From ddac6087701302372ff8a0bd9918eb9d21752d74 Mon Sep 17 00:00:00 2001 From: ms Date: Fri, 13 Oct 2006 11:51:11 +0000 Subject: [PATCH] Zwischencommit fuer LFS. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@318 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- lfs/freetype | 2 +- lfs/gd | 8 +- lfs/lcms | 2 +- lfs/libjpeg | 5 +- lfs/libmng | 7 +- lfs/libnet | 10 +- lfs/libpng | 5 +- lfs/libtiff | 9 +- lfs/popt | 8 +- lfs/python | 19 +- make.sh | 4 +- src/patches/Python-2.4.3-gdbm-1.patch | 32 + .../openssl-0.9.8d-fix_manpages-1.patch | 1887 +++++++++++++++++ 13 files changed, 1945 insertions(+), 53 deletions(-) create mode 100644 src/patches/Python-2.4.3-gdbm-1.patch create mode 100644 src/patches/openssl-0.9.8d-fix_manpages-1.patch diff --git a/lfs/freetype b/lfs/freetype index 3cb005ed8c..f990124f6c 100644 --- a/lfs/freetype +++ b/lfs/freetype @@ -74,7 +74,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && sed -i -r 's:.*(#.*BYTE.*) .*:\1:' include/freetype/config/ftoption.h cd $(DIR_APP) && ./configure --prefix=/usr - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/gd b/lfs/gd index 1380ce07a1..77846bb5a7 100644 --- a/lfs/gd +++ b/lfs/gd @@ -18,12 +18,6 @@ # Makefiles are based on LFSMake, which is # # Copyright (C) 2002 Rod Roard # # # -# Modifications by: # -# ??-12-2003 Mark Wormgoor < mark@wormgoor.com> # -# - Modified Makefile for IPCop build # -# # -# $Id: gd,v 1.5.2.4 2005/03/04 19:26:50 gespinasse Exp $ -# # ############################################################################### ############################################################################### @@ -79,7 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/lcms b/lfs/lcms index 01bb5012f1..f412755059 100644 --- a/lfs/lcms +++ b/lfs/lcms @@ -73,7 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libjpeg b/lfs/libjpeg index 6b1cf8fce9..544df341da 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -54,9 +54,6 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) -dist: - @$(PAK) - ############################################################################### # Downloading, checking, md5sum ############################################################################### @@ -78,7 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr --enable-static --enable-shared - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libmng b/lfs/libmng index 6a7a1f7ebf..702a321cb8 100644 --- a/lfs/libmng +++ b/lfs/libmng @@ -72,11 +72,8 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && cp makefiles/makefile.linux Makefile && make + cd $(DIR_APP) && cp makefiles/makefile.linux Makefile + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make prefix=/usr install - # cd $(DIR_APP) && install -v -m644 doc/man/*.3 /usr/share/man/man3 - # cd $(DIR_APP) && install -v -m644 doc/man/*.5 /usr/share/man/man5 - # cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/libmng-1.0.9 - # cd $(DIR_APP) && install -v -m644 doc/*.{png,txt} /usr/share/doc/libmng-1.0.9 @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libnet b/lfs/libnet index 19c6091916..8ddcfc927a 100644 --- a/lfs/libnet +++ b/lfs/libnet @@ -18,12 +18,6 @@ # Makefiles are based on LFSMake, which is # # Copyright (C) 2002 Rod Roard # # # -# Modifications by: # -# 23-4-2004 Mark Wormgoor # -# - Modified Makefile for IPCop build # -# # -# -# # ############################################################################### ############################################################################### @@ -36,7 +30,7 @@ VER = 1.1.2.1 THISAPP = libnet-$(VER) DL_FILE = libnet.tar.gz -DL_FROM = http://www.packetfactory.net/libnet/dist +DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/libnet TARGET = $(DIR_INFO)/$(THISAPP) @@ -79,7 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libpng b/lfs/libpng index fb08037f4f..f874dd48d2 100644 --- a/lfs/libpng +++ b/lfs/libpng @@ -72,9 +72,8 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/libpng-1.2.12-no-asm.patch - cd $(DIR_APP) && ./configure --prefix=/usr --disable-static --without-libpng-compat - cd $(DIR_APP) && make + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/libtiff b/lfs/libtiff index 38cd16ff77..e3e392b90b 100644 --- a/lfs/libtiff +++ b/lfs/libtiff @@ -30,11 +30,9 @@ VER = 3.8.2 THISAPP = tiff-$(VER) DL_FILE = $(THISAPP).tar.gz -DL_FROM = ftp://ftp.remotesensing.org/libtiff +DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) -PROG = libtiff -PAK_VER = ipfire-beta1 ############################################################################### # Top-level Rules @@ -54,9 +52,6 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) md5 : $(subst %,%_MD5,$(objects)) -dist: - @$(PAK) - ############################################################################### # Downloading, checking, md5sum ############################################################################### @@ -78,7 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure --prefix=/usr - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/popt b/lfs/popt index 0ab713b8af..780f36f11b 100644 --- a/lfs/popt +++ b/lfs/popt @@ -26,7 +26,7 @@ include Config -VER = 1.7 +VER = 1.10.4 THISAPP = popt-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -42,7 +42,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 5988e7aeb0ae4dac8d83561265984cc9 +$(DL_FILE)_MD5 = dd22a6873b43d00f75e1c1b7dcfd1ff7 install : $(TARGET) @@ -72,8 +72,10 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && sed -i -e "/*origOptString ==/c 0)" popt.c + cd $(DIR_APP) && autoreconf -f -i cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls - cd $(DIR_APP) && make + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/python b/lfs/python index 3e702be43a..9eaae71c37 100644 --- a/lfs/python +++ b/lfs/python @@ -18,12 +18,6 @@ # Makefiles are based on LFSMake, which is # # Copyright (C) 2002 Rod Roard # # # -# Modifications by: # -# ??-12-2003 Mark Wormgoor < mark@wormgoor.com> # -# - Modified Makefile for IPCop build # -# # -# $Id: python,v 1.5.2.4 2005/02/05 15:38:15 gespinasse Exp $ -# # ############################################################################### ############################################################################### @@ -32,11 +26,11 @@ include Config -VER = 2.3.4 +VER = 2.4.3 THISAPP = Python-$(VER) -DL_FILE = $(THISAPP).tgz -DL_FROM = http://www.python.org/ftp/python/$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) @@ -48,7 +42,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = b6cf0b19226861a38689d2fabd0931b3 +$(DL_FILE)_MD5 = 141c683447d5e76be1d2bd4829574f02 install : $(TARGET) @@ -78,8 +72,9 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && OPT="$(CFLAGS)" ./configure --prefix=/usr --disable-nls - cd $(DIR_APP) && make -j 3 + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/$(THISAPP)-gdbm-1.patch + cd $(DIR_APP) && OPT="$(CFLAGS)" ./configure --prefix=/usr --enable-shared --disable-nls + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/make.sh b/make.sh index bd7d5ce170..56a206794c 100644 --- a/make.sh +++ b/make.sh @@ -368,14 +368,15 @@ buildipfire() { ipfiremake openssl ipfiremake python ipfiremake libnet + ipfiremake libjpeg ipfiremake libpng ipfiremake libtiff - ipfiremake libjpeg ipfiremake lcms ipfiremake libmng ipfiremake freetype ipfiremake gd ipfiremake popt +exit 1 # Bis hierhin läufts :D ipfiremake slang ipfiremake newt ipfiremake libcap @@ -660,7 +661,6 @@ ipfirepackages() { ipfiredist lame ipfiredist libmad ipfiredist libogg - ipfiredist libtiff ipfiredist libvorbis ipfiredist mailx ipfiredist mldonkey diff --git a/src/patches/Python-2.4.3-gdbm-1.patch b/src/patches/Python-2.4.3-gdbm-1.patch new file mode 100644 index 0000000000..532c871512 --- /dev/null +++ b/src/patches/Python-2.4.3-gdbm-1.patch @@ -0,0 +1,32 @@ +Submitted By: Jim Gifford (jim at linuxfromscratch dot org) +Date: 2003-12-26 +Initial Package Version: 2.3.3 +Origin: Greg Schafer and Jim Gifford +Description: Fixes Python build issue with gdbm + + *** WARNING: renaming "dbm" since importing it failed: + build/lib.linux-i686-2.3/dbm.so: undefined symbol: dbm_firstkey + + + +$LastChangedBy: dnicholson $ +$Date: 2006-04-20 10:08:34 -0600 (Thu, 20 Apr 2006) $ + +diff -Naur Python-2.3.2.orig/setup.py Python-2.3.2/setup.py +--- Python-2.3.2.orig/setup.py 2003-09-22 01:19:45.000000000 +0000 ++++ Python-2.3.2/setup.py 2003-10-13 06:28:34.000000000 +0000 +@@ -596,12 +596,12 @@ + if self.compiler.find_library_file(lib_dirs, 'ndbm'): + ndbm_libs = ['ndbm'] + else: +- ndbm_libs = [] ++ ndbm_libs = ['gdbm', 'gdbm_compat'] + exts.append( Extension('dbm', ['dbmmodule.c'], + define_macros=[('HAVE_NDBM_H',None)], + libraries = ndbm_libs ) ) + elif (self.compiler.find_library_file(lib_dirs, 'gdbm') +- and find_file("gdbm/ndbm.h", inc_dirs, []) is not None): ++ and find_file("ndbm.h", inc_dirs, []) is not None): + exts.append( Extension('dbm', ['dbmmodule.c'], + define_macros=[('HAVE_GDBM_NDBM_H',None)], + libraries = ['gdbm'] ) ) diff --git a/src/patches/openssl-0.9.8d-fix_manpages-1.patch b/src/patches/openssl-0.9.8d-fix_manpages-1.patch new file mode 100644 index 0000000000..c4c30c37c9 --- /dev/null +++ b/src/patches/openssl-0.9.8d-fix_manpages-1.patch @@ -0,0 +1,1887 @@ +Submitted By: Robert Connolly +Date: 2005-11-13 +Initial Package Version: 0.9.8a +Upstream Status: Submitted upstream +Origin: Anderson Lizardo +Description: This patch fixes conflicts between man pages + installed by OpenSSL and those found on other + packages (particulary Shadow, Perl, and + Man-pages). It also fixes syntax errors on some + POD files that generates slightly broken man + pages. + +$LastChangedBy: igor $ +$Date: 2005-04-03 16:54:23 -0600 (Sun, 03 Apr 2005) $ + +--- openssl-0.9.8a.orig/FAQ 2006-09-11 08:56:58.000000000 -0500 ++++ openssl-0.9.8a/FAQ 2006-09-11 08:57:19.000000000 -0500 +@@ -680,7 +680,7 @@ + + Multi-threaded applications must provide two callback functions to + OpenSSL by calling CRYPTO_set_locking_callback() and +-CRYPTO_set_id_callback(). This is described in the threads(3) ++CRYPTO_set_id_callback(). This is described in the openssl_threads(3) + manpage. + + * I've compiled a program under Windows and it crashes: why? +diff -Naur openssl-0.9.8a.orig/crypto/rand/md_rand.c openssl-0.9.8a/crypto/rand/md_rand.c +--- openssl-0.9.8a.orig/crypto/rand/md_rand.c 2005-04-07 22:53:35.000000000 +0000 ++++ openssl-0.9.8a/crypto/rand/md_rand.c 2005-11-14 03:59:59.000000000 +0000 +@@ -196,7 +196,7 @@ + int do_not_lock; + + /* +- * (Based on the rand(3) manpage) ++ * (Based on the openssl_rand(3) manpage) + * + * The input is chopped up into units of 20 bytes (or less for + * the last block). Each of these blocks is run through the hash +@@ -351,7 +351,7 @@ + num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2); + + /* +- * (Based on the rand(3) manpage:) ++ * (Based on the openssl_rand(3) manpage) + * + * For each group of 10 bytes (or less), we do the following: + * +diff -Naur openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod openssl-0.9.8a/doc/apps/openssl-passwd.pod +--- openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-0.9.8a/doc/apps/openssl-passwd.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -0,0 +1,82 @@ ++=pod ++ ++=head1 NAME ++ ++openssl-passwd - compute password hashes ++ ++=head1 SYNOPSIS ++ ++B ++[B<-crypt>] ++[B<-1>] ++[B<-apr1>] ++[B<-salt> I] ++[B<-in> I] ++[B<-stdin>] ++[B<-noverify>] ++[B<-quiet>] ++[B<-table>] ++{I} ++ ++=head1 DESCRIPTION ++ ++The B command computes the hash of a password typed at ++run-time or the hash of each password in a list. The password list is ++taken from the named file for option B<-in file>, from stdin for ++option B<-stdin>, or from the command line, or from the terminal otherwise. ++The Unix standard algorithm B and the MD5-based BSD password ++algorithm B<1> and its Apache variant B are available. ++ ++=head1 OPTIONS ++ ++=over 4 ++ ++=item B<-crypt> ++ ++Use the B algorithm (default). ++ ++=item B<-1> ++ ++Use the MD5 based BSD password algorithm B<1>. ++ ++=item B<-apr1> ++ ++Use the B algorithm (Apache variant of the BSD algorithm). ++ ++=item B<-salt> I ++ ++Use the specified salt. ++When reading a password from the terminal, this implies B<-noverify>. ++ ++=item B<-in> I ++ ++Read passwords from I. ++ ++=item B<-stdin> ++ ++Read passwords from B. ++ ++=item B<-noverify> ++ ++Don't verify when reading a password from the terminal. ++ ++=item B<-quiet> ++ ++Don't output warnings when passwords given at the command line are truncated. ++ ++=item B<-table> ++ ++In the output list, prepend the cleartext password and a TAB character ++to each password hash. ++ ++=back ++ ++=head1 EXAMPLES ++ ++B prints B. ++ ++B prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>. ++ ++B prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. ++ ++=cut +diff -Naur openssl-0.9.8a.orig/doc/apps/openssl.pod openssl-0.9.8a/doc/apps/openssl.pod +--- openssl-0.9.8a.orig/doc/apps/openssl.pod 2004-01-04 18:59:14.000000000 +0000 ++++ openssl-0.9.8a/doc/apps/openssl.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -125,7 +125,7 @@ + + Online Certificate Status Protocol utility. + +-=item L|passwd(1)> ++=item L|openssl-passwd(1)> + + Generation of hashed passwords. + +@@ -325,7 +325,7 @@ + L, L, L, + L, L, + L, L, L, +-L, ++L, + L, L, L, + L, L, L, + L, L, +diff -Naur openssl-0.9.8a.orig/doc/apps/passwd.pod openssl-0.9.8a/doc/apps/passwd.pod +--- openssl-0.9.8a.orig/doc/apps/passwd.pod 2002-10-04 12:59:00.000000000 +0000 ++++ openssl-0.9.8a/doc/apps/passwd.pod 1970-01-01 00:00:00.000000000 +0000 +@@ -1,82 +0,0 @@ +-=pod +- +-=head1 NAME +- +-passwd - compute password hashes +- +-=head1 SYNOPSIS +- +-B +-[B<-crypt>] +-[B<-1>] +-[B<-apr1>] +-[B<-salt> I] +-[B<-in> I] +-[B<-stdin>] +-[B<-noverify>] +-[B<-quiet>] +-[B<-table>] +-{I} +- +-=head1 DESCRIPTION +- +-The B command computes the hash of a password typed at +-run-time or the hash of each password in a list. The password list is +-taken from the named file for option B<-in file>, from stdin for +-option B<-stdin>, or from the command line, or from the terminal otherwise. +-The Unix standard algorithm B and the MD5-based BSD password +-algorithm B<1> and its Apache variant B are available. +- +-=head1 OPTIONS +- +-=over 4 +- +-=item B<-crypt> +- +-Use the B algorithm (default). +- +-=item B<-1> +- +-Use the MD5 based BSD password algorithm B<1>. +- +-=item B<-apr1> +- +-Use the B algorithm (Apache variant of the BSD algorithm). +- +-=item B<-salt> I +- +-Use the specified salt. +-When reading a password from the terminal, this implies B<-noverify>. +- +-=item B<-in> I +- +-Read passwords from I. +- +-=item B<-stdin> +- +-Read passwords from B. +- +-=item B<-noverify> +- +-Don't verify when reading a password from the terminal. +- +-=item B<-quiet> +- +-Don't output warnings when passwords given at the command line are truncated. +- +-=item B<-table> +- +-In the output list, prepend the cleartext password and a TAB character +-to each password hash. +- +-=back +- +-=head1 EXAMPLES +- +-B prints B. +- +-B prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>. +- +-B prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. +- +-=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod openssl-0.9.8a/doc/crypto/BN_generate_prime.pod +--- openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod 2003-01-13 13:18:22.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/BN_generate_prime.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -90,7 +90,7 @@ + + =head1 SEE ALSO + +-L, L, L ++L, L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_rand.pod openssl-0.9.8a/doc/crypto/BN_rand.pod +--- openssl-0.9.8a.orig/doc/crypto/BN_rand.pod 2002-09-25 13:33:26.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/BN_rand.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -45,7 +45,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L, L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod openssl-0.9.8a/doc/crypto/CONF_modules_free.pod +--- openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod 2004-03-02 13:31:32.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/CONF_modules_free.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -37,7 +37,7 @@ + =head1 SEE ALSO + + L, L, +-L ++L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod +--- openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod 2004-03-02 13:31:32.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -51,7 +51,7 @@ + =head1 SEE ALSO + + L, L, +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod openssl-0.9.8a/doc/crypto/DH_generate_key.pod +--- openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DH_generate_key.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -40,7 +40,7 @@ + + =head1 SEE ALSO + +-L, L, L, L ++L, L, L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod +--- openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod openssl-0.9.8a/doc/crypto/DSA_do_sign.pod +--- openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DSA_do_sign.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -36,7 +36,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L, + L + +diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod openssl-0.9.8a/doc/crypto/DSA_generate_key.pod +--- openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DSA_generate_key.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -24,7 +24,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod +--- openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -90,7 +90,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod openssl-0.9.8a/doc/crypto/DSA_sign.pod +--- openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/DSA_sign.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -55,7 +55,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod 2000-02-01 01:36:58.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -41,7 +41,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod openssl-0.9.8a/doc/crypto/ERR_clear_error.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod 2000-02-01 01:36:58.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_clear_error.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -20,7 +20,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod openssl-0.9.8a/doc/crypto/ERR_error_string.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod 2004-11-14 15:11:37.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_error_string.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -60,7 +60,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L, + L + L +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod openssl-0.9.8a/doc/crypto/ERR_get_error.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod 2002-11-29 14:21:54.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_get_error.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -61,7 +61,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -35,7 +35,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_strings.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_load_strings.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -43,7 +43,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod openssl-0.9.8a/doc/crypto/ERR_print_errors.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod 2000-02-01 01:36:59.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_print_errors.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -38,7 +38,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L, + L, + L +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod openssl-0.9.8a/doc/crypto/ERR_put_error.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_put_error.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -34,7 +34,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod openssl-0.9.8a/doc/crypto/ERR_remove_state.pod +--- openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod 2000-05-19 07:54:42.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/ERR_remove_state.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -25,7 +25,7 @@ + + =head1 SEE ALSO + +-L ++L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod +--- openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod 2004-11-25 17:47:30.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod 2005-11-14 04:00:45.000000000 +0000 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod +--- openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod 2000-09-23 07:16:14.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -54,7 +54,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L, + L + +diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod openssl-0.9.8a/doc/crypto/EVP_SealInit.pod +--- openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod 2005-03-29 17:50:08.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/EVP_SealInit.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -74,7 +74,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L, + L + +diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod openssl-0.9.8a/doc/crypto/EVP_SignInit.pod +--- openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod 2005-03-22 17:55:33.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/EVP_SignInit.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -80,7 +80,7 @@ + =head1 SEE ALSO + + L, +-L, L, ++L, L, + L, L, L, + L, L, L, + L, L +diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod +--- openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod 2002-07-10 19:35:46.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -71,7 +71,7 @@ + + L, + L, +-L, L, ++L, L, + L, L, L, + L, L, L, + L, L +diff -Naur openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod openssl-0.9.8a/doc/crypto/OPENSSL_config.pod +--- openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod 2005-06-02 23:17:38.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/OPENSSL_config.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -73,7 +73,7 @@ + =head1 SEE ALSO + + L, L, +-L ++L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_add.pod openssl-0.9.8a/doc/crypto/RAND_add.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_add.pod 2000-03-22 15:30:03.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_add.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -65,7 +65,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L, L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod openssl-0.9.8a/doc/crypto/RAND_bytes.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_bytes.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -35,7 +35,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod openssl-0.9.8a/doc/crypto/RAND_cleanup.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod 2000-01-27 01:25:06.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_cleanup.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -20,7 +20,7 @@ + + =head1 SEE ALSO + +-L ++L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod openssl-0.9.8a/doc/crypto/RAND_egd.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod 2001-02-10 19:10:36.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_egd.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -69,7 +69,7 @@ + + =head1 SEE ALSO + +-L, L, ++L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod openssl-0.9.8a/doc/crypto/RAND_load_file.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod 2001-03-21 15:25:56.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_load_file.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -43,7 +43,7 @@ + + =head1 SEE ALSO + +-L, L, L ++L, L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod +--- openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod 2002-08-05 16:27:01.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -67,7 +67,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod +--- openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod 2000-02-24 11:55:10.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -34,7 +34,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod openssl-0.9.8a/doc/crypto/RSA_generate_key.pod +--- openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod 2002-09-25 13:33:27.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RSA_generate_key.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod +--- openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod 2004-03-23 21:01:34.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -73,7 +73,7 @@ + + =head1 SEE ALSO + +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod +--- openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2002-09-25 13:33:28.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -48,7 +48,7 @@ + =head1 SEE ALSO + + L, L, +-L, L, L, ++L, L, L, + L + + =head1 HISTORY +diff -Naur openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod +--- openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod 2005-03-30 11:50:14.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -63,7 +63,7 @@ + =head1 SEE ALSO + + L, L, +-L ++L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/bn.pod openssl-0.9.8a/doc/crypto/bn.pod +--- openssl-0.9.8a.orig/doc/crypto/bn.pod 2005-04-29 15:07:34.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/bn.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -167,7 +167,7 @@ + =head1 SEE ALSO + + L, +-L, L, L, L, ++L, L, L, L, + L, L, + L, L, L, + L, L, +diff -Naur openssl-0.9.8a.orig/doc/crypto/crypto.pod openssl-0.9.8a/doc/crypto/crypto.pod +--- openssl-0.9.8a.orig/doc/crypto/crypto.pod 2002-10-06 12:59:25.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/crypto.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -46,7 +46,7 @@ + + =item AUXILIARY FUNCTIONS + +-L, L, L, ++L, L, L, + L + + =item INPUT/OUTPUT, DATA ENCODING +diff -Naur openssl-0.9.8a.orig/doc/crypto/des.pod openssl-0.9.8a/doc/crypto/des.pod +--- openssl-0.9.8a.orig/doc/crypto/des.pod 2003-10-01 15:02:45.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/des.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -115,7 +115,7 @@ + the key; it is used to speed the encryption process. + + DES_random_key() generates a random key. The PRNG must be seeded +-prior to using this function (see L). If the PRNG ++prior to using this function (see L). If the PRNG + could not generate a secure key, 0 is returned. + + Before a DES key can be used, it must be converted into the +@@ -317,7 +317,7 @@ + + =head1 SEE ALSO + +-crypt(3), L, L, L ++crypt(3), L, L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/crypto/dh.pod openssl-0.9.8a/doc/crypto/dh.pod +--- openssl-0.9.8a.orig/doc/crypto/dh.pod 2002-08-05 16:27:01.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/dh.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -67,8 +67,8 @@ + + =head1 SEE ALSO + +-L, L, L, L, +-L, L, L, ++L, L, L, L, ++L, L, L, + L, L, + L, + L, +diff -Naur openssl-0.9.8a.orig/doc/crypto/dsa.pod openssl-0.9.8a/doc/crypto/dsa.pod +--- openssl-0.9.8a.orig/doc/crypto/dsa.pod 2002-08-05 16:27:01.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/dsa.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -100,7 +100,7 @@ + + =head1 SEE ALSO + +-L, L, L, L, ++L, L, L, L, + L, L, L, + L, + L, +diff -Naur openssl-0.9.8a.orig/doc/crypto/engine.pod openssl-0.9.8a/doc/crypto/engine.pod +--- openssl-0.9.8a.orig/doc/crypto/engine.pod 2004-06-17 23:40:14.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/engine.pod 2005-11-14 04:01:19.000000000 +0000 +@@ -594,6 +594,6 @@ + + =head1 SEE ALSO + +-L, L, L, L ++L, L, L, L + + =cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/err.pod openssl-0.9.8a/doc/crypto/err.pod +--- openssl-0.9.8a.orig/doc/crypto/err.pod 2002-07-10 19:35:46.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/err.pod 1970-01-01 00:00:00.000000000 +0000 +@@ -1,187 +0,0 @@ +-=pod +- +-=head1 NAME +- +-err - error codes +- +-=head1 SYNOPSIS +- +- #include +- +- unsigned long ERR_get_error(void); +- unsigned long ERR_peek_error(void); +- unsigned long ERR_get_error_line(const char **file, int *line); +- unsigned long ERR_peek_error_line(const char **file, int *line); +- unsigned long ERR_get_error_line_data(const char **file, int *line, +- const char **data, int *flags); +- unsigned long ERR_peek_error_line_data(const char **file, int *line, +- const char **data, int *flags); +- +- int ERR_GET_LIB(unsigned long e); +- int ERR_GET_FUNC(unsigned long e); +- int ERR_GET_REASON(unsigned long e); +- +- void ERR_clear_error(void); +- +- char *ERR_error_string(unsigned long e, char *buf); +- const char *ERR_lib_error_string(unsigned long e); +- const char *ERR_func_error_string(unsigned long e); +- const char *ERR_reason_error_string(unsigned long e); +- +- void ERR_print_errors(BIO *bp); +- void ERR_print_errors_fp(FILE *fp); +- +- void ERR_load_crypto_strings(void); +- void ERR_free_strings(void); +- +- void ERR_remove_state(unsigned long pid); +- +- void ERR_put_error(int lib, int func, int reason, const char *file, +- int line); +- void ERR_add_error_data(int num, ...); +- +- void ERR_load_strings(int lib,ERR_STRING_DATA str[]); +- unsigned long ERR_PACK(int lib, int func, int reason); +- int ERR_get_next_error_library(void); +- +-=head1 DESCRIPTION +- +-When a call to the OpenSSL library fails, this is usually signalled +-by the return value, and an error code is stored in an error queue +-associated with the current thread. The B library provides +-functions to obtain these error codes and textual error messages. +- +-The L manpage describes how to +-access error codes. +- +-Error codes contain information about where the error occurred, and +-what went wrong. L describes how to +-extract this information. A method to obtain human-readable error +-messages is described in L. +- +-L can be used to clear the +-error queue. +- +-Note that L should be used to +-avoid memory leaks when threads are terminated. +- +-=head1 ADDING NEW ERROR CODES TO OPENSSL +- +-See L if you want to record error codes in the +-OpenSSL error system from within your application. +- +-The remainder of this section is of interest only if you want to add +-new error codes to OpenSSL or add error codes from external libraries. +- +-=head2 Reporting errors +- +-Each sub-library has a specific macro XXXerr() that is used to report +-errors. Its first argument is a function code B, the second +-argument is a reason code B. Function codes are derived +-from the function names; reason codes consist of textual error +-descriptions. For example, the function ssl23_read() reports a +-"handshake failure" as follows: +- +- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); +- +-Function and reason codes should consist of upper case characters, +-numbers and underscores only. The error file generation script translates +-function codes into function names by looking in the header files +-for an appropriate function name, if none is found it just uses +-the capitalized form such as "SSL23_READ" in the above example. +- +-The trailing section of a reason code (after the "_R_") is translated +-into lower case and underscores changed to spaces. +- +-When you are using new function or reason codes, run B. +-The necessary B<#define>s will then automatically be added to the +-sub-library's header file. +- +-Although a library will normally report errors using its own specific +-XXXerr macro, another library's macro can be used. This is normally +-only done when a library wants to include ASN1 code which must use +-the ASN1err() macro. +- +-=head2 Adding new libraries +- +-When adding a new sub-library to OpenSSL, assign it a library number +-B, define a macro XXXerr() (both in B), add its +-name to B (in B), and add +-C to the ERR_load_crypto_strings() function +-(in B). Finally, add an entry +- +- L XXX xxx.h xxx_err.c +- +-to B, and add B to the Makefile. +-Running B will then generate a file B, and +-add all error codes used in the library to B. +- +-Additionally the library include file must have a certain form. +-Typically it will initially look like this: +- +- #ifndef HEADER_XXX_H +- #define HEADER_XXX_H +- +- #ifdef __cplusplus +- extern "C" { +- #endif +- +- /* Include files */ +- +- #include +- #include +- +- /* Macros, structures and function prototypes */ +- +- +- /* BEGIN ERROR CODES */ +- +-The B sequence is used by the error code +-generation script as the point to place new error codes, any text +-after this point will be overwritten when B is run. +-The closing #endif etc will be automatically added by the script. +- +-The generated C error code file B will load the header +-files B, B and B so the +-header file must load any additional header files containing any +-definitions it uses. +- +-=head1 USING ERROR CODES IN EXTERNAL LIBRARIES +- +-It is also possible to use OpenSSL's error code scheme in external +-libraries. The library needs to load its own codes and call the OpenSSL +-error code insertion script B explicitly to add codes to +-the header file and generate the C error code file. This will normally +-be done if the external library needs to generate new ASN1 structures +-but it can also be used to add more general purpose error code handling. +- +-TBA more details +- +-=head1 INTERNALS +- +-The error queues are stored in a hash table with one B +-entry for each pid. ERR_get_state() returns the current thread's +-B. An B can hold up to B error +-codes. When more error codes are added, the old ones are overwritten, +-on the assumption that the most recent errors are most important. +- +-Error strings are also stored in hash table. The hash tables can +-be obtained by calling ERR_get_err_state_table(void) and +-ERR_get_string_table(void) respectively. +- +-=head1 SEE ALSO +- +-L, +-L, +-L, +-L, +-L, +-L, +-L, +-L, +-L, +-L, +-L, +-L +- +-=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_err.pod openssl-0.9.8a/doc/crypto/openssl_err.pod +--- openssl-0.9.8a.orig/doc/crypto/openssl_err.pod 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/openssl_err.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -0,0 +1,187 @@ ++=pod ++ ++=head1 NAME ++ ++openssl_err - error codes ++ ++=head1 SYNOPSIS ++ ++ #include ++ ++ unsigned long ERR_get_error(void); ++ unsigned long ERR_peek_error(void); ++ unsigned long ERR_get_error_line(const char **file, int *line); ++ unsigned long ERR_peek_error_line(const char **file, int *line); ++ unsigned long ERR_get_error_line_data(const char **file, int *line, ++ const char **data, int *flags); ++ unsigned long ERR_peek_error_line_data(const char **file, int *line, ++ const char **data, int *flags); ++ ++ int ERR_GET_LIB(unsigned long e); ++ int ERR_GET_FUNC(unsigned long e); ++ int ERR_GET_REASON(unsigned long e); ++ ++ void ERR_clear_error(void); ++ ++ char *ERR_error_string(unsigned long e, char *buf); ++ const char *ERR_lib_error_string(unsigned long e); ++ const char *ERR_func_error_string(unsigned long e); ++ const char *ERR_reason_error_string(unsigned long e); ++ ++ void ERR_print_errors(BIO *bp); ++ void ERR_print_errors_fp(FILE *fp); ++ ++ void ERR_load_crypto_strings(void); ++ void ERR_free_strings(void); ++ ++ void ERR_remove_state(unsigned long pid); ++ ++ void ERR_put_error(int lib, int func, int reason, const char *file, ++ int line); ++ void ERR_add_error_data(int num, ...); ++ ++ void ERR_load_strings(int lib,ERR_STRING_DATA str[]); ++ unsigned long ERR_PACK(int lib, int func, int reason); ++ int ERR_get_next_error_library(void); ++ ++=head1 DESCRIPTION ++ ++When a call to the OpenSSL library fails, this is usually signalled ++by the return value, and an error code is stored in an error queue ++associated with the current thread. The B library provides ++functions to obtain these error codes and textual error messages. ++ ++The L manpage describes how to ++access error codes. ++ ++Error codes contain information about where the error occurred, and ++what went wrong. L describes how to ++extract this information. A method to obtain human-readable error ++messages is described in L. ++ ++L can be used to clear the ++error queue. ++ ++Note that L should be used to ++avoid memory leaks when threads are terminated. ++ ++=head1 ADDING NEW ERROR CODES TO OPENSSL ++ ++See L if you want to record error codes in the ++OpenSSL error system from within your application. ++ ++The remainder of this section is of interest only if you want to add ++new error codes to OpenSSL or add error codes from external libraries. ++ ++=head2 Reporting errors ++ ++Each sub-library has a specific macro XXXerr() that is used to report ++errors. Its first argument is a function code B, the second ++argument is a reason code B. Function codes are derived ++from the function names; reason codes consist of textual error ++descriptions. For example, the function ssl23_read() reports a ++"handshake failure" as follows: ++ ++ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); ++ ++Function and reason codes should consist of upper case characters, ++numbers and underscores only. The error file generation script translates ++function codes into function names by looking in the header files ++for an appropriate function name, if none is found it just uses ++the capitalized form such as "SSL23_READ" in the above example. ++ ++The trailing section of a reason code (after the "_R_") is translated ++into lower case and underscores changed to spaces. ++ ++When you are using new function or reason codes, run B. ++The necessary B<#define>s will then automatically be added to the ++sub-library's header file. ++ ++Although a library will normally report errors using its own specific ++XXXerr macro, another library's macro can be used. This is normally ++only done when a library wants to include ASN1 code which must use ++the ASN1err() macro. ++ ++=head2 Adding new libraries ++ ++When adding a new sub-library to OpenSSL, assign it a library number ++B, define a macro XXXerr() (both in B), add its ++name to B (in B), and add ++C to the ERR_load_crypto_strings() function ++(in B). Finally, add an entry ++ ++ L XXX xxx.h xxx_err.c ++ ++to B, and add B to the Makefile. ++Running B will then generate a file B, and ++add all error codes used in the library to B. ++ ++Additionally the library include file must have a certain form. ++Typically it will initially look like this: ++ ++ #ifndef HEADER_XXX_H ++ #define HEADER_XXX_H ++ ++ #ifdef __cplusplus ++ extern "C" { ++ #endif ++ ++ /* Include files */ ++ ++ #include ++ #include ++ ++ /* Macros, structures and function prototypes */ ++ ++ ++ /* BEGIN ERROR CODES */ ++ ++The B sequence is used by the error code ++generation script as the point to place new error codes, any text ++after this point will be overwritten when B is run. ++The closing #endif etc will be automatically added by the script. ++ ++The generated C error code file B will load the header ++files B, B and B so the ++header file must load any additional header files containing any ++definitions it uses. ++ ++=head1 USING ERROR CODES IN EXTERNAL LIBRARIES ++ ++It is also possible to use OpenSSL's error code scheme in external ++libraries. The library needs to load its own codes and call the OpenSSL ++error code insertion script B explicitly to add codes to ++the header file and generate the C error code file. This will normally ++be done if the external library needs to generate new ASN1 structures ++but it can also be used to add more general purpose error code handling. ++ ++TBA more details ++ ++=head1 INTERNALS ++ ++The error queues are stored in a hash table with one B ++entry for each pid. ERR_get_state() returns the current thread's ++B. An B can hold up to B error ++codes. When more error codes are added, the old ones are overwritten, ++on the assumption that the most recent errors are most important. ++ ++Error strings are also stored in hash table. The hash tables can ++be obtained by calling ERR_get_err_state_table(void) and ++ERR_get_string_table(void) respectively. ++ ++=head1 SEE ALSO ++ ++L, ++L, ++L, ++L, ++L, ++L, ++L, ++L, ++L, ++L, ++L, ++L ++ ++=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod openssl-0.9.8a/doc/crypto/openssl_rand.pod +--- openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/openssl_rand.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++openssl_rand - pseudo-random number generator ++ ++=head1 SYNOPSIS ++ ++ #include ++ ++ int RAND_set_rand_engine(ENGINE *engine); ++ ++ int RAND_bytes(unsigned char *buf, int num); ++ int RAND_pseudo_bytes(unsigned char *buf, int num); ++ ++ void RAND_seed(const void *buf, int num); ++ void RAND_add(const void *buf, int num, int entropy); ++ int RAND_status(void); ++ ++ int RAND_load_file(const char *file, long max_bytes); ++ int RAND_write_file(const char *file); ++ const char *RAND_file_name(char *file, size_t num); ++ ++ int RAND_egd(const char *path); ++ ++ void RAND_set_rand_method(const RAND_METHOD *meth); ++ const RAND_METHOD *RAND_get_rand_method(void); ++ RAND_METHOD *RAND_SSLeay(void); ++ ++ void RAND_cleanup(void); ++ ++ /* For Win32 only */ ++ void RAND_screen(void); ++ int RAND_event(UINT, WPARAM, LPARAM); ++ ++=head1 DESCRIPTION ++ ++Since the introduction of the ENGINE API, the recommended way of controlling ++default implementations is by using the ENGINE API functions. The default ++B, as set by RAND_set_rand_method() and returned by ++RAND_get_rand_method(), is only used if no ENGINE has been set as the default ++"rand" implementation. Hence, these two functions are no longer the recommened ++way to control defaults. ++ ++If an alternative B implementation is being used (either set ++directly or as provided by an ENGINE module), then it is entirely responsible ++for the generation and management of a cryptographically secure PRNG stream. The ++mechanisms described below relate solely to the software PRNG implementation ++built in to OpenSSL and used by default. ++ ++These functions implement a cryptographically secure pseudo-random ++number generator (PRNG). It is used by other library functions for ++example to generate random keys, and applications can use it when they ++need randomness. ++ ++A cryptographic PRNG must be seeded with unpredictable data such as ++mouse movements or keys pressed at random by the user. This is ++described in L. Its state can be saved in a seed file ++(see L) to avoid having to go through the ++seeding process whenever the application is started. ++ ++L describes how to obtain random data from the ++PRNG. ++ ++=head1 INTERNALS ++ ++The RAND_SSLeay() method implements a PRNG based on a cryptographic ++hash function. ++ ++The following description of its design is based on the SSLeay ++documentation: ++ ++First up I will state the things I believe I need for a good RNG. ++ ++=over 4 ++ ++=item 1 ++ ++A good hashing algorithm to mix things up and to convert the RNG 'state' ++to random numbers. ++ ++=item 2 ++ ++An initial source of random 'state'. ++ ++=item 3 ++ ++The state should be very large. If the RNG is being used to generate ++4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). ++If your RNG state only has 128 bits, you are obviously limiting the ++search space to 128 bits, not 2048. I'm probably getting a little ++carried away on this last point but it does indicate that it may not be ++a bad idea to keep quite a lot of RNG state. It should be easier to ++break a cipher than guess the RNG seed data. ++ ++=item 4 ++ ++Any RNG seed data should influence all subsequent random numbers ++generated. This implies that any random seed data entered will have ++an influence on all subsequent random numbers generated. ++ ++=item 5 ++ ++When using data to seed the RNG state, the data used should not be ++extractable from the RNG state. I believe this should be a ++requirement because one possible source of 'secret' semi random ++data would be a private key or a password. This data must ++not be disclosed by either subsequent random numbers or a ++'core' dump left by a program crash. ++ ++=item 6 ++ ++Given the same initial 'state', 2 systems should deviate in their RNG state ++(and hence the random numbers generated) over time if at all possible. ++ ++=item 7 ++ ++Given the random number output stream, it should not be possible to determine ++the RNG state or the next random number. ++ ++=back ++ ++The algorithm is as follows. ++ ++There is global state made up of a 1023 byte buffer (the 'state'), a ++working hash value ('md'), and a counter ('count'). ++ ++Whenever seed data is added, it is inserted into the 'state' as ++follows. ++ ++The input is chopped up into units of 20 bytes (or less for ++the last block). Each of these blocks is run through the hash ++function as follows: The data passed to the hash function ++is the current 'md', the same number of bytes from the 'state' ++(the location determined by in incremented looping index) as ++the current 'block', the new key data 'block', and 'count' ++(which is incremented after each use). ++The result of this is kept in 'md' and also xored into the ++'state' at the same locations that were used as input into the ++hash function. I ++believe this system addresses points 1 (hash function; currently ++SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash ++function and xor). ++ ++When bytes are extracted from the RNG, the following process is used. ++For each group of 10 bytes (or less), we do the following: ++ ++Input into the hash function the local 'md' (which is initialized from ++the global 'md' before any bytes are generated), the bytes that are to ++be overwritten by the random bytes, and bytes from the 'state' ++(incrementing looping index). From this digest output (which is kept ++in 'md'), the top (up to) 10 bytes are returned to the caller and the ++bottom 10 bytes are xored into the 'state'. ++ ++Finally, after we have finished 'num' random bytes for the caller, ++'count' (which is incremented) and the local and global 'md' are fed ++into the hash function and the results are kept in the global 'md'. ++ ++I believe the above addressed points 1 (use of SHA-1), 6 (by hashing ++into the 'state' the 'old' data from the caller that is about to be ++overwritten) and 7 (by not using the 10 bytes given to the caller to ++update the 'state', but they are used to update 'md'). ++ ++So of the points raised, only 2 is not addressed (but see ++L). ++ ++=head1 SEE ALSO ++ ++L, L, ++L, L, ++L, ++L, ++L ++ ++=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod openssl-0.9.8a/doc/crypto/openssl_threads.pod +--- openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/openssl_threads.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks, ++CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback, ++CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid, ++CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support ++ ++=head1 SYNOPSIS ++ ++ #include ++ ++ void CRYPTO_set_locking_callback(void (*locking_function)(int mode, ++ int n, const char *file, int line)); ++ ++ void CRYPTO_set_id_callback(unsigned long (*id_function)(void)); ++ ++ int CRYPTO_num_locks(void); ++ ++ ++ /* struct CRYPTO_dynlock_value needs to be defined by the user */ ++ struct CRYPTO_dynlock_value; ++ ++ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value * ++ (*dyn_create_function)(char *file, int line)); ++ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function) ++ (int mode, struct CRYPTO_dynlock_value *l, ++ const char *file, int line)); ++ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function) ++ (struct CRYPTO_dynlock_value *l, const char *file, int line)); ++ ++ int CRYPTO_get_new_dynlockid(void); ++ ++ void CRYPTO_destroy_dynlockid(int i); ++ ++ void CRYPTO_lock(int mode, int n, const char *file, int line); ++ ++ #define CRYPTO_w_lock(type) \ ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ #define CRYPTO_w_unlock(type) \ ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ #define CRYPTO_r_lock(type) \ ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ #define CRYPTO_r_unlock(type) \ ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ #define CRYPTO_add(addr,amount,type) \ ++ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) ++ ++=head1 DESCRIPTION ++ ++OpenSSL can safely be used in multi-threaded applications provided ++that at least two callback functions are set. ++ ++locking_function(int mode, int n, const char *file, int line) is ++needed to perform locking on shared data structures. ++(Note that OpenSSL uses a number of global data structures that ++will be implicitly shared whenever multiple threads use OpenSSL.) ++Multi-threaded applications will crash at random if it is not set. ++ ++locking_function() must be able to handle up to CRYPTO_num_locks() ++different mutex locks. It sets the B-th lock if B & ++B, and releases it otherwise. ++ ++B and B are the file number of the function setting the ++lock. They can be useful for debugging. ++ ++id_function(void) is a function that returns a thread ID, for example ++pthread_self() if it returns an integer (see NOTES below). It isn't ++needed on Windows nor on platforms where getpid() returns a different ++ID for each thread (see NOTES below). ++ ++Additionally, OpenSSL supports dynamic locks, and sometimes, some parts ++of OpenSSL need it for better performance. To enable this, the following ++is required: ++ ++=over 4 ++ ++=item * ++Three additional callback function, dyn_create_function, dyn_lock_function ++and dyn_destroy_function. ++ ++=item * ++A structure defined with the data that each lock needs to handle. ++ ++=back ++ ++struct CRYPTO_dynlock_value has to be defined to contain whatever structure ++is needed to handle locks. ++ ++dyn_create_function(const char *file, int line) is needed to create a ++lock. Multi-threaded applications might crash at random if it is not set. ++ ++dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line) ++is needed to perform locking off dynamic lock numbered n. Multi-threaded ++applications might crash at random if it is not set. ++ ++dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is ++needed to destroy the lock l. Multi-threaded applications might crash at ++random if it is not set. ++ ++CRYPTO_get_new_dynlockid() is used to create locks. It will call ++dyn_create_function for the actual creation. ++ ++CRYPTO_destroy_dynlockid() is used to destroy locks. It will call ++dyn_destroy_function for the actual destruction. ++ ++CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield ++describing what should be done with the lock. n is the number of the ++lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined ++from the following values. These values are pairwise exclusive, with ++undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE ++should not be used together): ++ ++ CRYPTO_LOCK 0x01 ++ CRYPTO_UNLOCK 0x02 ++ CRYPTO_READ 0x04 ++ CRYPTO_WRITE 0x08 ++ ++=head1 RETURN VALUES ++ ++CRYPTO_num_locks() returns the required number of locks. ++ ++CRYPTO_get_new_dynlockid() returns the index to the newly created lock. ++ ++The other functions return no values. ++ ++=head1 NOTES ++ ++You can find out if OpenSSL was configured with thread support: ++ ++ #define OPENSSL_THREAD_DEFINES ++ #include ++ #if defined(OPENSSL_THREADS) ++ // thread support enabled ++ #else ++ // no thread support ++ #endif ++ ++Also, dynamic locks are currently not used internally by OpenSSL, but ++may do so in the future. ++ ++Defining id_function(void) has it's own issues. Generally speaking, ++pthread_self() should be used, even on platforms where getpid() gives ++different answers in each thread, since that may depend on the machine ++the program is run on, not the machine where the program is being ++compiled. For instance, Red Hat 8 Linux and earlier used ++LinuxThreads, whose getpid() returns a different value for each ++thread. Red Hat 9 Linux and later use NPTL, which is ++Posix-conformant, and has a getpid() that returns the same value for ++all threads in a process. A program compiled on Red Hat 8 and run on ++Red Hat 9 will therefore see getpid() returning the same value for ++all threads. ++ ++There is still the issue of platforms where pthread_self() returns ++something other than an integer. This is a bit unusual, and this ++manual has no cookbook solution for that case. ++ ++=head1 EXAMPLES ++ ++B shows examples of the callback functions on ++Solaris, Irix and Win32. ++ ++=head1 HISTORY ++ ++CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are ++available in all versions of SSLeay and OpenSSL. ++CRYPTO_num_locks() was added in OpenSSL 0.9.4. ++All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev. ++ ++=head1 SEE ALSO ++ ++L ++ ++=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/rand.pod openssl-0.9.8a/doc/crypto/rand.pod +--- openssl-0.9.8a.orig/doc/crypto/rand.pod 2002-08-05 16:27:01.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/rand.pod 1970-01-01 00:00:00.000000000 +0000 +@@ -1,175 +0,0 @@ +-=pod +- +-=head1 NAME +- +-rand - pseudo-random number generator +- +-=head1 SYNOPSIS +- +- #include +- +- int RAND_set_rand_engine(ENGINE *engine); +- +- int RAND_bytes(unsigned char *buf, int num); +- int RAND_pseudo_bytes(unsigned char *buf, int num); +- +- void RAND_seed(const void *buf, int num); +- void RAND_add(const void *buf, int num, int entropy); +- int RAND_status(void); +- +- int RAND_load_file(const char *file, long max_bytes); +- int RAND_write_file(const char *file); +- const char *RAND_file_name(char *file, size_t num); +- +- int RAND_egd(const char *path); +- +- void RAND_set_rand_method(const RAND_METHOD *meth); +- const RAND_METHOD *RAND_get_rand_method(void); +- RAND_METHOD *RAND_SSLeay(void); +- +- void RAND_cleanup(void); +- +- /* For Win32 only */ +- void RAND_screen(void); +- int RAND_event(UINT, WPARAM, LPARAM); +- +-=head1 DESCRIPTION +- +-Since the introduction of the ENGINE API, the recommended way of controlling +-default implementations is by using the ENGINE API functions. The default +-B, as set by RAND_set_rand_method() and returned by +-RAND_get_rand_method(), is only used if no ENGINE has been set as the default +-"rand" implementation. Hence, these two functions are no longer the recommened +-way to control defaults. +- +-If an alternative B implementation is being used (either set +-directly or as provided by an ENGINE module), then it is entirely responsible +-for the generation and management of a cryptographically secure PRNG stream. The +-mechanisms described below relate solely to the software PRNG implementation +-built in to OpenSSL and used by default. +- +-These functions implement a cryptographically secure pseudo-random +-number generator (PRNG). It is used by other library functions for +-example to generate random keys, and applications can use it when they +-need randomness. +- +-A cryptographic PRNG must be seeded with unpredictable data such as +-mouse movements or keys pressed at random by the user. This is +-described in L. Its state can be saved in a seed file +-(see L) to avoid having to go through the +-seeding process whenever the application is started. +- +-L describes how to obtain random data from the +-PRNG. +- +-=head1 INTERNALS +- +-The RAND_SSLeay() method implements a PRNG based on a cryptographic +-hash function. +- +-The following description of its design is based on the SSLeay +-documentation: +- +-First up I will state the things I believe I need for a good RNG. +- +-=over 4 +- +-=item 1 +- +-A good hashing algorithm to mix things up and to convert the RNG 'state' +-to random numbers. +- +-=item 2 +- +-An initial source of random 'state'. +- +-=item 3 +- +-The state should be very large. If the RNG is being used to generate +-4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). +-If your RNG state only has 128 bits, you are obviously limiting the +-search space to 128 bits, not 2048. I'm probably getting a little +-carried away on this last point but it does indicate that it may not be +-a bad idea to keep quite a lot of RNG state. It should be easier to +-break a cipher than guess the RNG seed data. +- +-=item 4 +- +-Any RNG seed data should influence all subsequent random numbers +-generated. This implies that any random seed data entered will have +-an influence on all subsequent random numbers generated. +- +-=item 5 +- +-When using data to seed the RNG state, the data used should not be +-extractable from the RNG state. I believe this should be a +-requirement because one possible source of 'secret' semi random +-data would be a private key or a password. This data must +-not be disclosed by either subsequent random numbers or a +-'core' dump left by a program crash. +- +-=item 6 +- +-Given the same initial 'state', 2 systems should deviate in their RNG state +-(and hence the random numbers generated) over time if at all possible. +- +-=item 7 +- +-Given the random number output stream, it should not be possible to determine +-the RNG state or the next random number. +- +-=back +- +-The algorithm is as follows. +- +-There is global state made up of a 1023 byte buffer (the 'state'), a +-working hash value ('md'), and a counter ('count'). +- +-Whenever seed data is added, it is inserted into the 'state' as +-follows. +- +-The input is chopped up into units of 20 bytes (or less for +-the last block). Each of these blocks is run through the hash +-function as follows: The data passed to the hash function +-is the current 'md', the same number of bytes from the 'state' +-(the location determined by in incremented looping index) as +-the current 'block', the new key data 'block', and 'count' +-(which is incremented after each use). +-The result of this is kept in 'md' and also xored into the +-'state' at the same locations that were used as input into the +-hash function. I +-believe this system addresses points 1 (hash function; currently +-SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash +-function and xor). +- +-When bytes are extracted from the RNG, the following process is used. +-For each group of 10 bytes (or less), we do the following: +- +-Input into the hash function the local 'md' (which is initialized from +-the global 'md' before any bytes are generated), the bytes that are to +-be overwritten by the random bytes, and bytes from the 'state' +-(incrementing looping index). From this digest output (which is kept +-in 'md'), the top (up to) 10 bytes are returned to the caller and the +-bottom 10 bytes are xored into the 'state'. +- +-Finally, after we have finished 'num' random bytes for the caller, +-'count' (which is incremented) and the local and global 'md' are fed +-into the hash function and the results are kept in the global 'md'. +- +-I believe the above addressed points 1 (use of SHA-1), 6 (by hashing +-into the 'state' the 'old' data from the caller that is about to be +-overwritten) and 7 (by not using the 10 bytes given to the caller to +-update the 'state', but they are used to update 'md'). +- +-So of the points raised, only 2 is not addressed (but see +-L). +- +-=head1 SEE ALSO +- +-L, L, +-L, L, +-L, +-L, +-L +- +-=cut +diff -Naur openssl-0.9.8a.orig/doc/crypto/rsa.pod openssl-0.9.8a/doc/crypto/rsa.pod +--- openssl-0.9.8a.orig/doc/crypto/rsa.pod 2002-08-04 21:08:36.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/rsa.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -108,7 +108,7 @@ + =head1 SEE ALSO + + L, L, L, L, +-L, L, L, ++L, L, L, + L, + L, L, + L, +diff -Naur openssl-0.9.8a.orig/doc/crypto/threads.pod openssl-0.9.8a/doc/crypto/threads.pod +--- openssl-0.9.8a.orig/doc/crypto/threads.pod 2005-06-18 05:52:23.000000000 +0000 ++++ openssl-0.9.8a/doc/crypto/threads.pod 1970-01-01 00:00:00.000000000 +0000 +@@ -1,175 +0,0 @@ +-=pod +- +-=head1 NAME +- +-CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks, +-CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback, +-CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid, +-CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support +- +-=head1 SYNOPSIS +- +- #include +- +- void CRYPTO_set_locking_callback(void (*locking_function)(int mode, +- int n, const char *file, int line)); +- +- void CRYPTO_set_id_callback(unsigned long (*id_function)(void)); +- +- int CRYPTO_num_locks(void); +- +- +- /* struct CRYPTO_dynlock_value needs to be defined by the user */ +- struct CRYPTO_dynlock_value; +- +- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value * +- (*dyn_create_function)(char *file, int line)); +- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function) +- (int mode, struct CRYPTO_dynlock_value *l, +- const char *file, int line)); +- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function) +- (struct CRYPTO_dynlock_value *l, const char *file, int line)); +- +- int CRYPTO_get_new_dynlockid(void); +- +- void CRYPTO_destroy_dynlockid(int i); +- +- void CRYPTO_lock(int mode, int n, const char *file, int line); +- +- #define CRYPTO_w_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +- #define CRYPTO_w_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +- #define CRYPTO_r_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) +- #define CRYPTO_r_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) +- #define CRYPTO_add(addr,amount,type) \ +- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) +- +-=head1 DESCRIPTION +- +-OpenSSL can safely be used in multi-threaded applications provided +-that at least two callback functions are set. +- +-locking_function(int mode, int n, const char *file, int line) is +-needed to perform locking on shared data structures. +-(Note that OpenSSL uses a number of global data structures that +-will be implicitly shared whenever multiple threads use OpenSSL.) +-Multi-threaded applications will crash at random if it is not set. +- +-locking_function() must be able to handle up to CRYPTO_num_locks() +-different mutex locks. It sets the B-th lock if B & +-B, and releases it otherwise. +- +-B and B are the file number of the function setting the +-lock. They can be useful for debugging. +- +-id_function(void) is a function that returns a thread ID, for example +-pthread_self() if it returns an integer (see NOTES below). It isn't +-needed on Windows nor on platforms where getpid() returns a different +-ID for each thread (see NOTES below). +- +-Additionally, OpenSSL supports dynamic locks, and sometimes, some parts +-of OpenSSL need it for better performance. To enable this, the following +-is required: +- +-=over 4 +- +-=item * +-Three additional callback function, dyn_create_function, dyn_lock_function +-and dyn_destroy_function. +- +-=item * +-A structure defined with the data that each lock needs to handle. +- +-=back +- +-struct CRYPTO_dynlock_value has to be defined to contain whatever structure +-is needed to handle locks. +- +-dyn_create_function(const char *file, int line) is needed to create a +-lock. Multi-threaded applications might crash at random if it is not set. +- +-dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line) +-is needed to perform locking off dynamic lock numbered n. Multi-threaded +-applications might crash at random if it is not set. +- +-dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is +-needed to destroy the lock l. Multi-threaded applications might crash at +-random if it is not set. +- +-CRYPTO_get_new_dynlockid() is used to create locks. It will call +-dyn_create_function for the actual creation. +- +-CRYPTO_destroy_dynlockid() is used to destroy locks. It will call +-dyn_destroy_function for the actual destruction. +- +-CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield +-describing what should be done with the lock. n is the number of the +-lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined +-from the following values. These values are pairwise exclusive, with +-undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE +-should not be used together): +- +- CRYPTO_LOCK 0x01 +- CRYPTO_UNLOCK 0x02 +- CRYPTO_READ 0x04 +- CRYPTO_WRITE 0x08 +- +-=head1 RETURN VALUES +- +-CRYPTO_num_locks() returns the required number of locks. +- +-CRYPTO_get_new_dynlockid() returns the index to the newly created lock. +- +-The other functions return no values. +- +-=head1 NOTES +- +-You can find out if OpenSSL was configured with thread support: +- +- #define OPENSSL_THREAD_DEFINES +- #include +- #if defined(OPENSSL_THREADS) +- // thread support enabled +- #else +- // no thread support +- #endif +- +-Also, dynamic locks are currently not used internally by OpenSSL, but +-may do so in the future. +- +-Defining id_function(void) has it's own issues. Generally speaking, +-pthread_self() should be used, even on platforms where getpid() gives +-different answers in each thread, since that may depend on the machine +-the program is run on, not the machine where the program is being +-compiled. For instance, Red Hat 8 Linux and earlier used +-LinuxThreads, whose getpid() returns a different value for each +-thread. Red Hat 9 Linux and later use NPTL, which is +-Posix-conformant, and has a getpid() that returns the same value for +-all threads in a process. A program compiled on Red Hat 8 and run on +-Red Hat 9 will therefore see getpid() returning the same value for +-all threads. +- +-There is still the issue of platforms where pthread_self() returns +-something other than an integer. This is a bit unusual, and this +-manual has no cookbook solution for that case. +- +-=head1 EXAMPLES +- +-B shows examples of the callback functions on +-Solaris, Irix and Win32. +- +-=head1 HISTORY +- +-CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are +-available in all versions of SSLeay and OpenSSL. +-CRYPTO_num_locks() was added in OpenSSL 0.9.4. +-All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev. +- +-=head1 SEE ALSO +- +-L +- +-=cut +diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod openssl-0.9.8a/doc/ssl/SSL_get_error.pod +--- openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod 2005-03-30 11:50:14.000000000 +0000 ++++ openssl-0.9.8a/doc/ssl/SSL_get_error.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -105,7 +105,7 @@ + + =head1 SEE ALSO + +-L, L ++L, L + + =head1 HISTORY + +diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_want.pod openssl-0.9.8a/doc/ssl/SSL_want.pod +--- openssl-0.9.8a.orig/doc/ssl/SSL_want.pod 2005-03-30 11:50:14.000000000 +0000 ++++ openssl-0.9.8a/doc/ssl/SSL_want.pod 2005-11-14 03:59:59.000000000 +0000 +@@ -72,6 +72,6 @@ + + =head1 SEE ALSO + +-L, L, L ++L, L, L + + =cut -- 2.39.2