openssl: Update to 1.0.0-beta5.

diff --git a/pkgs/core/openssl/openssl.nm b/pkgs/core/openssl/openssl.nm
index 95c1e3c7daff98839fced6b9ef1d5294991a068f..bc32f57b7c90a94fe1eab1edeee22b7db04852ff 100644 (file)
--- a/pkgs/core/openssl/openssl.nm
+++ b/pkgs/core/openssl/openssl.nm
@@ -25,10 +25,10 @@
 include $(PKGROOT)/Include
 
 PKG_NAME       = openssl
-PKG_VER        = 0.9.8k
+PKG_VER        = 1.0.0-beta5
 PKG_REL        = 0
 
-PKG_MAINTAINER =
+PKG_MAINTAINER = Michael Tremer <michael.tremer@ipfire.org>
 PKG_GROUP      = System/Libraries
 PKG_URL        = http://www.openssl.org/
 PKG_LICENSE    = OpenSSL
@@ -58,13 +58,7 @@ endif
 #endif
 #endif
 
-###############################################################################
-# Installation Details
-###############################################################################
-
 define STAGE_PREPARE_CMDS
-       cd $(DIR_APP) && sed -e 's/-O3 -fomit-frame-pointer/$(CFLAGS)/' -i Configure
-
        cd $(DIR_APP) && sed -e 's/__OpenBSD__/__linux__/' -e 's/arandom/urandom/' \
                                -i crypto/rand/randfile.c
 
@@ -72,6 +66,13 @@ define STAGE_PREPARE_CMDS
 
        cd $(DIR_APP) && find crypto/ -name Makefile -exec \
                sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \;
+
+       # # Modify the various perl scripts to reference perl in the right location.
+       cd $(DIR_APP) && perl util/perlpath.pl /usr/bin
+
+       # Generate a table with the compile settings for my perusal.
+       cd $(DIR_APP) && touch Makefile
+       cd $(DIR_APP) && make TABLE PERL=/usr/bin/perl
 endef
 
 define STAGE_BUILD
@@ -96,7 +97,7 @@ define STAGE_BUILD
                        -DSSL_FORBID_ENULL
 
        # Build.
-       cd $(DIR_APP) && make all build-shared #$(PARALLELISMFLAGS)
+       cd $(DIR_APP) && make depend all build-shared RPM_OPT_FLAGS="$(CFLAGS)" #$(PARALLELISMFLAGS)
 
        # Generate hashes for the included certs.
        cd $(DIR_APP) && make rehash build-shared
@@ -109,6 +110,10 @@ endef
 define STAGE_INSTALL
        cd $(DIR_APP) && make install build-shared INSTALL_PREFIX=$(BUILDROOT)
 
+       # Install manpages do right place
+       -mkdir -pv $(BUILDROOT)/usr/share
+       mv -v $(BUILDROOT)/etc/pki/tls/man $(BUILDROOT)/usr/share/
+
        -mkdir -pv $(BUILDROOT)/usr/lib/openssl
        mv -v $(BUILDROOT)/usr/lib/engines $(BUILDROOT)/usr/lib/openssl
 

diff --git a/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch b/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch
new file mode 100644 (file)
index 0000000..08adf1c
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch
@@ -0,0 +1,24 @@
+diff -up openssl-0.9.8b/ssl/ssltest.c.use-localhost openssl-0.9.8b/ssl/ssltest.c
+--- openssl-0.9.8b/ssl/ssltest.c.use-localhost 2006-02-24 18:58:35.000000000 +0100
++++ openssl-0.9.8b/ssl/ssltest.c       2007-08-03 14:06:16.000000000 +0200
+@@ -839,19 +839,8 @@ bad:
+ #ifndef OPENSSL_NO_KRB5
+       if (c_ssl  &&  c_ssl->kssl_ctx)
+                 {
+-                char  localhost[MAXHOSTNAMELEN+2];
+-
+-              if (gethostname(localhost, sizeof localhost-1) == 0)
+-                        {
+-                      localhost[sizeof localhost-1]='\0';
+-                      if(strlen(localhost) == sizeof localhost-1)
+-                              {
+-                              BIO_printf(bio_err,"localhost name too long\n");
+-                              goto end;
+-                              }
+                       kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
+-                                localhost);
+-                      }
++                                "localhost");
+               }
+ #endif    /* OPENSSL_NO_KRB5  */
+ 

diff --git a/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch b/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch
new file mode 100644 (file)
index 0000000..65af5a8
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch
@@ -0,0 +1,13 @@
+Do not implicitly load the zlib support if OPENSSL_NO_DEFAULT_ZLIB is set.
+diff -up openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib openssl-0.9.8j/ssl/ssl_ciph.c
+--- openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib   2009-01-05 15:43:07.000000000 +0100
++++ openssl-0.9.8j/ssl/ssl_ciph.c      2009-01-14 17:47:46.000000000 +0100
+@@ -287,7 +287,7 @@ static void load_builtin_compressions(vo
+ 
+                       MemCheck_off();
+                       ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
+-                      if (ssl_comp_methods != NULL)
++                      if (ssl_comp_methods != NULL && getenv("OPENSSL_NO_DEFAULT_ZLIB") == NULL)
+                               {
+                               comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+                               if (comp != NULL)

diff --git a/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch b/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch
new file mode 100644 (file)
index 0000000..f54326c
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch
@@ -0,0 +1,48 @@
+diff -up openssl-0.9.8j/apps/version.c.version-add-engines openssl-0.9.8j/apps/version.c
+--- openssl-0.9.8j/apps/version.c.version-add-engines  2008-10-20 14:53:33.000000000 +0200
++++ openssl-0.9.8j/apps/version.c      2009-01-13 23:22:03.000000000 +0100
+@@ -131,6 +131,7 @@
+ #ifndef OPENSSL_NO_BF
+ # include <openssl/blowfish.h>
+ #endif
++#include <openssl/engine.h>
+ 
+ #undef PROG
+ #define PROG  version_main
+@@ -140,7 +141,7 @@ int MAIN(int, char **);
+ int MAIN(int argc, char **argv)
+       {
+       int i,ret=0;
+-      int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
++      int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
+ 
+       apps_startup();
+ 
+@@ -164,7 +165,7 @@ int MAIN(int argc, char **argv)
+               else if (strcmp(argv[i],"-d") == 0)
+                       dir=1;
+               else if (strcmp(argv[i],"-a") == 0)
+-                      date=version=cflags=options=platform=dir=1;
++                      date=version=cflags=options=platform=dir=engines=1;
+               else
+                       {
+                       BIO_printf(bio_err,"usage:version -[avbofpd]\n");
+@@ -211,6 +212,18 @@ int MAIN(int argc, char **argv)
+               }
+       if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
+       if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
++      if (engines)
++              {
++              ENGINE *e;
++              printf("engines:  ");
++              e = ENGINE_get_first();
++              while (e)
++                      {
++                      printf("%s ", ENGINE_get_id(e));
++                      e = ENGINE_get_next(e);
++                      }
++              printf("\n");
++              }
+ end:
+       apps_shutdown();
+       OPENSSL_EXIT(ret);

diff --git a/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch b/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch
deleted file mode 100644 (file)
index 0c33b74..0000000
--- a/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch
+++ /dev/null
@@ -1,39 +0,0 @@
---- openssl-0.9.8a/Configure.enginesdir        2005-11-04 15:06:37.000000000 +0100
-+++ openssl-0.9.8a/Configure   2005-11-07 14:15:12.000000000 +0100
-@@ -560,6 +560,7 @@
- 
- my $prefix="";
- my $openssldir="";
-+my $enginesdir="";
- my $exe_ext="";
- my $install_prefix="";
- my $no_threads=0;
-@@ -739,6 +740,10 @@
-                               {
-                               $openssldir=$1;
-                               }
-+                      elsif (/^--enginesdir=(.*)$/)
-+                              {
-+                              $enginesdir=$1;
-+                              }
-                       elsif (/^--install.prefix=(.*)$/)
-                               {
-                               $install_prefix=$1;
-@@ -923,7 +928,7 @@
- 
- $openssldir=$prefix . "/ssl" if $openssldir eq "";
- $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
--
-+$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
- 
- print "IsMK1MF=$IsMK1MF\n";
- 
-@@ -1430,7 +1435,7 @@
-       if      (/^#define\s+OPENSSLDIR/)
-               { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
-       elsif   (/^#define\s+ENGINESDIR/)
--              { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
-+              { print OUT "#define ENGINESDIR \"$enginesdir\"\n"; }
-       elsif   (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
-               { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
-                       if $export_var_as_fn;

diff --git a/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch b/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch
deleted file mode 100644 (file)
index 69189c9..0000000
--- a/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch
+++ /dev/null
@@ -1,1888 +0,0 @@
-Submitted By: Robert Connolly <robert at linuxfromscratch dot org>
-Date: 2005-11-13
-Initial Package Version: 0.9.8a
-Upstream Status: Submitted upstream
-Origin: Anderson Lizardo
-Description: This patch fixes conflicts between man pages
-            installed by OpenSSL and those found on other
-            packages (particulary Shadow, Perl, and
-            Man-pages). It also fixes syntax errors on some
-            POD files that generates slightly broken man
-            pages.
-
-$LastChangedBy: igor $
-$Date: 2005-04-03 16:54:23 -0600 (Sun, 03 Apr 2005) $
-
-diff -Naur openssl-0.9.8a.orig/FAQ openssl-0.9.8a/FAQ
---- openssl-0.9.8a.orig/FAQ    2005-10-11 10:16:06.000000000 +0000
-+++ openssl-0.9.8a/FAQ 2005-11-14 03:59:59.000000000 +0000
-@@ -680,7 +680,7 @@
- 
- Multi-threaded applications must provide two callback functions to
- OpenSSL by calling CRYPTO_set_locking_callback() and
--CRYPTO_set_id_callback().  This is described in the threads(3)
-+CRYPTO_set_id_callback().  This is described in the openssl_threads(3)
- manpage.
- 
- * I've compiled a program under Windows and it crashes: why?
-diff -Naur openssl-0.9.8a.orig/crypto/rand/md_rand.c openssl-0.9.8a/crypto/rand/md_rand.c
---- openssl-0.9.8a.orig/crypto/rand/md_rand.c  2005-04-07 22:53:35.000000000 +0000
-+++ openssl-0.9.8a/crypto/rand/md_rand.c       2005-11-14 03:59:59.000000000 +0000
-@@ -196,7 +196,7 @@
-       int do_not_lock;
- 
-       /*
--       * (Based on the rand(3) manpage)
-+       * (Based on the openssl_rand(3) manpage)
-        *
-        * The input is chopped up into units of 20 bytes (or less for
-        * the last block).  Each of these blocks is run through the hash
-@@ -351,7 +351,7 @@
-       num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
- 
-       /*
--       * (Based on the rand(3) manpage:)
-+       * (Based on the openssl_rand(3) manpage)
-        *
-        * For each group of 10 bytes (or less), we do the following:
-        *
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod openssl-0.9.8a/doc/apps/openssl-passwd.pod
---- openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod    1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl-passwd.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,82 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl-passwd - compute password hashes
-+
-+=head1 SYNOPSIS
-+
-+B<openssl passwd>
-+[B<-crypt>]
-+[B<-1>]
-+[B<-apr1>]
-+[B<-salt> I<string>]
-+[B<-in> I<file>]
-+[B<-stdin>]
-+[B<-noverify>]
-+[B<-quiet>]
-+[B<-table>]
-+{I<password>}
-+
-+=head1 DESCRIPTION
-+
-+The B<passwd> command computes the hash of a password typed at
-+run-time or the hash of each password in a list.  The password list is
-+taken from the named file for option B<-in file>, from stdin for
-+option B<-stdin>, or from the command line, or from the terminal otherwise.
-+The Unix standard algorithm B<crypt> and the MD5-based BSD password
-+algorithm B<1> and its Apache variant B<apr1> are available.
-+
-+=head1 OPTIONS
-+
-+=over 4
-+
-+=item B<-crypt>
-+
-+Use the B<crypt> algorithm (default).
-+
-+=item B<-1>
-+
-+Use the MD5 based BSD password algorithm B<1>.
-+
-+=item B<-apr1>
-+
-+Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-+
-+=item B<-salt> I<string>
-+
-+Use the specified salt.
-+When reading a password from the terminal, this implies B<-noverify>.
-+
-+=item B<-in> I<file>
-+
-+Read passwords from I<file>.
-+
-+=item B<-stdin>
-+
-+Read passwords from B<stdin>.
-+
-+=item B<-noverify>
-+
-+Don't verify when reading a password from the terminal.
-+
-+=item B<-quiet>
-+
-+Don't output warnings when passwords given at the command line are truncated.
-+
-+=item B<-table>
-+
-+In the output list, prepend the cleartext password and a TAB character
-+to each password hash.
-+
-+=back
-+
-+=head1 EXAMPLES
-+
-+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-+
-+B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-+
-+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl.pod openssl-0.9.8a/doc/apps/openssl.pod
---- openssl-0.9.8a.orig/doc/apps/openssl.pod   2004-01-04 18:59:14.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl.pod        2005-11-14 03:59:59.000000000 +0000
-@@ -125,7 +125,7 @@
- 
- Online Certificate Status Protocol utility.
- 
--=item L<B<passwd>|passwd(1)>
-+=item L<B<passwd>|openssl-passwd(1)>
- 
- Generation of hashed passwords.
- 
-@@ -325,7 +325,7 @@
- L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
- L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
- L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
--L<passwd(1)|passwd(1)>,
-+L<openssl-passwd(1)|openssl-passwd(1)>,
- L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
- L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
- L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-diff -Naur openssl-0.9.8a.orig/doc/apps/passwd.pod openssl-0.9.8a/doc/apps/passwd.pod
---- openssl-0.9.8a.orig/doc/apps/passwd.pod    2002-10-04 12:59:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/passwd.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,82 +0,0 @@
--=pod
--
--=head1 NAME
--
--passwd - compute password hashes
--
--=head1 SYNOPSIS
--
--B<openssl passwd>
--[B<-crypt>]
--[B<-1>]
--[B<-apr1>]
--[B<-salt> I<string>]
--[B<-in> I<file>]
--[B<-stdin>]
--[B<-noverify>]
--[B<-quiet>]
--[B<-table>]
--{I<password>}
--
--=head1 DESCRIPTION
--
--The B<passwd> command computes the hash of a password typed at
--run-time or the hash of each password in a list.  The password list is
--taken from the named file for option B<-in file>, from stdin for
--option B<-stdin>, or from the command line, or from the terminal otherwise.
--The Unix standard algorithm B<crypt> and the MD5-based BSD password
--algorithm B<1> and its Apache variant B<apr1> are available.
--
--=head1 OPTIONS
--
--=over 4
--
--=item B<-crypt>
--
--Use the B<crypt> algorithm (default).
--
--=item B<-1>
--
--Use the MD5 based BSD password algorithm B<1>.
--
--=item B<-apr1>
--
--Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
--
--=item B<-salt> I<string>
--
--Use the specified salt.
--When reading a password from the terminal, this implies B<-noverify>.
--
--=item B<-in> I<file>
--
--Read passwords from I<file>.
--
--=item B<-stdin>
--
--Read passwords from B<stdin>.
--
--=item B<-noverify>
--
--Don't verify when reading a password from the terminal.
--
--=item B<-quiet>
--
--Don't output warnings when passwords given at the command line are truncated.
--
--=item B<-table>
--
--In the output list, prepend the cleartext password and a TAB character
--to each password hash.
--
--=back
--
--=head1 EXAMPLES
--
--B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
--
--B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
--
--B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod openssl-0.9.8a/doc/crypto/BN_generate_prime.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod       2003-01-13 13:18:22.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_generate_prime.pod    2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_rand.pod openssl-0.9.8a/doc/crypto/BN_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_rand.pod 2002-09-25 13:33:26.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_rand.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -45,7 +45,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod openssl-0.9.8a/doc/crypto/CONF_modules_free.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod       2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_free.pod    2005-11-14 03:59:59.000000000 +0000
-@@ -37,7 +37,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
-+L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod  2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -51,7 +51,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)>
-+L<CONF_free(3)|CONF_free(3)>, L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod openssl-0.9.8a/doc/crypto/DH_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_key.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -40,7 +40,7 @@
- 
- =head1 SEE ALSO
- 
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<DH_size(3)|DH_size(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod  2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DH_free(3)|DH_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod openssl-0.9.8a/doc/crypto/DSA_do_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod     2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_do_sign.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -36,7 +36,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
- L<DSA_sign(3)|DSA_sign(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod openssl-0.9.8a/doc/crypto/DSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod        2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_key.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -24,7 +24,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_free(3)|DSA_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod openssl-0.9.8a/doc/crypto/DSA_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod        2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_sign.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -55,7 +55,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_do_sign(3)|DSA_do_sign(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod     2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -41,7 +41,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod openssl-0.9.8a/doc/crypto/ERR_clear_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod 2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_clear_error.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod openssl-0.9.8a/doc/crypto/ERR_error_string.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod        2004-11-14 15:11:37.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_error_string.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -60,7 +60,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
- L<ERR_print_errors(3)|ERR_print_errors(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod openssl-0.9.8a/doc/crypto/ERR_get_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod   2002-11-29 14:21:54.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_get_error.pod        2005-11-14 03:59:59.000000000 +0000
-@@ -61,7 +61,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod 2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod        2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_strings.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod openssl-0.9.8a/doc/crypto/ERR_print_errors.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod        2000-02-01 01:36:59.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_print_errors.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -38,7 +38,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod openssl-0.9.8a/doc/crypto/ERR_put_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod   2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_put_error.pod        2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod openssl-0.9.8a/doc/crypto/ERR_remove_state.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod        2000-05-19 07:54:42.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_remove_state.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -25,7 +25,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>
-+L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod  2004-11-25 17:47:30.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod       2005-11-14 04:00:45.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod    2000-09-23 07:16:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -54,7 +54,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_SealInit(3)|EVP_SealInit(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod openssl-0.9.8a/doc/crypto/EVP_SealInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod    2005-03-29 17:50:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SealInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -74,7 +74,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_OpenInit(3)|EVP_OpenInit(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod openssl-0.9.8a/doc/crypto/EVP_SignInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod    2005-03-22 17:55:33.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SignInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -80,7 +80,7 @@
- =head1 SEE ALSO
- 
- L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod  2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -71,7 +71,7 @@
- 
- L<evp(3)|evp(3)>,
- L<EVP_SignInit(3)|EVP_SignInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod openssl-0.9.8a/doc/crypto/OPENSSL_config.pod
---- openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod  2005-06-02 23:17:38.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/OPENSSL_config.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
--L<CONF_modules_free(3),CONF_modules_free(3)>
-+L<CONF_modules_free(3)|CONF_modules_free(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_add.pod openssl-0.9.8a/doc/crypto/RAND_add.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_add.pod        2000-03-22 15:30:03.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_add.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -65,7 +65,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
- L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod openssl-0.9.8a/doc/crypto/RAND_bytes.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod      2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_bytes.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<RAND_add(3)|RAND_add(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod openssl-0.9.8a/doc/crypto/RAND_cleanup.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod    2000-01-27 01:25:06.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_cleanup.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>
-+L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod openssl-0.9.8a/doc/crypto/RAND_egd.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod        2001-02-10 19:10:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_egd.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -69,7 +69,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
- L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod openssl-0.9.8a/doc/crypto/RAND_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod  2001-03-21 15:25:56.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_load_file.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod    2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -67,7 +67,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod 2000-02-24 11:55:10.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
- 
- =head1 SEE ALSO
- 
--L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod openssl-0.9.8a/doc/crypto/RSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod        2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_generate_key.pod     2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_free(3)|RSA_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod      2004-03-23 21:01:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
- 
- =head1 SEE ALSO
- 
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_size(3)|RSA_size(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod      2002-09-25 13:33:28.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -48,7 +48,7 @@
- =head1 SEE ALSO
- 
- L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
- L<RSA_verify(3)|RSA_verify(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod
---- openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod      2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -63,7 +63,7 @@
- =head1 SEE ALSO
- 
- L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
--L<OBJ_nid2obj(3),OBJ_nid2obj(3)>
-+L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/bn.pod openssl-0.9.8a/doc/crypto/bn.pod
---- openssl-0.9.8a.orig/doc/crypto/bn.pod      2005-04-29 15:07:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/bn.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -167,7 +167,7 @@
- =head1 SEE ALSO
- 
- L<bn_internal(3)|bn_internal(3)>,
--L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
- L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
- L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/crypto.pod openssl-0.9.8a/doc/crypto/crypto.pod
---- openssl-0.9.8a.orig/doc/crypto/crypto.pod  2002-10-06 12:59:25.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/crypto.pod       2005-11-14 03:59:59.000000000 +0000
-@@ -46,7 +46,7 @@
- 
- =item AUXILIARY FUNCTIONS
- 
--L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<openssl_threads(3)|openssl_threads(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
- 
- =item INPUT/OUTPUT, DATA ENCODING
-diff -Naur openssl-0.9.8a.orig/doc/crypto/des.pod openssl-0.9.8a/doc/crypto/des.pod
---- openssl-0.9.8a.orig/doc/crypto/des.pod     2003-10-01 15:02:45.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/des.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -115,7 +115,7 @@
- the key; it is used to speed the encryption process.
- 
- DES_random_key() generates a random key.  The PRNG must be seeded
--prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
-+prior to using this function (see L<openssl_rand(3)|openssl_rand(3)>).  If the PRNG
- could not generate a secure key, 0 is returned.
- 
- Before a DES key can be used, it must be converted into the
-@@ -317,7 +317,7 @@
- 
- =head1 SEE ALSO
- 
--crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
-+crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dh.pod openssl-0.9.8a/doc/crypto/dh.pod
---- openssl-0.9.8a.orig/doc/crypto/dh.pod      2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dh.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -67,8 +67,8 @@
- 
- =head1 SEE ALSO
- 
--L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-+L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<openssl_err(3)|openssl_err(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
- L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
- L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
- L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dsa.pod openssl-0.9.8a/doc/crypto/dsa.pod
---- openssl-0.9.8a.orig/doc/crypto/dsa.pod     2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dsa.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -100,7 +100,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
- L<DSA_new(3)|DSA_new(3)>,
- L<DSA_size(3)|DSA_size(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/engine.pod openssl-0.9.8a/doc/crypto/engine.pod
---- openssl-0.9.8a.orig/doc/crypto/engine.pod  2004-06-17 23:40:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/engine.pod       2005-11-14 04:01:19.000000000 +0000
-@@ -594,6 +594,6 @@
- 
- =head1 SEE ALSO
- 
--L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/err.pod openssl-0.9.8a/doc/crypto/err.pod
---- openssl-0.9.8a.orig/doc/crypto/err.pod     2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/err.pod  1970-01-01 00:00:00.000000000 +0000
-@@ -1,187 +0,0 @@
--=pod
--
--=head1 NAME
--
--err - error codes
--
--=head1 SYNOPSIS
--
-- #include <openssl/err.h>
--
-- unsigned long ERR_get_error(void);
-- unsigned long ERR_peek_error(void);
-- unsigned long ERR_get_error_line(const char **file, int *line);
-- unsigned long ERR_peek_error_line(const char **file, int *line);
-- unsigned long ERR_get_error_line_data(const char **file, int *line,
--         const char **data, int *flags);
-- unsigned long ERR_peek_error_line_data(const char **file, int *line,
--         const char **data, int *flags);
--
-- int ERR_GET_LIB(unsigned long e);
-- int ERR_GET_FUNC(unsigned long e);
-- int ERR_GET_REASON(unsigned long e);
--
-- void ERR_clear_error(void);
--
-- char *ERR_error_string(unsigned long e, char *buf);
-- const char *ERR_lib_error_string(unsigned long e);
-- const char *ERR_func_error_string(unsigned long e);
-- const char *ERR_reason_error_string(unsigned long e);
--
-- void ERR_print_errors(BIO *bp);
-- void ERR_print_errors_fp(FILE *fp);
--
-- void ERR_load_crypto_strings(void);
-- void ERR_free_strings(void);
--
-- void ERR_remove_state(unsigned long pid);
--
-- void ERR_put_error(int lib, int func, int reason, const char *file,
--         int line);
-- void ERR_add_error_data(int num, ...);
--
-- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-- unsigned long ERR_PACK(int lib, int func, int reason);
-- int ERR_get_next_error_library(void);
--
--=head1 DESCRIPTION
--
--When a call to the OpenSSL library fails, this is usually signalled
--by the return value, and an error code is stored in an error queue
--associated with the current thread. The B<err> library provides
--functions to obtain these error codes and textual error messages.
--
--The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
--access error codes.
--
--Error codes contain information about where the error occurred, and
--what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
--extract this information. A method to obtain human-readable error
--messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
--
--L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
--error queue.
--
--Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
--avoid memory leaks when threads are terminated.
--
--=head1 ADDING NEW ERROR CODES TO OPENSSL
--
--See L<ERR_put_error(3)> if you want to record error codes in the
--OpenSSL error system from within your application.
--
--The remainder of this section is of interest only if you want to add
--new error codes to OpenSSL or add error codes from external libraries.
--
--=head2 Reporting errors
--
--Each sub-library has a specific macro XXXerr() that is used to report
--errors. Its first argument is a function code B<XXX_F_...>, the second
--argument is a reason code B<XXX_R_...>. Function codes are derived
--from the function names; reason codes consist of textual error
--descriptions. For example, the function ssl23_read() reports a
--"handshake failure" as follows:
--
-- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
--
--Function and reason codes should consist of upper case characters,
--numbers and underscores only. The error file generation script translates
--function codes into function names by looking in the header files
--for an appropriate function name, if none is found it just uses
--the capitalized form such as "SSL23_READ" in the above example.
--
--The trailing section of a reason code (after the "_R_") is translated
--into lower case and underscores changed to spaces.
--
--When you are using new function or reason codes, run B<make errors>.
--The necessary B<#define>s will then automatically be added to the
--sub-library's header file.
--
--Although a library will normally report errors using its own specific
--XXXerr macro, another library's macro can be used. This is normally
--only done when a library wants to include ASN1 code which must use
--the ASN1err() macro.
--
--=head2 Adding new libraries
--
--When adding a new sub-library to OpenSSL, assign it a library number
--B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
--name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
--C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
--(in B<crypto/err/err_all.c>). Finally, add an entry
--
-- L    XXX     xxx.h   xxx_err.c
--
--to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
--Running B<make errors> will then generate a file B<xxx_err.c>, and
--add all error codes used in the library to B<xxx.h>.
--
--Additionally the library include file must have a certain form.
--Typically it will initially look like this:
--
-- #ifndef HEADER_XXX_H
-- #define HEADER_XXX_H
--
-- #ifdef __cplusplus
-- extern "C" {
-- #endif
--
-- /* Include files */
--
-- #include <openssl/bio.h>
-- #include <openssl/x509.h>
--
-- /* Macros, structures and function prototypes */
--
--
-- /* BEGIN ERROR CODES */
--
--The B<BEGIN ERROR CODES> sequence is used by the error code
--generation script as the point to place new error codes, any text
--after this point will be overwritten when B<make errors> is run.
--The closing #endif etc will be automatically added by the script.
--
--The generated C error code file B<xxx_err.c> will load the header
--files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
--header file must load any additional header files containing any
--definitions it uses.
--
--=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
--
--It is also possible to use OpenSSL's error code scheme in external
--libraries. The library needs to load its own codes and call the OpenSSL
--error code insertion script B<mkerr.pl> explicitly to add codes to
--the header file and generate the C error code file. This will normally
--be done if the external library needs to generate new ASN1 structures
--but it can also be used to add more general purpose error code handling.
--
--TBA more details
--
--=head1 INTERNALS
--
--The error queues are stored in a hash table with one B<ERR_STATE>
--entry for each pid. ERR_get_state() returns the current thread's
--B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
--codes. When more error codes are added, the old ones are overwritten,
--on the assumption that the most recent errors are most important.
--
--Error strings are also stored in hash table. The hash tables can
--be obtained by calling ERR_get_err_state_table(void) and
--ERR_get_string_table(void) respectively.
--
--=head1 SEE ALSO
--
--L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
--L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
--L<ERR_get_error(3)|ERR_get_error(3)>,
--L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
--L<ERR_clear_error(3)|ERR_clear_error(3)>,
--L<ERR_error_string(3)|ERR_error_string(3)>,
--L<ERR_print_errors(3)|ERR_print_errors(3)>,
--L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
--L<ERR_remove_state(3)|ERR_remove_state(3)>,
--L<ERR_put_error(3)|ERR_put_error(3)>,
--L<ERR_load_strings(3)|ERR_load_strings(3)>,
--L<SSL_get_error(3)|SSL_get_error(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_err.pod openssl-0.9.8a/doc/crypto/openssl_err.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_err.pod     1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_err.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,187 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_err - error codes
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/err.h>
-+
-+ unsigned long ERR_get_error(void);
-+ unsigned long ERR_peek_error(void);
-+ unsigned long ERR_get_error_line(const char **file, int *line);
-+ unsigned long ERR_peek_error_line(const char **file, int *line);
-+ unsigned long ERR_get_error_line_data(const char **file, int *line,
-+         const char **data, int *flags);
-+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
-+         const char **data, int *flags);
-+
-+ int ERR_GET_LIB(unsigned long e);
-+ int ERR_GET_FUNC(unsigned long e);
-+ int ERR_GET_REASON(unsigned long e);
-+
-+ void ERR_clear_error(void);
-+
-+ char *ERR_error_string(unsigned long e, char *buf);
-+ const char *ERR_lib_error_string(unsigned long e);
-+ const char *ERR_func_error_string(unsigned long e);
-+ const char *ERR_reason_error_string(unsigned long e);
-+
-+ void ERR_print_errors(BIO *bp);
-+ void ERR_print_errors_fp(FILE *fp);
-+
-+ void ERR_load_crypto_strings(void);
-+ void ERR_free_strings(void);
-+
-+ void ERR_remove_state(unsigned long pid);
-+
-+ void ERR_put_error(int lib, int func, int reason, const char *file,
-+         int line);
-+ void ERR_add_error_data(int num, ...);
-+
-+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-+ unsigned long ERR_PACK(int lib, int func, int reason);
-+ int ERR_get_next_error_library(void);
-+
-+=head1 DESCRIPTION
-+
-+When a call to the OpenSSL library fails, this is usually signalled
-+by the return value, and an error code is stored in an error queue
-+associated with the current thread. The B<err> library provides
-+functions to obtain these error codes and textual error messages.
-+
-+The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-+access error codes.
-+
-+Error codes contain information about where the error occurred, and
-+what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-+extract this information. A method to obtain human-readable error
-+messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-+
-+L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-+error queue.
-+
-+Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-+avoid memory leaks when threads are terminated.
-+
-+=head1 ADDING NEW ERROR CODES TO OPENSSL
-+
-+See L<ERR_put_error(3)> if you want to record error codes in the
-+OpenSSL error system from within your application.
-+
-+The remainder of this section is of interest only if you want to add
-+new error codes to OpenSSL or add error codes from external libraries.
-+
-+=head2 Reporting errors
-+
-+Each sub-library has a specific macro XXXerr() that is used to report
-+errors. Its first argument is a function code B<XXX_F_...>, the second
-+argument is a reason code B<XXX_R_...>. Function codes are derived
-+from the function names; reason codes consist of textual error
-+descriptions. For example, the function ssl23_read() reports a
-+"handshake failure" as follows:
-+
-+ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-+
-+Function and reason codes should consist of upper case characters,
-+numbers and underscores only. The error file generation script translates
-+function codes into function names by looking in the header files
-+for an appropriate function name, if none is found it just uses
-+the capitalized form such as "SSL23_READ" in the above example.
-+
-+The trailing section of a reason code (after the "_R_") is translated
-+into lower case and underscores changed to spaces.
-+
-+When you are using new function or reason codes, run B<make errors>.
-+The necessary B<#define>s will then automatically be added to the
-+sub-library's header file.
-+
-+Although a library will normally report errors using its own specific
-+XXXerr macro, another library's macro can be used. This is normally
-+only done when a library wants to include ASN1 code which must use
-+the ASN1err() macro.
-+
-+=head2 Adding new libraries
-+
-+When adding a new sub-library to OpenSSL, assign it a library number
-+B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-+name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-+C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-+(in B<crypto/err/err_all.c>). Finally, add an entry
-+
-+ L    XXX     xxx.h   xxx_err.c
-+
-+to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-+Running B<make errors> will then generate a file B<xxx_err.c>, and
-+add all error codes used in the library to B<xxx.h>.
-+
-+Additionally the library include file must have a certain form.
-+Typically it will initially look like this:
-+
-+ #ifndef HEADER_XXX_H
-+ #define HEADER_XXX_H
-+
-+ #ifdef __cplusplus
-+ extern "C" {
-+ #endif
-+
-+ /* Include files */
-+
-+ #include <openssl/bio.h>
-+ #include <openssl/x509.h>
-+
-+ /* Macros, structures and function prototypes */
-+
-+
-+ /* BEGIN ERROR CODES */
-+
-+The B<BEGIN ERROR CODES> sequence is used by the error code
-+generation script as the point to place new error codes, any text
-+after this point will be overwritten when B<make errors> is run.
-+The closing #endif etc will be automatically added by the script.
-+
-+The generated C error code file B<xxx_err.c> will load the header
-+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-+header file must load any additional header files containing any
-+definitions it uses.
-+
-+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-+
-+It is also possible to use OpenSSL's error code scheme in external
-+libraries. The library needs to load its own codes and call the OpenSSL
-+error code insertion script B<mkerr.pl> explicitly to add codes to
-+the header file and generate the C error code file. This will normally
-+be done if the external library needs to generate new ASN1 structures
-+but it can also be used to add more general purpose error code handling.
-+
-+TBA more details
-+
-+=head1 INTERNALS
-+
-+The error queues are stored in a hash table with one B<ERR_STATE>
-+entry for each pid. ERR_get_state() returns the current thread's
-+B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-+codes. When more error codes are added, the old ones are overwritten,
-+on the assumption that the most recent errors are most important.
-+
-+Error strings are also stored in hash table. The hash tables can
-+be obtained by calling ERR_get_err_state_table(void) and
-+ERR_get_string_table(void) respectively.
-+
-+=head1 SEE ALSO
-+
-+L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-+L<ERR_clear_error(3)|ERR_clear_error(3)>,
-+L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<ERR_print_errors(3)|ERR_print_errors(3)>,
-+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-+L<ERR_remove_state(3)|ERR_remove_state(3)>,
-+L<ERR_put_error(3)|ERR_put_error(3)>,
-+L<ERR_load_strings(3)|ERR_load_strings(3)>,
-+L<SSL_get_error(3)|SSL_get_error(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod openssl-0.9.8a/doc/crypto/openssl_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod    1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_rand.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_rand - pseudo-random number generator
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/rand.h>
-+
-+ int  RAND_set_rand_engine(ENGINE *engine);
-+
-+ int  RAND_bytes(unsigned char *buf, int num);
-+ int  RAND_pseudo_bytes(unsigned char *buf, int num);
-+
-+ void RAND_seed(const void *buf, int num);
-+ void RAND_add(const void *buf, int num, int entropy);
-+ int  RAND_status(void);
-+
-+ int  RAND_load_file(const char *file, long max_bytes);
-+ int  RAND_write_file(const char *file);
-+ const char *RAND_file_name(char *file, size_t num);
-+
-+ int  RAND_egd(const char *path);
-+
-+ void RAND_set_rand_method(const RAND_METHOD *meth);
-+ const RAND_METHOD *RAND_get_rand_method(void);
-+ RAND_METHOD *RAND_SSLeay(void);
-+
-+ void RAND_cleanup(void);
-+
-+ /* For Win32 only */
-+ void RAND_screen(void);
-+ int RAND_event(UINT, WPARAM, LPARAM);
-+
-+=head1 DESCRIPTION
-+
-+Since the introduction of the ENGINE API, the recommended way of controlling
-+default implementations is by using the ENGINE API functions. The default
-+B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
-+RAND_get_rand_method(), is only used if no ENGINE has been set as the default
-+"rand" implementation. Hence, these two functions are no longer the recommened
-+way to control defaults.
-+
-+If an alternative B<RAND_METHOD> implementation is being used (either set
-+directly or as provided by an ENGINE module), then it is entirely responsible
-+for the generation and management of a cryptographically secure PRNG stream. The
-+mechanisms described below relate solely to the software PRNG implementation
-+built in to OpenSSL and used by default.
-+
-+These functions implement a cryptographically secure pseudo-random
-+number generator (PRNG). It is used by other library functions for
-+example to generate random keys, and applications can use it when they
-+need randomness.
-+
-+A cryptographic PRNG must be seeded with unpredictable data such as
-+mouse movements or keys pressed at random by the user. This is
-+described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-+(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
-+seeding process whenever the application is started.
-+
-+L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-+PRNG. 
-+
-+=head1 INTERNALS
-+
-+The RAND_SSLeay() method implements a PRNG based on a cryptographic
-+hash function.
-+
-+The following description of its design is based on the SSLeay
-+documentation:
-+
-+First up I will state the things I believe I need for a good RNG.
-+
-+=over 4
-+
-+=item 1
-+
-+A good hashing algorithm to mix things up and to convert the RNG 'state'
-+to random numbers.
-+
-+=item 2
-+
-+An initial source of random 'state'.
-+
-+=item 3
-+
-+The state should be very large.  If the RNG is being used to generate
-+4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-+If your RNG state only has 128 bits, you are obviously limiting the
-+search space to 128 bits, not 2048.  I'm probably getting a little
-+carried away on this last point but it does indicate that it may not be
-+a bad idea to keep quite a lot of RNG state.  It should be easier to
-+break a cipher than guess the RNG seed data.
-+
-+=item 4
-+
-+Any RNG seed data should influence all subsequent random numbers
-+generated.  This implies that any random seed data entered will have
-+an influence on all subsequent random numbers generated.
-+
-+=item 5
-+
-+When using data to seed the RNG state, the data used should not be
-+extractable from the RNG state.  I believe this should be a
-+requirement because one possible source of 'secret' semi random
-+data would be a private key or a password.  This data must
-+not be disclosed by either subsequent random numbers or a
-+'core' dump left by a program crash.
-+
-+=item 6
-+
-+Given the same initial 'state', 2 systems should deviate in their RNG state
-+(and hence the random numbers generated) over time if at all possible.
-+
-+=item 7
-+
-+Given the random number output stream, it should not be possible to determine
-+the RNG state or the next random number.
-+
-+=back
-+
-+The algorithm is as follows.
-+
-+There is global state made up of a 1023 byte buffer (the 'state'), a
-+working hash value ('md'), and a counter ('count').
-+
-+Whenever seed data is added, it is inserted into the 'state' as
-+follows.
-+
-+The input is chopped up into units of 20 bytes (or less for
-+the last block).  Each of these blocks is run through the hash
-+function as follows:  The data passed to the hash function
-+is the current 'md', the same number of bytes from the 'state'
-+(the location determined by in incremented looping index) as
-+the current 'block', the new key data 'block', and 'count'
-+(which is incremented after each use).
-+The result of this is kept in 'md' and also xored into the
-+'state' at the same locations that were used as input into the
-+hash function. I
-+believe this system addresses points 1 (hash function; currently
-+SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-+function and xor).
-+
-+When bytes are extracted from the RNG, the following process is used.
-+For each group of 10 bytes (or less), we do the following:
-+
-+Input into the hash function the local 'md' (which is initialized from
-+the global 'md' before any bytes are generated), the bytes that are to
-+be overwritten by the random bytes, and bytes from the 'state'
-+(incrementing looping index). From this digest output (which is kept
-+in 'md'), the top (up to) 10 bytes are returned to the caller and the
-+bottom 10 bytes are xored into the 'state'.
-+
-+Finally, after we have finished 'num' random bytes for the caller,
-+'count' (which is incremented) and the local and global 'md' are fed
-+into the hash function and the results are kept in the global 'md'.
-+
-+I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-+into the 'state' the 'old' data from the caller that is about to be
-+overwritten) and 7 (by not using the 10 bytes given to the caller to
-+update the 'state', but they are used to update 'md').
-+
-+So of the points raised, only 2 is not addressed (but see
-+L<RAND_add(3)|RAND_add(3)>).
-+
-+=head1 SEE ALSO
-+
-+L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<RAND_bytes(3)|RAND_bytes(3)>,
-+L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-+L<RAND_cleanup(3)|RAND_cleanup(3)> 
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod openssl-0.9.8a/doc/crypto/openssl_threads.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_threads.pod      2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
-+CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
-+CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
-+CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/crypto.h>
-+
-+ void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-+        int n, const char *file, int line));
-+
-+ void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-+
-+ int CRYPTO_num_locks(void);
-+
-+
-+ /* struct CRYPTO_dynlock_value needs to be defined by the user */
-+ struct CRYPTO_dynlock_value;
-+
-+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-+      (*dyn_create_function)(char *file, int line));
-+ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-+      (int mode, struct CRYPTO_dynlock_value *l,
-+      const char *file, int line));
-+ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-+      (struct CRYPTO_dynlock_value *l, const char *file, int line));
-+
-+ int CRYPTO_get_new_dynlockid(void);
-+
-+ void CRYPTO_destroy_dynlockid(int i);
-+
-+ void CRYPTO_lock(int mode, int n, const char *file, int line);
-+
-+ #define CRYPTO_w_lock(type)  \
-+      CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_w_unlock(type)        \
-+      CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_lock(type)  \
-+      CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_unlock(type)        \
-+      CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_add(addr,amount,type) \
-+      CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-+
-+=head1 DESCRIPTION
-+
-+OpenSSL can safely be used in multi-threaded applications provided
-+that at least two callback functions are set.
-+
-+locking_function(int mode, int n, const char *file, int line) is
-+needed to perform locking on shared data structures. 
-+(Note that OpenSSL uses a number of global data structures that
-+will be implicitly shared whenever multiple threads use OpenSSL.)
-+Multi-threaded applications will crash at random if it is not set.
-+
-+locking_function() must be able to handle up to CRYPTO_num_locks()
-+different mutex locks. It sets the B<n>-th lock if B<mode> &
-+B<CRYPTO_LOCK>, and releases it otherwise.
-+
-+B<file> and B<line> are the file number of the function setting the
-+lock. They can be useful for debugging.
-+
-+id_function(void) is a function that returns a thread ID, for example
-+pthread_self() if it returns an integer (see NOTES below).  It isn't
-+needed on Windows nor on platforms where getpid() returns a different
-+ID for each thread (see NOTES below).
-+
-+Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
-+of OpenSSL need it for better performance.  To enable this, the following
-+is required:
-+
-+=over 4
-+
-+=item *
-+Three additional callback function, dyn_create_function, dyn_lock_function
-+and dyn_destroy_function.
-+
-+=item *
-+A structure defined with the data that each lock needs to handle.
-+
-+=back
-+
-+struct CRYPTO_dynlock_value has to be defined to contain whatever structure
-+is needed to handle locks.
-+
-+dyn_create_function(const char *file, int line) is needed to create a
-+lock.  Multi-threaded applications might crash at random if it is not set.
-+
-+dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
-+is needed to perform locking off dynamic lock numbered n. Multi-threaded
-+applications might crash at random if it is not set.
-+
-+dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
-+needed to destroy the lock l. Multi-threaded applications might crash at
-+random if it is not set.
-+
-+CRYPTO_get_new_dynlockid() is used to create locks.  It will call
-+dyn_create_function for the actual creation.
-+
-+CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
-+dyn_destroy_function for the actual destruction.
-+
-+CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
-+describing what should be done with the lock.  n is the number of the
-+lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
-+from the following values.  These values are pairwise exclusive, with
-+undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
-+should not be used together):
-+
-+      CRYPTO_LOCK     0x01
-+      CRYPTO_UNLOCK   0x02
-+      CRYPTO_READ     0x04
-+      CRYPTO_WRITE    0x08
-+
-+=head1 RETURN VALUES
-+
-+CRYPTO_num_locks() returns the required number of locks.
-+
-+CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
-+
-+The other functions return no values.
-+
-+=head1 NOTES
-+
-+You can find out if OpenSSL was configured with thread support:
-+
-+ #define OPENSSL_THREAD_DEFINES
-+ #include <openssl/opensslconf.h>
-+ #if defined(OPENSSL_THREADS)
-+   // thread support enabled
-+ #else
-+   // no thread support
-+ #endif
-+
-+Also, dynamic locks are currently not used internally by OpenSSL, but
-+may do so in the future.
-+
-+Defining id_function(void) has it's own issues.  Generally speaking,
-+pthread_self() should be used, even on platforms where getpid() gives
-+different answers in each thread, since that may depend on the machine
-+the program is run on, not the machine where the program is being
-+compiled.  For instance, Red Hat 8 Linux and earlier used
-+LinuxThreads, whose getpid() returns a different value for each
-+thread.  Red Hat 9 Linux and later use NPTL, which is
-+Posix-conformant, and has a getpid() that returns the same value for
-+all threads in a process.  A program compiled on Red Hat 8 and run on
-+Red Hat 9 will therefore see getpid() returning the same value for
-+all threads.
-+
-+There is still the issue of platforms where pthread_self() returns
-+something other than an integer.  This is a bit unusual, and this
-+manual has no cookbook solution for that case.
-+
-+=head1 EXAMPLES
-+
-+B<crypto/threads/mttest.c> shows examples of the callback functions on
-+Solaris, Irix and Win32.
-+
-+=head1 HISTORY
-+
-+CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
-+available in all versions of SSLeay and OpenSSL.
-+CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-+All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
-+
-+=head1 SEE ALSO
-+
-+L<crypto(3)|crypto(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rand.pod openssl-0.9.8a/doc/crypto/rand.pod
---- openssl-0.9.8a.orig/doc/crypto/rand.pod    2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rand.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--rand - pseudo-random number generator
--
--=head1 SYNOPSIS
--
-- #include <openssl/rand.h>
--
-- int  RAND_set_rand_engine(ENGINE *engine);
--
-- int  RAND_bytes(unsigned char *buf, int num);
-- int  RAND_pseudo_bytes(unsigned char *buf, int num);
--
-- void RAND_seed(const void *buf, int num);
-- void RAND_add(const void *buf, int num, int entropy);
-- int  RAND_status(void);
--
-- int  RAND_load_file(const char *file, long max_bytes);
-- int  RAND_write_file(const char *file);
-- const char *RAND_file_name(char *file, size_t num);
--
-- int  RAND_egd(const char *path);
--
-- void RAND_set_rand_method(const RAND_METHOD *meth);
-- const RAND_METHOD *RAND_get_rand_method(void);
-- RAND_METHOD *RAND_SSLeay(void);
--
-- void RAND_cleanup(void);
--
-- /* For Win32 only */
-- void RAND_screen(void);
-- int RAND_event(UINT, WPARAM, LPARAM);
--
--=head1 DESCRIPTION
--
--Since the introduction of the ENGINE API, the recommended way of controlling
--default implementations is by using the ENGINE API functions. The default
--B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
--RAND_get_rand_method(), is only used if no ENGINE has been set as the default
--"rand" implementation. Hence, these two functions are no longer the recommened
--way to control defaults.
--
--If an alternative B<RAND_METHOD> implementation is being used (either set
--directly or as provided by an ENGINE module), then it is entirely responsible
--for the generation and management of a cryptographically secure PRNG stream. The
--mechanisms described below relate solely to the software PRNG implementation
--built in to OpenSSL and used by default.
--
--These functions implement a cryptographically secure pseudo-random
--number generator (PRNG). It is used by other library functions for
--example to generate random keys, and applications can use it when they
--need randomness.
--
--A cryptographic PRNG must be seeded with unpredictable data such as
--mouse movements or keys pressed at random by the user. This is
--described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
--(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
--seeding process whenever the application is started.
--
--L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
--PRNG. 
--
--=head1 INTERNALS
--
--The RAND_SSLeay() method implements a PRNG based on a cryptographic
--hash function.
--
--The following description of its design is based on the SSLeay
--documentation:
--
--First up I will state the things I believe I need for a good RNG.
--
--=over 4
--
--=item 1
--
--A good hashing algorithm to mix things up and to convert the RNG 'state'
--to random numbers.
--
--=item 2
--
--An initial source of random 'state'.
--
--=item 3
--
--The state should be very large.  If the RNG is being used to generate
--4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
--If your RNG state only has 128 bits, you are obviously limiting the
--search space to 128 bits, not 2048.  I'm probably getting a little
--carried away on this last point but it does indicate that it may not be
--a bad idea to keep quite a lot of RNG state.  It should be easier to
--break a cipher than guess the RNG seed data.
--
--=item 4
--
--Any RNG seed data should influence all subsequent random numbers
--generated.  This implies that any random seed data entered will have
--an influence on all subsequent random numbers generated.
--
--=item 5
--
--When using data to seed the RNG state, the data used should not be
--extractable from the RNG state.  I believe this should be a
--requirement because one possible source of 'secret' semi random
--data would be a private key or a password.  This data must
--not be disclosed by either subsequent random numbers or a
--'core' dump left by a program crash.
--
--=item 6
--
--Given the same initial 'state', 2 systems should deviate in their RNG state
--(and hence the random numbers generated) over time if at all possible.
--
--=item 7
--
--Given the random number output stream, it should not be possible to determine
--the RNG state or the next random number.
--
--=back
--
--The algorithm is as follows.
--
--There is global state made up of a 1023 byte buffer (the 'state'), a
--working hash value ('md'), and a counter ('count').
--
--Whenever seed data is added, it is inserted into the 'state' as
--follows.
--
--The input is chopped up into units of 20 bytes (or less for
--the last block).  Each of these blocks is run through the hash
--function as follows:  The data passed to the hash function
--is the current 'md', the same number of bytes from the 'state'
--(the location determined by in incremented looping index) as
--the current 'block', the new key data 'block', and 'count'
--(which is incremented after each use).
--The result of this is kept in 'md' and also xored into the
--'state' at the same locations that were used as input into the
--hash function. I
--believe this system addresses points 1 (hash function; currently
--SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
--function and xor).
--
--When bytes are extracted from the RNG, the following process is used.
--For each group of 10 bytes (or less), we do the following:
--
--Input into the hash function the local 'md' (which is initialized from
--the global 'md' before any bytes are generated), the bytes that are to
--be overwritten by the random bytes, and bytes from the 'state'
--(incrementing looping index). From this digest output (which is kept
--in 'md'), the top (up to) 10 bytes are returned to the caller and the
--bottom 10 bytes are xored into the 'state'.
--
--Finally, after we have finished 'num' random bytes for the caller,
--'count' (which is incremented) and the local and global 'md' are fed
--into the hash function and the results are kept in the global 'md'.
--
--I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
--into the 'state' the 'old' data from the caller that is about to be
--overwritten) and 7 (by not using the 10 bytes given to the caller to
--update the 'state', but they are used to update 'md').
--
--So of the points raised, only 2 is not addressed (but see
--L<RAND_add(3)|RAND_add(3)>).
--
--=head1 SEE ALSO
--
--L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
--L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
--L<RAND_bytes(3)|RAND_bytes(3)>,
--L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
--L<RAND_cleanup(3)|RAND_cleanup(3)> 
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rsa.pod openssl-0.9.8a/doc/crypto/rsa.pod
---- openssl-0.9.8a.orig/doc/crypto/rsa.pod     2002-08-04 21:08:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rsa.pod  2005-11-14 03:59:59.000000000 +0000
-@@ -108,7 +108,7 @@
- =head1 SEE ALSO
- 
- L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
- L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
- L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
- L<RSA_generate_key(3)|RSA_generate_key(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/threads.pod openssl-0.9.8a/doc/crypto/threads.pod
---- openssl-0.9.8a.orig/doc/crypto/threads.pod 2005-06-18 05:52:23.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/threads.pod      1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
--CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
--CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
--CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
--
--=head1 SYNOPSIS
--
-- #include <openssl/crypto.h>
--
-- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
--        int n, const char *file, int line));
--
-- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
--
-- int CRYPTO_num_locks(void);
--
--
-- /* struct CRYPTO_dynlock_value needs to be defined by the user */
-- struct CRYPTO_dynlock_value;
--
-- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
--      (*dyn_create_function)(char *file, int line));
-- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
--      (int mode, struct CRYPTO_dynlock_value *l,
--      const char *file, int line));
-- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
--      (struct CRYPTO_dynlock_value *l, const char *file, int line));
--
-- int CRYPTO_get_new_dynlockid(void);
--
-- void CRYPTO_destroy_dynlockid(int i);
--
-- void CRYPTO_lock(int mode, int n, const char *file, int line);
--
-- #define CRYPTO_w_lock(type)  \
--      CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_w_unlock(type)        \
--      CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_r_lock(type)  \
--      CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_r_unlock(type)        \
--      CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_add(addr,amount,type) \
--      CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
--
--=head1 DESCRIPTION
--
--OpenSSL can safely be used in multi-threaded applications provided
--that at least two callback functions are set.
--
--locking_function(int mode, int n, const char *file, int line) is
--needed to perform locking on shared data structures. 
--(Note that OpenSSL uses a number of global data structures that
--will be implicitly shared whenever multiple threads use OpenSSL.)
--Multi-threaded applications will crash at random if it is not set.
--
--locking_function() must be able to handle up to CRYPTO_num_locks()
--different mutex locks. It sets the B<n>-th lock if B<mode> &
--B<CRYPTO_LOCK>, and releases it otherwise.
--
--B<file> and B<line> are the file number of the function setting the
--lock. They can be useful for debugging.
--
--id_function(void) is a function that returns a thread ID, for example
--pthread_self() if it returns an integer (see NOTES below).  It isn't
--needed on Windows nor on platforms where getpid() returns a different
--ID for each thread (see NOTES below).
--
--Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
--of OpenSSL need it for better performance.  To enable this, the following
--is required:
--
--=over 4
--
--=item *
--Three additional callback function, dyn_create_function, dyn_lock_function
--and dyn_destroy_function.
--
--=item *
--A structure defined with the data that each lock needs to handle.
--
--=back
--
--struct CRYPTO_dynlock_value has to be defined to contain whatever structure
--is needed to handle locks.
--
--dyn_create_function(const char *file, int line) is needed to create a
--lock.  Multi-threaded applications might crash at random if it is not set.
--
--dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
--is needed to perform locking off dynamic lock numbered n. Multi-threaded
--applications might crash at random if it is not set.
--
--dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
--needed to destroy the lock l. Multi-threaded applications might crash at
--random if it is not set.
--
--CRYPTO_get_new_dynlockid() is used to create locks.  It will call
--dyn_create_function for the actual creation.
--
--CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
--dyn_destroy_function for the actual destruction.
--
--CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
--describing what should be done with the lock.  n is the number of the
--lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
--from the following values.  These values are pairwise exclusive, with
--undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
--should not be used together):
--
--      CRYPTO_LOCK     0x01
--      CRYPTO_UNLOCK   0x02
--      CRYPTO_READ     0x04
--      CRYPTO_WRITE    0x08
--
--=head1 RETURN VALUES
--
--CRYPTO_num_locks() returns the required number of locks.
--
--CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
--
--The other functions return no values.
--
--=head1 NOTES
--
--You can find out if OpenSSL was configured with thread support:
--
-- #define OPENSSL_THREAD_DEFINES
-- #include <openssl/opensslconf.h>
-- #if defined(OPENSSL_THREADS)
--   // thread support enabled
-- #else
--   // no thread support
-- #endif
--
--Also, dynamic locks are currently not used internally by OpenSSL, but
--may do so in the future.
--
--Defining id_function(void) has it's own issues.  Generally speaking,
--pthread_self() should be used, even on platforms where getpid() gives
--different answers in each thread, since that may depend on the machine
--the program is run on, not the machine where the program is being
--compiled.  For instance, Red Hat 8 Linux and earlier used
--LinuxThreads, whose getpid() returns a different value for each
--thread.  Red Hat 9 Linux and later use NPTL, which is
--Posix-conformant, and has a getpid() that returns the same value for
--all threads in a process.  A program compiled on Red Hat 8 and run on
--Red Hat 9 will therefore see getpid() returning the same value for
--all threads.
--
--There is still the issue of platforms where pthread_self() returns
--something other than an integer.  This is a bit unusual, and this
--manual has no cookbook solution for that case.
--
--=head1 EXAMPLES
--
--B<crypto/threads/mttest.c> shows examples of the callback functions on
--Solaris, Irix and Win32.
--
--=head1 HISTORY
--
--CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
--available in all versions of SSLeay and OpenSSL.
--CRYPTO_num_locks() was added in OpenSSL 0.9.4.
--All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
--
--=head1 SEE ALSO
--
--L<crypto(3)|crypto(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod openssl-0.9.8a/doc/ssl/SSL_get_error.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod      2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_get_error.pod   2005-11-14 03:59:59.000000000 +0000
-@@ -105,7 +105,7 @@
- 
- =head1 SEE ALSO
- 
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_want.pod openssl-0.9.8a/doc/ssl/SSL_want.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_want.pod   2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_want.pod        2005-11-14 03:59:59.000000000 +0000
-@@ -72,6 +72,6 @@
- 
- =head1 SEE ALSO
- 
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
- 
- =cut

diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch
new file mode 100644 (file)
index 0000000..3836e89
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch
@@ -0,0 +1,44 @@
+diff -up openssl-1.0.0-beta3/Configure.soversion openssl-1.0.0-beta3/Configure
+--- openssl-1.0.0-beta3/Configure.soversion    2009-08-04 23:06:52.000000000 +0200
++++ openssl-1.0.0-beta3/Configure      2009-08-04 23:06:52.000000000 +0200
+@@ -1514,7 +1514,7 @@ while (<IN>)
+       elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+               {
+               my $sotmp = $1;
+-              s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
++              s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_SONAMEVER) .s$sotmp/;
+               }
+       elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+               {
+diff -up openssl-1.0.0-beta3/Makefile.org.soversion openssl-1.0.0-beta3/Makefile.org
+--- openssl-1.0.0-beta3/Makefile.org.soversion 2009-08-04 23:06:52.000000000 +0200
++++ openssl-1.0.0-beta3/Makefile.org   2009-08-04 23:11:01.000000000 +0200
+@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=
+ SHLIB_MINOR=
+ SHLIB_EXT=
++SHLIB_SONAMEVER=10
+ PLATFORM=dist
+ OPTIONS=
+ CONFIGURE_ARGS=
+@@ -289,10 +290,9 @@ clean-shared:
+ link-shared:
+       @ set -e; for i in $(SHLIBDIRS); do \
+               $(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+-                      LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
++                      LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
+                       LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+                       symlink.$(SHLIB_TARGET); \
+-              libs="$$libs -l$$i"; \
+       done
+ 
+ build-shared: do_$(SHLIB_TARGET) link-shared
+@@ -303,7 +303,7 @@ do_$(SHLIB_TARGET):
+                       libs="$(LIBKRB5) $$libs"; \
+               fi; \
+               $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+-                      LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
++                      LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
+                       LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+                       LIBDEPS="$$libs $(EX_LIBS)" \
+                       link_a.$(SHLIB_TARGET); \

diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch
new file mode 100644 (file)
index 0000000..4356e41
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch
@@ -0,0 +1,59 @@
+diff -up openssl-1.0.0-beta4/Configure.redhat openssl-1.0.0-beta4/Configure
+--- openssl-1.0.0-beta4/Configure.redhat       2009-11-09 15:11:13.000000000 +0100
++++ openssl-1.0.0-beta4/Configure      2009-11-12 12:15:27.000000000 +0100
+@@ -336,32 +336,32 @@ my %table=(
+ ####
+ # *-generic* is endian-neutral target, but ./config is free to
+ # throw in -D[BL]_ENDIAN, whichever appropriate...
+-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-ppc",  "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-generic32","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
++"linux-ppc",  "gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ # It's believed that majority of ARM toolchains predefine appropriate -march.
+ # If you compiler does not, do complement config command line with one!
+-"linux-armv4",        "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-armv4",        "gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ #### IA-32 targets...
+ "linux-ia32-icc",     "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-elf",  "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf",  "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+ ####
+-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-ppc64",        "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+-"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-generic64","gcc:-DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
++"linux-ppc64",        "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
++"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-x86_64",       "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+-"linux-s390x",        "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
++"linux-x86_64",       "gcc:-m64 -DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
++"linux-s390x",        "gcc:-m64 -DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64 \$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
+ #### SPARC Linux setups
+ # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
+ # assisted with debugging of following two configs.
+-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-sparcv8","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ # it's a real mess with -mcpu=ultrasparc option under Linux, but
+ # -Wa,-Av8plus should do the trick no matter what.
+-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ # GCC 3.1 is a requirement
+-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
++"linux64-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER):::64",
+ #### Alpha Linux with GNU C and Compaq C setups
+ # Special notes:
+ # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
+@@ -375,8 +375,8 @@ my %table=(
+ #
+ #                                     <appro@fy.chalmers.se>
+ #
+-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-alpha-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
++"linux-alpha+bwx-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall \$(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:\$(RPM_OPT_FLAGS):.so.\$(SHLIB_SONAMEVER)",
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+ 

diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch
new file mode 100644 (file)
index 0000000..d942d6e
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch
@@ -0,0 +1,52 @@
+diff -up openssl-1.0.0-beta5/Configure.enginesdir openssl-1.0.0-beta5/Configure
+--- openssl-1.0.0-beta5/Configure.enginesdir   2010-01-20 18:07:05.000000000 +0100
++++ openssl-1.0.0-beta5/Configure      2010-01-20 18:10:48.000000000 +0100
+@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
+ my $prefix="";
+ my $libdir="";
+ my $openssldir="";
++my $enginesdir="";
+ my $exe_ext="";
+ my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+ my $cross_compile_prefix="";
+@@ -833,6 +834,10 @@ PROCESS_ARGS:
+                               {
+                               $openssldir=$1;
+                               }
++                      elsif (/^--enginesdir=(.*)$/)
++                              {
++                              $enginesdir=$1;
++                              }
+                       elsif (/^--install.prefix=(.*)$/)
+                               {
+                               $install_prefix=$1;
+@@ -1053,7 +1058,7 @@ chop $prefix if $prefix =~ /.\/$/;
+ 
+ $openssldir=$prefix . "/ssl" if $openssldir eq "";
+ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+-
++$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
+ 
+ print "IsMK1MF=$IsMK1MF\n";
+ 
+@@ -1673,7 +1678,7 @@ while (<IN>)
+               }
+       elsif   (/^#define\s+ENGINESDIR/)
+               {
+-              my $foo = "$prefix/$libdir/engines";
++              my $foo = "$enginesdir";
+               $foo =~ s/\\/\\\\/g;
+               print OUT "#define ENGINESDIR \"$foo\"\n";
+               }
+diff -up openssl-1.0.0-beta5/engines/Makefile.enginesdir openssl-1.0.0-beta5/engines/Makefile
+--- openssl-1.0.0-beta5/engines/Makefile.enginesdir    2010-01-16 21:06:09.000000000 +0100
++++ openssl-1.0.0-beta5/engines/Makefile       2010-01-20 18:07:05.000000000 +0100
+@@ -124,7 +124,7 @@ install:
+                               sfx=".so"; \
+                               cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+                         fi; \
+-                        chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
++                        chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+                         mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+               done; \
+       fi

diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch
new file mode 100644 (file)
index 0000000..cf3bcf6
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch
@@ -0,0 +1,14 @@
+We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
+on having the same beta status of OpenSSL library as they were built against.
+diff -up openssl-1.0.0-beta5/crypto/opensslv.h.version openssl-1.0.0-beta5/crypto/opensslv.h
+--- openssl-1.0.0-beta5/crypto/opensslv.h.version      2010-01-20 18:16:43.000000000 +0100
++++ openssl-1.0.0-beta5/crypto/opensslv.h      2010-01-20 20:20:23.000000000 +0100
+@@ -25,7 +25,7 @@
+  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+  *  major minor fix final patch/beta)
+  */
+-#define OPENSSL_VERSION_NUMBER        0x10000005L
++#define OPENSSL_VERSION_NUMBER        0x10000003L
+ #ifdef OPENSSL_FIPS
+ #define OPENSSL_VERSION_TEXT  "OpenSSL 1.0.0-fips-beta5 20 Jan 2010"
+ #else