ perl ./g_ssleay.pl $(E_EXE) >progs.h
+ $(RM) $(SSLEAY).o
+
+mklinks:
+ perl ./g_ssleay.pl $(E_EXE) >progs.h
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
--- /dev/null
+/* apps/apps.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+
+#ifdef WIN16
+#define APPS_WIN16
+#ifdef FLAT_BUILD
+#include "bss_file.c"
+#else
+#include "../crypto/bio/bss_file.c"
+#endif
+#endif
+
+#ifndef NOPROTO
+int app_init(long mesgwin);
+#else
+int app_init();
+#endif
+
+#ifdef undef /* never finished - probably never will be :-) */
+int args_from_file(file,argc,argv)
+char *file;
+int *argc;
+char **argv[];
+ {
+ FILE *fp;
+ int num,i;
+ unsigned int len;
+ static char *buf=NULL;
+ static char **arg=NULL;
+ char *p;
+ struct stat stbuf;
+
+ if (stat(file,&stbuf) < 0) return(0);
+
+ fp=fopen(file,"r");
+ if (fp == NULL)
+ return(0);
+
+ *argc=0;
+ *argv=NULL;
+
+ len=(unsigned int)stbuf.st_size;
+ if (buf != NULL) Free(buf);
+ buf=(char *)Malloc(len+1);
+ if (buf == NULL) return(0);
+
+ len=fread(buf,1,len,fp);
+ if (len <= 1) return(0);
+ buf[len]='\0';
+
+ i=0;
+ for (p=buf; *p; p++)
+ if (*p == '\n') i++;
+ if (arg != NULL) Free(arg);
+ arg=(char **)Malloc(sizeof(char *)*(i*2));
+
+ *argv=arg;
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ if (!*p) break;
+ if (*p == '#') /* comment line */
+ {
+ while (*p && (*p != '\n')) p++;
+ continue;
+ }
+ /* else we have a line */
+ *(arg++)=p;
+ num++;
+ while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ *(p++)='\0';
+ continue;
+ }
+ /* else it is a tab or space */
+ p++;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ p++;
+ continue;
+ }
+ *(arg++)=p++;
+ num++;
+ while (*p && (*p != '\n')) p++;
+ if (!*p) break;
+ /* else *p == '\n' */
+ *(p++)='\0';
+ }
+ *argc=num;
+ return(1);
+ }
+#endif
+
+int str2fmt(s)
+char *s;
+ {
+ if ((*s == 'D') || (*s == 'd'))
+ return(FORMAT_ASN1);
+ else if ((*s == 'T') || (*s == 't'))
+ return(FORMAT_TEXT);
+ else if ((*s == 'P') || (*s == 'p'))
+ return(FORMAT_PEM);
+ else if ((*s == 'N') || (*s == 'n'))
+ return(FORMAT_NETSCAPE);
+ else
+ return(FORMAT_UNDEF);
+ }
+
+#if defined(MSDOS) || defined(WIN32) || defined(WIN16)
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ int i,n;
+ char *p=NULL;
+
+ n=strlen(in);
+ /* find the last '/', '\' or ':' */
+ for (i=n-1; i>0; i--)
+ {
+ if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
+ {
+ p= &(in[i+1]);
+ break;
+ }
+ }
+ if (p == NULL)
+ p=in;
+ n=strlen(p);
+ /* strip off trailing .exe if present. */
+ if ((n > 4) && (p[n-4] == '.') &&
+ ((p[n-3] == 'e') || (p[n-3] == 'E')) &&
+ ((p[n-2] == 'x') || (p[n-2] == 'X')) &&
+ ((p[n-1] == 'e') || (p[n-1] == 'E')))
+ n-=4;
+ if (n > size-1)
+ n=size-1;
+
+ for (i=0; i<n; i++)
+ {
+ if ((p[i] >= 'A') && (p[i] <= 'Z'))
+ out[i]=p[i]-'A'+'a';
+ else
+ out[i]=p[i];
+ }
+ out[n]='\0';
+ }
+#else
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ char *p;
+
+ p=strrchr(in,'/');
+ if (p != NULL)
+ p++;
+ else
+ p=in;
+ strncpy(out,p,size-1);
+ out[size-1]='\0';
+ }
+#endif
+
+#ifdef WIN32
+int WIN32_rename(from,to)
+char *from;
+char *to;
+ {
+ int ret;
+
+ ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
+ return(ret?0:-1);
+ }
+#endif
+
+int chopup_args(arg,buf,argc,argv)
+ARGS *arg;
+char *buf;
+int *argc;
+char **argv[];
+ {
+ int num,len,i;
+ char *p;
+
+ *argc=0;
+ *argv=NULL;
+
+ len=strlen(buf);
+ i=0;
+ if (arg->count == 0)
+ {
+ arg->count=20;
+ arg->data=(char **)Malloc(sizeof(char *)*arg->count);
+ }
+ for (i=0; i<arg->count; i++)
+ arg->data[i]=NULL;
+
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ /* first scan over white space */
+ if (!*p) break;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+
+ /* The start of something good :-) */
+ if (num >= arg->count)
+ {
+ arg->count+=20;
+ arg->data=(char **)Realloc(arg->data,
+ sizeof(char *)*arg->count);
+ if (argc == 0) return(0);
+ }
+ arg->data[num++]=p;
+
+ /* now look for the end of this */
+ if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
+ {
+ i= *(p++);
+ arg->data[num-1]++; /* jump over quote */
+ while (*p && (*p != i))
+ p++;
+ *p='\0';
+ }
+ else
+ {
+ while (*p && ((*p != ' ') &&
+ (*p != '\t') && (*p != '\n')))
+ p++;
+
+ if (*p == '\0')
+ p--;
+ else
+ *p='\0';
+ }
+ p++;
+ }
+ *argc=num;
+ *argv=arg->data;
+ return(1);
+ }
+
+#ifndef APP_INIT
+int app_init(mesgwin)
+long mesgwin;
+ {
+ return(1);
+ }
+#endif
--- /dev/null
+/* apps/apps.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_APPS_H
+#define HEADER_APPS_H
+
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif
+
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
+#include "progs.h"
+
+#ifdef WIN16
+BIO_METHOD *BIO_s_file();
+#endif
+
+#ifdef WIN32
+#define rename(from,to) WIN32_rename((from),(to))
+int WIN32_rename(char *oldname,char *newname);
+#endif
+
+#ifndef MONOLITH
+
+#define MAIN(a,v) main(a,v)
+
+#ifndef NON_MAIN
+BIO *bio_err=NULL;
+#else
+extern BIO *bio_err;
+#endif
+
+#else
+
+#define MAIN(a,v) PROG(a,v)
+#include "conf.h"
+extern LHASH *config;
+extern char *default_config_file;
+extern BIO *bio_err;
+
+#endif
+
+#include <signal.h>
+
+#ifdef SIGPIPE
+#define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
+#else
+#define do_pipe_sig()
+#endif
+
+#if defined(MONOLITH) && !defined(SSLEAY)
+# define apps_startup() do_pipe_sig()
+#else
+# if defined(MSDOS) || defined(WIN16) || defined(WIN32)
+# ifdef _O_BINARY
+# define apps_startup() \
+ _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# else
+# define apps_startup() \
+ _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# endif
+# else
+# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms();
+# endif
+#endif
+
+typedef struct args_st
+ {
+ char **data;
+ int count;
+ } ARGS;
+
+#ifndef NOPROTO
+int should_retry(int i);
+int args_from_file(char *file, int *argc, char **argv[]);
+int str2fmt(char *s);
+void program_name(char *in,char *out,int size);
+int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
+#else
+int should_retry();
+int args_from_file();
+int str2fmt();
+void program_name();
+int chopup_args();
+#endif
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+#define FORMAT_NETSCAPE 4
+
+#endif
--- /dev/null
+/* apps/asn1pars.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+/* -inform arg - input format - default PEM (DER or PEM)
+ * -in arg - input file - default stdin
+ * -i - indent the details by depth
+ * -offset - where in the file to start
+ * -length - how many bytes to use
+ */
+
+#undef PROG
+#define PROG asn1parse_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,badops=0,offset=0,ret=1;
+ unsigned int length=0;
+ long num;
+ BIO *in=NULL,*out=NULL,*b64=NULL;
+ int informat,indent=0;
+ char *infile,*str=NULL,*prog;
+ BUF_MEM *buf=NULL;
+
+ infile=NULL;
+ informat=FORMAT_PEM;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-i") == 0)
+ {
+ indent=1;
+ }
+ else if (strcmp(*argv,"-offset") == 0)
+ {
+ if (--argc < 1) goto bad;
+ offset= atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-length") == 0)
+ {
+ if (--argc < 1) goto bad;
+ length= atoi(*(++argv));
+ if (length == 0) goto bad;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -offset arg offset into file\n");
+ BIO_printf(bio_err," -length arg lenth of section in file\n");
+ BIO_printf(bio_err," -i indent entries\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if ((buf=BUF_MEM_new()) == NULL) goto end;
+ if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
+
+ if (informat == FORMAT_PEM)
+ {
+ BIO *tmp;
+
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ BIO_push(b64,in);
+ tmp=in;
+ in=b64;
+ b64=tmp;
+ }
+
+ num=0;
+ for (;;)
+ {
+ if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
+ i=BIO_read(in,&(buf->data[num]),BUFSIZ);
+ if (i <= 0) break;
+ num+=i;
+ }
+ str=buf->data;
+
+ if (length == 0) length=(unsigned int)num;
+ if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (b64 != NULL) BIO_free(b64);
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (buf != NULL) BUF_MEM_free(buf);
+ EXIT(ret);
+ }
+
--- /dev/null
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define APPS_WIN16
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+ {
+ BIO_TYPE_FILE,"FILE pointer",
+ file_write,
+ file_read,
+ file_puts,
+ file_gets,
+ file_ctrl,
+ file_new,
+ file_free,
+ };
+
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+ {
+ BIO *ret;
+ FILE *file;
+
+ if ((file=fopen(filename,mode)) == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+ return(NULL);
+ }
+ if ((ret=BIO_new_fp(file,BIO_CLOSE)) == NULL)
+ {
+ fclose(file);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+ {
+ BIO *ret;
+
+ if ((ret=BIO_new(BIO_s_file())) == NULL)
+ return(NULL);
+ BIO_set_fp(ret,stream,close_flag);
+ return(ret);
+ }
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+
+BIO_METHOD *BIO_s_file()
+ {
+ return(&methods_filep);
+ }
+
+#else
+
+BIO_METHOD *BIO_s_file_internal_w16()
+ {
+ return(&methods_filep);
+ }
+
+#endif
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ return(1);
+ }
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ fclose((FILE *)a->ptr);
+ a->ptr=NULL;
+ }
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (b->init && (out != NULL))
+ {
+ ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if (b->init && (in != NULL))
+ {
+ if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+ ret=inl;
+ /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+ /* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+ * out version above can cause 'inl' write calls under
+ * some stupid stdio implementations (VMS) */
+ }
+ return(ret);
+ }
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ FILE *fp=(FILE *)b->ptr;
+ FILE **fpp;
+ char p[4];
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=(long)fseek(fp,num,0);
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)feof(fp);
+ break;
+ case BIO_CTRL_INFO:
+ ret=ftell(fp);
+ break;
+ case BIO_C_SET_FILE_PTR:
+ file_free(b);
+ b->shutdown=(int)num;
+ b->ptr=(char *)ptr;
+ b->init=1;
+ break;
+ case BIO_C_SET_FILENAME:
+ file_free(b);
+ b->shutdown=(int)num&BIO_CLOSE;
+ if (num & BIO_FP_APPEND)
+ {
+ if (num & BIO_FP_READ)
+ strcpy(p,"a+");
+ else strcpy(p,"a");
+ }
+ else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+ strcpy(p,"r+");
+ else if (num & BIO_FP_WRITE)
+ strcpy(p,"w");
+ else if (num & BIO_FP_READ)
+ strcpy(p,"r");
+ else
+ {
+ BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+ ret=0;
+ break;
+ }
+#if defined(MSDOS) || defined(WINDOWS)
+ if (!(num & BIO_FP_TEXT))
+ strcat(p,"b");
+ else
+ strcat(p,"t");
+#endif
+ fp=fopen(ptr,p);
+ if (fp == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+ ret=0;
+ break;
+ }
+ b->ptr=(char *)fp;
+ b->init=1;
+ break;
+ case BIO_C_GET_FILE_PTR:
+ /* the ptr parameter is actually a FILE ** in this case. */
+ if (ptr != NULL)
+ {
+ fpp=(FILE **)ptr;
+ *fpp=(FILE *)b->ptr;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_FLUSH:
+ fflush((FILE *)b->ptr);
+ break;
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int ret=0;
+
+ buf[0]='\0';
+ fgets(buf,size,(FILE *)bp->ptr);
+ if (buf[0] != '\0')
+ ret=strlen(buf);
+ return(ret);
+ }
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=file_write(bp,str,n);
+ return(ret);
+ }
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
+q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
+/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
+HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
+ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
+nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
+ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i
+2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs6
+2NNtXrT8odkCAwEAATANBgkqhkiG9w0BAQQFAANBAC5JBTeji7RosqMaUIDzIW13
+oO6+kPhx9fXSpMFHIsY3aH92Milkov/2A4SuZTcnv/P6+8klmS0EaiUKcRzak4E=
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
+MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
+bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
+FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
+cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
+cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
+5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
+kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+/* apps/ca.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "txt_db.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+#include "conf.h"
+
+#ifndef W_OK
+#include <sys/file.h>
+#endif
+
+#undef PROG
+#define PROG ca_main
+
+#define BASE_SECTION "ca"
+#define CONFIG_FILE "lib/ssleay.cnf"
+
+#define ENV_DEFAULT_CA "default_ca"
+
+#define ENV_DIR "dir"
+#define ENV_CERTS "certs"
+#define ENV_CRL_DIR "crl_dir"
+#define ENV_CA_DB "CA_DB"
+#define ENV_NEW_CERTS_DIR "new_certs_dir"
+#define ENV_CERTIFICATE "certificate"
+#define ENV_SERIAL "serial"
+#define ENV_CRL "crl"
+#define ENV_PRIVATE_KEY "private_key"
+#define ENV_RANDFILE "RANDFILE"
+#define ENV_DEFAULT_DAYS "default_days"
+#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
+#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
+#define ENV_DEFAULT_MD "default_md"
+#define ENV_PRESERVE "preserve"
+#define ENV_POLICY "policy"
+#define ENV_EXTENSIONS "x509_extensions"
+#define ENV_MSIE_HACK "msie_hack"
+
+#define ENV_DATABASE "database"
+
+#define DB_type 0
+#define DB_exp_date 1
+#define DB_rev_date 2
+#define DB_serial 3 /* index - unique */
+#define DB_file 4
+#define DB_name 5 /* index - unique for active */
+#define DB_NUMBER 6
+
+#define DB_TYPE_REV 'R'
+#define DB_TYPE_EXP 'E'
+#define DB_TYPE_VAL 'V'
+
+static char *ca_usage[]={
+"usage: ca args\n",
+"\n",
+" -verbose - Talk alot while doing things\n",
+" -config file - A config file\n",
+" -name arg - The particular CA definition to use\n",
+" -gencrl - Generate a new CRL\n",
+" -crldays days - Days is when the next CRL is due\n",
+" -crlhours hours - Hours is when the next CRL is due\n",
+" -days arg - number of days to certify the certificate for\n",
+" -md arg - md to use, one of md2, md5, sha or sha1\n",
+" -policy arg - The CA 'policy' to support\n",
+" -keyfile arg - PEM private key file\n",
+" -key arg - key to decode the private key if it is encrypted\n",
+" -cert - The CA certificate\n",
+" -in file - The input PEM encoded certificate request(s)\n",
+" -out file - Where to put the output file(s)\n",
+" -outdir dir - Where to put output certificates\n",
+" -infiles .... - The last argument, requests to process\n",
+" -spkac file - File contains DN and signed public key and challenge\n",
+" -preserveDN - Don't re-order the DN\n",
+" -batch - Don't ask questions\n",
+" -msie_hack - msie modifications to handle all thos universal strings\n",
+NULL
+};
+
+#ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+#endif
+
+#ifndef NOPROTO
+static STACK *load_extensions(char *section);
+static void lookup_fail(char *name,char *tag);
+static int MS_CALLBACK key_callback(char *buf,int len,int verify);
+static unsigned long index_serial_hash(char **a);
+static int index_serial_cmp(char **a, char **b);
+static unsigned long index_name_hash(char **a);
+static int index_name_qual(char **a);
+static int index_name_cmp(char **a,char **b);
+static BIGNUM *load_serial(char *serialfile);
+static int save_serial(char *serialfile, BIGNUM *serial);
+static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
+ int batch, STACK *extensions,int verbose);
+static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
+ STACK *extensions,int verbose);
+static int fix_data(int nid, int *type);
+static void write_new_certificate(BIO *bp, X509 *x, int output_der);
+static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
+ STACK *policy, TXT_DB *db, BIGNUM *serial, int days, int batch,
+ int verbose, X509_REQ *req, STACK *extensions);
+static int check_time_format(char *str);
+#else
+static STACK *load_extensions();
+static void lookup_fail();
+static int MS_CALLBACK key_callback();
+static unsigned long index_serial_hash();
+static int index_serial_cmp();
+static unsigned long index_name_hash();
+static int index_name_qual();
+static int index_name_cmp();
+static int fix_data();
+static BIGNUM *load_serial();
+static int save_serial();
+static int certify();
+static int certify_spkac();
+static void write_new_certificate();
+static int do_body();
+static int check_time_format();
+#endif
+
+static LHASH *conf;
+static char *key=NULL;
+static char *section=NULL;
+
+static int preserve=0;
+static int msie_hack=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int total=0;
+ int total_done=0;
+ int badops=0;
+ int ret=1;
+ int req=0;
+ int verbose=0;
+ int gencrl=0;
+ long crldays=0;
+ long crlhours=0;
+ long errorline= -1;
+ char *configfile=NULL;
+ char *md=NULL;
+ char *policy=NULL;
+ char *keyfile=NULL;
+ char *certfile=NULL;
+ char *infile=NULL;
+ char *spkac_file=NULL;
+ EVP_PKEY *pkey=NULL;
+ int output_der = 0;
+ char *outfile=NULL;
+ char *outdir=NULL;
+ char *serialfile=NULL;
+ char *extensions=NULL;
+ BIGNUM *serial=NULL;
+ int days=0;
+ int batch=0;
+ X509 *x509=NULL;
+ X509 *x=NULL;
+ BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
+ char *dbfile=NULL;
+ TXT_DB *db=NULL;
+ X509_CRL *crl=NULL;
+ X509_CRL_INFO *ci=NULL;
+ X509_REVOKED *r=NULL;
+ char **pp,*p,*f;
+ int i,j;
+ long l;
+ EVP_MD *dgst=NULL;
+ STACK *attribs=NULL;
+ STACK *extensions_sk=NULL;
+ STACK *cert_sk=NULL;
+ BIO *hex=NULL;
+#undef BSIZE
+#define BSIZE 256
+ MS_STATIC char buf[3][BSIZE];
+
+#ifdef EFENCE
+EF_PROTECT_FREE=1;
+EF_PROTECT_BELOW=1;
+EF_ALIGNMENT=0;
+#endif
+
+ apps_startup();
+
+ X509v3_add_netscape_extensions();
+
+ preserve=0;
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-verbose") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ configfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-name") == 0)
+ {
+ if (--argc < 1) goto bad;
+ section= *(++argv);
+ }
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days=atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-md") == 0)
+ {
+ if (--argc < 1) goto bad;
+ md= *(++argv);
+ }
+ else if (strcmp(*argv,"-policy") == 0)
+ {
+ if (--argc < 1) goto bad;
+ policy= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ &n
projects / openssl.git / commitdiff