[IPFire-SCM] [git.ipfire.org] IPFire 3.x development tree branch, master, updated. eae1d2740f141e3cdb0739f35368bae5ee50f1f4

27 Mar 2010

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".
The branch, master has been updated
       via  eae1d2740f141e3cdb0739f35368bae5ee50f1f4 (commit)
       via  23ace5ecaf98b74ee5c13a54014fadfa334b8a2d (commit)
       via  a6db38b3da3a25161407881d9639af769096a051 (commit)
       via  a4109585ab27279e8f5349092cb8581d8dc9bdf9 (commit)
       via  e7de1c0be6628b84f86c70f883f7e943d1997dad (commit)
       via  4ed71b9f088dcb85de5366ce31de6e828048e008 (commit)
       via  68d15d217ed17bdb27642ea98ba0e6e2ad08b90b (commit)
       via  f126de55740981339c46ee506fc507c1e80850c7 (commit)
       via  8b74cf247f170fc553fa569669091da3e4fd6ced (commit)
       via  a4453cdaad686e814daee73e1bc76d73a4b5759c (commit)
      from  7975e1c9468c146c312430a8e8d01a4cb158ef46 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit eae1d2740f141e3cdb0739f35368bae5ee50f1f4
Merge: a6db38b3da3a25161407881d9639af769096a051 23ace5ecaf98b74ee5c13a54014fadfa334b8a2d
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sat Mar 27 12:47:43 2010 +0100
Merge commit 'stevee/nasm' into next
commit 23ace5ecaf98b74ee5c13a54014fadfa334b8a2d
Author: Schantl Stefan Stevee@ipfire.org
Date:   Sat Mar 27 11:48:11 2010 +0100
nasm: Update to version 2.08.01.
This fixes issue #603.
commit a6db38b3da3a25161407881d9639af769096a051
Merge: a4109585ab27279e8f5349092cb8581d8dc9bdf9 e7de1c0be6628b84f86c70f883f7e943d1997dad
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sat Mar 27 11:43:34 2010 +0100
Merge commit 'stevee/bison' into next
commit a4109585ab27279e8f5349092cb8581d8dc9bdf9
Merge: 4ed71b9f088dcb85de5366ce31de6e828048e008 8b74cf247f170fc553fa569669091da3e4fd6ced
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sat Mar 27 11:36:52 2010 +0100
Merge commit 'stevee/updates' into next
commit e7de1c0be6628b84f86c70f883f7e943d1997dad
Author: Schantl Stefan Stevee@ipfire.org
Date:   Sat Mar 27 11:05:58 2010 +0100
bison: Update to version 2.4.2.
commit 4ed71b9f088dcb85de5366ce31de6e828048e008
Merge: 68d15d217ed17bdb27642ea98ba0e6e2ad08b90b f126de55740981339c46ee506fc507c1e80850c7
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sat Mar 27 10:33:30 2010 +0100
Merge branch 'master' of ssh://git.ipfire.org/pub/git/people/ms/ipfire-3.x into next
commit 68d15d217ed17bdb27642ea98ba0e6e2ad08b90b
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sat Mar 27 10:31:20 2010 +0100
openssl: Update to 1.0.0-beta5.
commit f126de55740981339c46ee506fc507c1e80850c7
Merge: 9e777ed08f3e304a3f3bb5c1d6b46a3a1be216ca a4580ae3b5046a4261d29d3dfb468fb93653d8ed
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Fri Mar 26 15:01:07 2010 +0100
Merge remote branch 'origin/master' into next
commit 8b74cf247f170fc553fa569669091da3e4fd6ced
Author: Schantl Stefan Stevee@ipfire.org
Date:   Wed Mar 24 00:17:39 2010 +0100
util-linux-ng: Update to version 2.17.2.
This fixes issue #598.
commit a4453cdaad686e814daee73e1bc76d73a4b5759c
Author: Schantl Stefan Stevee@ipfire.org
Date:   Wed Mar 24 00:07:41 2010 +0100
util-linux-ng: Clean up naoki-makefile.
-----------------------------------------------------------------------
Summary of changes:
 pkgs/core/bison/bison.nm                           |    2 +-
 .../bison/patches/bison-2.4-reap_subpipe.patch     |   87 -
 pkgs/core/nasm/nasm.nm                             |    2 +-
 pkgs/core/openssl/openssl.nm                       |   23 +-
 .../openssl-0.9.8b-test-use-localhost.patch        |   24 +
 .../patches/openssl-0.9.8j-env-nozlib.patch        |   13 +
 .../openssl-0.9.8j-version-add-engines.patch       |   48 +
 .../patches/openssl-0.9.8k-enginesdir.patch        |   39 -
 .../patches/openssl-0.9.8k-fix_manpages-1.patch    | 1888 --------------------
 .../patches/openssl-1.0.0-beta3-soversion.patch    |   44 +
 .../patches/openssl-1.0.0-beta4-redhat.patch       |   59 +
 .../patches/openssl-1.0.0-beta5-enginesdir.patch   |   52 +
 .../patches/openssl-1.0.0-beta5-version.patch      |   14 +
 pkgs/core/util-linux-ng/util-linux-ng.nm           |   40 +-
 14 files changed, 285 insertions(+), 2050 deletions(-)
 delete mode 100644 pkgs/core/bison/patches/bison-2.4-reap_subpipe.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch
 delete mode 100644 pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch
 delete mode 100644 pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch
 create mode 100644 pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch
Difference in files:

diff --git a/pkgs/core/bison/bison.nm b/pkgs/core/bison/bison.nm
index 1d856c6..ca31db9 100644
--- a/pkgs/core/bison/bison.nm
+++ b/pkgs/core/bison/bison.nm
@@ -25,7 +25,7 @@
 include $(PKGROOT)/Include
PKG_NAME       = bison
-PKG_VER        = 2.4.1
+PKG_VER        = 2.4.2
 PKG_REL        = 0
PKG_MAINTAINER =
diff --git a/pkgs/core/bison/patches/bison-2.4-reap_subpipe.patch b/pkgs/core/bison/patches/bison-2.4-reap_subpipe.patch
deleted file mode 100644
index 3f72c3e..0000000
--- a/pkgs/core/bison/patches/bison-2.4-reap_subpipe.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-diff -urp bison-2.4-pm/lib/subpipe.c bison-2.4/lib/subpipe.c
---- bison-2.4-pm/lib/subpipe.c	2008-07-14 10:56:12.000000000 +0200
-+++ bison-2.4/lib/subpipe.c	2008-11-20 14:37:42.000000000 +0100
-@@ -143,7 +143,9 @@ create_subpipe (char const * const *argv
- }
- 
- 
--/* Wait for the subprocess to exit.  */
-+/* Wait for the subprocess to exit.  PROGRAM==NULL means errors
-+   shouldn't be emitted, typically becuase we are reaping the subpipe
-+   in response to some other error. */
- 
- void
- reap_subpipe (pid_t pid, char const *program)
-@@ -151,11 +153,14 @@ reap_subpipe (pid_t pid, char const *pro
- #if HAVE_WAITPID || defined waitpid
-   int wstatus;
-   if (waitpid (pid, &wstatus, 0) < 0)
--    error (EXIT_FAILURE, errno, "waitpid");
-+    {
-+      if (program)
-+	error (EXIT_FAILURE, errno, "waitpid");
-+    }
-   else
-     {
-       int status = WIFEXITED (wstatus) ? WEXITSTATUS (wstatus) : -1;
--      if (status)
-+      if (status && program)
- 	error (EXIT_FAILURE, 0,
- 	       _(status == 126
- 		 ? "subsidiary program `%s' could not be invoked"
-diff -urp bison-2.4-pm/src/output.c bison-2.4/src/output.c
---- bison-2.4-pm/src/output.c	2008-11-02 19:09:10.000000000 +0100
-+++ bison-2.4/src/output.c	2008-11-20 14:39:08.000000000 +0100
-@@ -467,6 +467,21 @@ prepare_actions (void)
- | Call the skeleton parser.  |
- `---------------------------*/
- 
-+static pid_t pid = 0;
-+
-+/* Clean up opened pipe. */
-+static void
-+die (void)
-+{
-+  static int dying = 0;
-+  if (pid && !dying)
-+    {
-+      dying = 1;
-+      reap_subpipe (pid, NULL);
-+      pid = 0;
-+    }
-+}
-+
- static void
- output_skeleton (void)
- {
-@@ -474,7 +489,6 @@ output_skeleton (void)
-   FILE *out;
-   int filter_fd[2];
-   char const *argv[9];
--  pid_t pid;
- 
-   /* Compute the names of the package data dir and skeleton files.  */
-   char const m4sugar[] = "m4sugar/m4sugar.m4";
-@@ -586,6 +600,7 @@ output_skeleton (void)
-   scan_skel (in);
-   xfclose (in);
-   reap_subpipe (pid, m4);
-+  pid = 0;
-   timevar_pop (TV_M4);
- }
- 
-@@ -653,6 +669,14 @@ prepare (void)
- void
- output (void)
- {
-+  /* Register shutdown handler.  */
-+  static int registered = 0;
-+  if (!registered)
-+    {
-+      registered = 1;
-+      atexit (die);
-+    }
-+
-   obstack_init (&format_obstack);
- 
-   prepare_symbols ();
diff --git a/pkgs/core/nasm/nasm.nm b/pkgs/core/nasm/nasm.nm
index 5ce2bbc..9d8536c 100644
--- a/pkgs/core/nasm/nasm.nm
+++ b/pkgs/core/nasm/nasm.nm
@@ -25,7 +25,7 @@
 include $(PKGROOT)/Include
PKG_NAME       = nasm
-PKG_VER        = 2.02
+PKG_VER        = 2.08.01
 PKG_REL        = 0
PKG_MAINTAINER =
diff --git a/pkgs/core/openssl/openssl.nm b/pkgs/core/openssl/openssl.nm
index 95c1e3c..bc32f57 100644
--- a/pkgs/core/openssl/openssl.nm
+++ b/pkgs/core/openssl/openssl.nm
@@ -25,10 +25,10 @@
 include $(PKGROOT)/Include
PKG_NAME       = openssl
-PKG_VER        = 0.9.8k
+PKG_VER        = 1.0.0-beta5
 PKG_REL        = 0
-PKG_MAINTAINER =
+PKG_MAINTAINER = Michael Tremer michael.tremer@ipfire.org
 PKG_GROUP      = System/Libraries
 PKG_URL        = http://www.openssl.org/
 PKG_LICENSE    = OpenSSL
@@ -58,13 +58,7 @@ endif
 #endif
 #endif
-###############################################################################
-# Installation Details
-###############################################################################
-
 define STAGE_PREPARE_CMDS
-	cd $(DIR_APP) && sed -e 's/-O3 -fomit-frame-pointer/$(CFLAGS)/' -i Configure
-
    cd $(DIR_APP) && sed -e 's/__OpenBSD__/__linux__/' -e 's/arandom/urandom/' \
    			-i crypto/rand/randfile.c
@@ -72,6 +66,13 @@ define STAGE_PREPARE_CMDS
cd $(DIR_APP) && find crypto/ -name Makefile -exec \
    	sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} ;
+
+	# # Modify the various perl scripts to reference perl in the right location.
+	cd $(DIR_APP) && perl util/perlpath.pl /usr/bin
+
+	# Generate a table with the compile settings for my perusal.
+	cd $(DIR_APP) && touch Makefile
+	cd $(DIR_APP) && make TABLE PERL=/usr/bin/perl
 endef
define STAGE_BUILD
@@ -96,7 +97,7 @@ define STAGE_BUILD
    		-DSSL_FORBID_ENULL
# Build.
-	cd $(DIR_APP) && make all build-shared #$(PARALLELISMFLAGS)
+	cd $(DIR_APP) && make depend all build-shared RPM_OPT_FLAGS="$(CFLAGS)" #$(PARALLELISMFLAGS)
# Generate hashes for the included certs.
    cd $(DIR_APP) && make rehash build-shared
@@ -109,6 +110,10 @@ endef
 define STAGE_INSTALL
    cd $(DIR_APP) && make install build-shared INSTALL_PREFIX=$(BUILDROOT)
+	# Install manpages do right place
+	-mkdir -pv $(BUILDROOT)/usr/share
+	mv -v $(BUILDROOT)/etc/pki/tls/man $(BUILDROOT)/usr/share/
+
    -mkdir -pv $(BUILDROOT)/usr/lib/openssl
    mv -v $(BUILDROOT)/usr/lib/engines $(BUILDROOT)/usr/lib/openssl
diff --git a/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch b/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch
new file mode 100644
index 0000000..08adf1c
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8b-test-use-localhost.patch
@@ -0,0 +1,24 @@
+diff -up openssl-0.9.8b/ssl/ssltest.c.use-localhost openssl-0.9.8b/ssl/ssltest.c
+--- openssl-0.9.8b/ssl/ssltest.c.use-localhost	2006-02-24 18:58:35.000000000 +0100
++++ openssl-0.9.8b/ssl/ssltest.c	2007-08-03 14:06:16.000000000 +0200
+@@ -839,19 +839,8 @@ bad:
+ #ifndef OPENSSL_NO_KRB5
+ 	if (c_ssl  &&  c_ssl->kssl_ctx)
+                 {
+-                char	localhost[MAXHOSTNAMELEN+2];
+-
+-		if (gethostname(localhost, sizeof localhost-1) == 0)
+-                        {
+-			localhost[sizeof localhost-1]='\0';
+-			if(strlen(localhost) == sizeof localhost-1)
+-				{
+-				BIO_printf(bio_err,"localhost name too long\n");
+-				goto end;
+-				}
+ 			kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
+-                                localhost);
+-			}
++                                "localhost");
+ 		}
+ #endif    /* OPENSSL_NO_KRB5  */
+ 
diff --git a/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch b/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch
new file mode 100644
index 0000000..65af5a8
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8j-env-nozlib.patch
@@ -0,0 +1,13 @@
+Do not implicitly load the zlib support if OPENSSL_NO_DEFAULT_ZLIB is set.
+diff -up openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib openssl-0.9.8j/ssl/ssl_ciph.c
+--- openssl-0.9.8j/ssl/ssl_ciph.c.env-nozlib	2009-01-05 15:43:07.000000000 +0100
++++ openssl-0.9.8j/ssl/ssl_ciph.c	2009-01-14 17:47:46.000000000 +0100
+@@ -287,7 +287,7 @@ static void load_builtin_compressions(vo
+ 
+ 			MemCheck_off();
+ 			ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
+-			if (ssl_comp_methods != NULL)
++			if (ssl_comp_methods != NULL && getenv("OPENSSL_NO_DEFAULT_ZLIB") == NULL)
+ 				{
+ 				comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+ 				if (comp != NULL)
diff --git a/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch b/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch
new file mode 100644
index 0000000..f54326c
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-0.9.8j-version-add-engines.patch
@@ -0,0 +1,48 @@
+diff -up openssl-0.9.8j/apps/version.c.version-add-engines openssl-0.9.8j/apps/version.c
+--- openssl-0.9.8j/apps/version.c.version-add-engines	2008-10-20 14:53:33.000000000 +0200
++++ openssl-0.9.8j/apps/version.c	2009-01-13 23:22:03.000000000 +0100
+@@ -131,6 +131,7 @@
+ #ifndef OPENSSL_NO_BF
+ # include <openssl/blowfish.h>
+ #endif
++#include <openssl/engine.h>
+ 
+ #undef PROG
+ #define PROG	version_main
+@@ -140,7 +141,7 @@ int MAIN(int, char **);
+ int MAIN(int argc, char **argv)
+ 	{
+ 	int i,ret=0;
+-	int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
++	int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
+ 
+ 	apps_startup();
+ 
+@@ -164,7 +165,7 @@ int MAIN(int argc, char **argv)
+ 		else if (strcmp(argv[i],"-d") == 0)
+ 			dir=1;
+ 		else if (strcmp(argv[i],"-a") == 0)
+-			date=version=cflags=options=platform=dir=1;
++			date=version=cflags=options=platform=dir=engines=1;
+ 		else
+ 			{
+ 			BIO_printf(bio_err,"usage:version -[avbofpd]\n");
+@@ -211,6 +212,18 @@ int MAIN(int argc, char **argv)
+ 		}
+ 	if (cflags)  printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
+ 	if (dir)  printf("%s\n",SSLeay_version(SSLEAY_DIR));
++	if (engines)
++		{
++		ENGINE *e;
++		printf("engines:  ");
++		e = ENGINE_get_first();
++		while (e)
++			{
++			printf("%s ", ENGINE_get_id(e));
++			e = ENGINE_get_next(e);
++			}
++		printf("\n");
++		}
+ end:
+ 	apps_shutdown();
+ 	OPENSSL_EXIT(ret);
diff --git a/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch b/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch
deleted file mode 100644
index 0c33b74..0000000
--- a/pkgs/core/openssl/patches/openssl-0.9.8k-enginesdir.patch
+++ /dev/null
@@ -1,39 +0,0 @@
---- openssl-0.9.8a/Configure.enginesdir	2005-11-04 15:06:37.000000000 +0100
-+++ openssl-0.9.8a/Configure	2005-11-07 14:15:12.000000000 +0100
-@@ -560,6 +560,7 @@
- 
- my $prefix="";
- my $openssldir="";
-+my $enginesdir="";
- my $exe_ext="";
- my $install_prefix="";
- my $no_threads=0;
-@@ -739,6 +740,10 @@
- 				{
- 				$openssldir=$1;
- 				}
-+			elsif (/^--enginesdir=(.*)$/)
-+				{
-+				$enginesdir=$1;
-+				}
- 			elsif (/^--install.prefix=(.*)$/)
- 				{
- 				$install_prefix=$1;
-@@ -923,7 +928,7 @@
- 
- $openssldir=$prefix . "/ssl" if $openssldir eq "";
- $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^/|^[a-zA-Z]:[\/])/;
--
-+$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
- 
- print "IsMK1MF=$IsMK1MF\n";
- 
-@@ -1430,7 +1435,7 @@
- 	if	(/^#define\s+OPENSSLDIR/)
- 		{ print OUT "#define OPENSSLDIR "$openssldir"\n"; }
- 	elsif	(/^#define\s+ENGINESDIR/)
--		{ print OUT "#define ENGINESDIR "$prefix/lib/engines"\n"; }
-+		{ print OUT "#define ENGINESDIR "$enginesdir"\n"; }
- 	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
- 		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
- 			if $export_var_as_fn;
diff --git a/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch b/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch
deleted file mode 100644
index 69189c9..0000000
--- a/pkgs/core/openssl/patches/openssl-0.9.8k-fix_manpages-1.patch
+++ /dev/null
@@ -1,1888 +0,0 @@
-Submitted By: Robert Connolly <robert at linuxfromscratch dot org>
-Date: 2005-11-13
-Initial Package Version: 0.9.8a
-Upstream Status: Submitted upstream
-Origin: Anderson Lizardo
-Description: This patch fixes conflicts between man pages
-	     installed by OpenSSL and those found on other
-	     packages (particulary Shadow, Perl, and
-	     Man-pages). It also fixes syntax errors on some
-	     POD files that generates slightly broken man
-	     pages.
-
-$LastChangedBy: igor $
-$Date: 2005-04-03 16:54:23 -0600 (Sun, 03 Apr 2005) $
-
-diff -Naur openssl-0.9.8a.orig/FAQ openssl-0.9.8a/FAQ
---- openssl-0.9.8a.orig/FAQ	2005-10-11 10:16:06.000000000 +0000
-+++ openssl-0.9.8a/FAQ	2005-11-14 03:59:59.000000000 +0000
-@@ -680,7 +680,7 @@
- 
- Multi-threaded applications must provide two callback functions to
- OpenSSL by calling CRYPTO_set_locking_callback() and
--CRYPTO_set_id_callback().  This is described in the threads(3)
-+CRYPTO_set_id_callback().  This is described in the openssl_threads(3)
- manpage.
- 
- * I've compiled a program under Windows and it crashes: why?
-diff -Naur openssl-0.9.8a.orig/crypto/rand/md_rand.c openssl-0.9.8a/crypto/rand/md_rand.c
---- openssl-0.9.8a.orig/crypto/rand/md_rand.c	2005-04-07 22:53:35.000000000 +0000
-+++ openssl-0.9.8a/crypto/rand/md_rand.c	2005-11-14 03:59:59.000000000 +0000
-@@ -196,7 +196,7 @@
- 	int do_not_lock;
- 
- 	/*
--	 * (Based on the rand(3) manpage)
-+	 * (Based on the openssl_rand(3) manpage)
- 	 *
- 	 * The input is chopped up into units of 20 bytes (or less for
- 	 * the last block).  Each of these blocks is run through the hash
-@@ -351,7 +351,7 @@
- 	num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
- 
- 	/*
--	 * (Based on the rand(3) manpage:)
-+	 * (Based on the openssl_rand(3) manpage)
- 	 *
- 	 * For each group of 10 bytes (or less), we do the following:
- 	 *
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod openssl-0.9.8a/doc/apps/openssl-passwd.pod
---- openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl-passwd.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,82 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl-passwd - compute password hashes
-+
-+=head1 SYNOPSIS
-+
-+B<openssl passwd>
-+[B<-crypt>]
-+[B<-1>]
-+[B<-apr1>]
-+[B<-salt> I<string>]
-+[B<-in> I<file>]
-+[B<-stdin>]
-+[B<-noverify>]
-+[B<-quiet>]
-+[B<-table>]
-+{I<password>}
-+
-+=head1 DESCRIPTION
-+
-+The B<passwd> command computes the hash of a password typed at
-+run-time or the hash of each password in a list.  The password list is
-+taken from the named file for option B<-in file>, from stdin for
-+option B<-stdin>, or from the command line, or from the terminal otherwise.
-+The Unix standard algorithm B<crypt> and the MD5-based BSD password
-+algorithm B<1> and its Apache variant B<apr1> are available.
-+
-+=head1 OPTIONS
-+
-+=over 4
-+
-+=item B<-crypt>
-+
-+Use the B<crypt> algorithm (default).
-+
-+=item B<-1>
-+
-+Use the MD5 based BSD password algorithm B<1>.
-+
-+=item B<-apr1>
-+
-+Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-+
-+=item B<-salt> I<string>
-+
-+Use the specified salt.
-+When reading a password from the terminal, this implies B<-noverify>.
-+
-+=item B<-in> I<file>
-+
-+Read passwords from I<file>.
-+
-+=item B<-stdin>
-+
-+Read passwords from B<stdin>.
-+
-+=item B<-noverify>
-+
-+Don't verify when reading a password from the terminal.
-+
-+=item B<-quiet>
-+
-+Don't output warnings when passwords given at the command line are truncated.
-+
-+=item B<-table>
-+
-+In the output list, prepend the cleartext password and a TAB character
-+to each password hash.
-+
-+=back
-+
-+=head1 EXAMPLES
-+
-+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-+
-+B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-+
-+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl.pod openssl-0.9.8a/doc/apps/openssl.pod
---- openssl-0.9.8a.orig/doc/apps/openssl.pod	2004-01-04 18:59:14.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -125,7 +125,7 @@
- 
- Online Certificate Status Protocol utility.
- 
--=item L<B<passwd>|passwd(1)>
-+=item L<B<passwd>|openssl-passwd(1)>
- 
- Generation of hashed passwords.
- 
-@@ -325,7 +325,7 @@
- L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
- L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
- L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
--L<passwd(1)|passwd(1)>,
-+L<openssl-passwd(1)|openssl-passwd(1)>,
- L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
- L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
- L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-diff -Naur openssl-0.9.8a.orig/doc/apps/passwd.pod openssl-0.9.8a/doc/apps/passwd.pod
---- openssl-0.9.8a.orig/doc/apps/passwd.pod	2002-10-04 12:59:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/passwd.pod	1970-01-01 00:00:00.000000000 +0000
-@@ -1,82 +0,0 @@
--=pod
--
--=head1 NAME
--
--passwd - compute password hashes
--
--=head1 SYNOPSIS
--
--B<openssl passwd>
--[B<-crypt>]
--[B<-1>]
--[B<-apr1>]
--[B<-salt> I<string>]
--[B<-in> I<file>]
--[B<-stdin>]
--[B<-noverify>]
--[B<-quiet>]
--[B<-table>]
--{I<password>}
--
--=head1 DESCRIPTION
--
--The B<passwd> command computes the hash of a password typed at
--run-time or the hash of each password in a list.  The password list is
--taken from the named file for option B<-in file>, from stdin for
--option B<-stdin>, or from the command line, or from the terminal otherwise.
--The Unix standard algorithm B<crypt> and the MD5-based BSD password
--algorithm B<1> and its Apache variant B<apr1> are available.
--
--=head1 OPTIONS
--
--=over 4
--
--=item B<-crypt>
--
--Use the B<crypt> algorithm (default).
--
--=item B<-1>
--
--Use the MD5 based BSD password algorithm B<1>.
--
--=item B<-apr1>
--
--Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
--
--=item B<-salt> I<string>
--
--Use the specified salt.
--When reading a password from the terminal, this implies B<-noverify>.
--
--=item B<-in> I<file>
--
--Read passwords from I<file>.
--
--=item B<-stdin>
--
--Read passwords from B<stdin>.
--
--=item B<-noverify>
--
--Don't verify when reading a password from the terminal.
--
--=item B<-quiet>
--
--Don't output warnings when passwords given at the command line are truncated.
--
--=item B<-table>
--
--In the output list, prepend the cleartext password and a TAB character
--to each password hash.
--
--=back
--
--=head1 EXAMPLES
--
--B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
--
--B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
--
--B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod openssl-0.9.8a/doc/crypto/BN_generate_prime.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod	2003-01-13 13:18:22.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_generate_prime.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_rand.pod openssl-0.9.8a/doc/crypto/BN_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_rand.pod	2002-09-25 13:33:26.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_rand.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -45,7 +45,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod openssl-0.9.8a/doc/crypto/CONF_modules_free.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod	2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_free.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -37,7 +37,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
-+L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod	2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -51,7 +51,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)>
-+L<CONF_free(3)|CONF_free(3)>, L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod openssl-0.9.8a/doc/crypto/DH_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_key.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -40,7 +40,7 @@
- 
- =head1 SEE ALSO
- 
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<DH_size(3)|DH_size(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DH_free(3)|DH_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod openssl-0.9.8a/doc/crypto/DSA_do_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_do_sign.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -36,7 +36,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
- L<DSA_sign(3)|DSA_sign(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod openssl-0.9.8a/doc/crypto/DSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_key.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -24,7 +24,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_free(3)|DSA_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod openssl-0.9.8a/doc/crypto/DSA_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_sign.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -55,7 +55,7 @@
- 
- =head1 SEE ALSO
- 
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_do_sign(3)|DSA_do_sign(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod	2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -41,7 +41,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod openssl-0.9.8a/doc/crypto/ERR_clear_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod	2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_clear_error.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod openssl-0.9.8a/doc/crypto/ERR_error_string.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod	2004-11-14 15:11:37.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_error_string.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -60,7 +60,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
- L<ERR_print_errors(3)|ERR_print_errors(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod openssl-0.9.8a/doc/crypto/ERR_get_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod	2002-11-29 14:21:54.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_get_error.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -61,7 +61,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod	2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod	2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_strings.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod openssl-0.9.8a/doc/crypto/ERR_print_errors.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod	2000-02-01 01:36:59.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_print_errors.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -38,7 +38,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod openssl-0.9.8a/doc/crypto/ERR_put_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod	2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_put_error.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod openssl-0.9.8a/doc/crypto/ERR_remove_state.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod	2000-05-19 07:54:42.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_remove_state.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -25,7 +25,7 @@
- 
- =head1 SEE ALSO
- 
--L<err(3)|err(3)>
-+L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod	2004-11-25 17:47:30.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod	2005-11-14 04:00:45.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod	2000-09-23 07:16:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -54,7 +54,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_SealInit(3)|EVP_SealInit(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod openssl-0.9.8a/doc/crypto/EVP_SealInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod	2005-03-29 17:50:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SealInit.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -74,7 +74,7 @@
- 
- =head1 SEE ALSO
- 
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_OpenInit(3)|EVP_OpenInit(3)>
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod openssl-0.9.8a/doc/crypto/EVP_SignInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod	2005-03-22 17:55:33.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SignInit.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -80,7 +80,7 @@
- =head1 SEE ALSO
- 
- L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod	2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -71,7 +71,7 @@
- 
- L<evp(3)|evp(3)>,
- L<EVP_SignInit(3)|EVP_SignInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod openssl-0.9.8a/doc/crypto/OPENSSL_config.pod
---- openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod	2005-06-02 23:17:38.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/OPENSSL_config.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
- =head1 SEE ALSO
- 
- L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
--L<CONF_modules_free(3),CONF_modules_free(3)>
-+L<CONF_modules_free(3)|CONF_modules_free(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_add.pod openssl-0.9.8a/doc/crypto/RAND_add.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_add.pod	2000-03-22 15:30:03.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_add.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -65,7 +65,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
- L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod openssl-0.9.8a/doc/crypto/RAND_bytes.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_bytes.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<RAND_add(3)|RAND_add(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod openssl-0.9.8a/doc/crypto/RAND_cleanup.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod	2000-01-27 01:25:06.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_cleanup.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>
-+L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod openssl-0.9.8a/doc/crypto/RAND_egd.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod	2001-02-10 19:10:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_egd.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -69,7 +69,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
- L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod openssl-0.9.8a/doc/crypto/RAND_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod	2001-03-21 15:25:56.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_load_file.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod	2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -67,7 +67,7 @@
- 
- =head1 SEE ALSO
- 
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod	2000-02-24 11:55:10.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
- 
- =head1 SEE ALSO
- 
--L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod openssl-0.9.8a/doc/crypto/RSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod	2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_generate_key.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
- 
- =head1 SEE ALSO
- 
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_free(3)|RSA_free(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod	2004-03-23 21:01:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
- 
- =head1 SEE ALSO
- 
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_size(3)|RSA_size(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod	2002-09-25 13:33:28.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -48,7 +48,7 @@
- =head1 SEE ALSO
- 
- L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
- L<RSA_verify(3)|RSA_verify(3)>
- 
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod
---- openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod	2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -63,7 +63,7 @@
- =head1 SEE ALSO
- 
- L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
--L<OBJ_nid2obj(3),OBJ_nid2obj(3)>
-+L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/bn.pod openssl-0.9.8a/doc/crypto/bn.pod
---- openssl-0.9.8a.orig/doc/crypto/bn.pod	2005-04-29 15:07:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/bn.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -167,7 +167,7 @@
- =head1 SEE ALSO
- 
- L<bn_internal(3)|bn_internal(3)>,
--L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
- L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
- L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/crypto.pod openssl-0.9.8a/doc/crypto/crypto.pod
---- openssl-0.9.8a.orig/doc/crypto/crypto.pod	2002-10-06 12:59:25.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/crypto.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -46,7 +46,7 @@
- 
- =item AUXILIARY FUNCTIONS
- 
--L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<openssl_threads(3)|openssl_threads(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
- 
- =item INPUT/OUTPUT, DATA ENCODING
-diff -Naur openssl-0.9.8a.orig/doc/crypto/des.pod openssl-0.9.8a/doc/crypto/des.pod
---- openssl-0.9.8a.orig/doc/crypto/des.pod	2003-10-01 15:02:45.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/des.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -115,7 +115,7 @@
- the key; it is used to speed the encryption process.
- 
- DES_random_key() generates a random key.  The PRNG must be seeded
--prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
-+prior to using this function (see L<openssl_rand(3)|openssl_rand(3)>).  If the PRNG
- could not generate a secure key, 0 is returned.
- 
- Before a DES key can be used, it must be converted into the
-@@ -317,7 +317,7 @@
- 
- =head1 SEE ALSO
- 
--crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
-+crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dh.pod openssl-0.9.8a/doc/crypto/dh.pod
---- openssl-0.9.8a.orig/doc/crypto/dh.pod	2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dh.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -67,8 +67,8 @@
- 
- =head1 SEE ALSO
- 
--L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-+L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<openssl_err(3)|openssl_err(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
- L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
- L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
- L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dsa.pod openssl-0.9.8a/doc/crypto/dsa.pod
---- openssl-0.9.8a.orig/doc/crypto/dsa.pod	2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dsa.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -100,7 +100,7 @@
- 
- =head1 SEE ALSO
- 
--L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
- L<DSA_new(3)|DSA_new(3)>,
- L<DSA_size(3)|DSA_size(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/engine.pod openssl-0.9.8a/doc/crypto/engine.pod
---- openssl-0.9.8a.orig/doc/crypto/engine.pod	2004-06-17 23:40:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/engine.pod	2005-11-14 04:01:19.000000000 +0000
-@@ -594,6 +594,6 @@
- 
- =head1 SEE ALSO
- 
--L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<openssl_rand(3)|openssl_rand(3)>
- 
- =cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/err.pod openssl-0.9.8a/doc/crypto/err.pod
---- openssl-0.9.8a.orig/doc/crypto/err.pod	2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/err.pod	1970-01-01 00:00:00.000000000 +0000
-@@ -1,187 +0,0 @@
--=pod
--
--=head1 NAME
--
--err - error codes
--
--=head1 SYNOPSIS
--
-- #include <openssl/err.h>
--
-- unsigned long ERR_get_error(void);
-- unsigned long ERR_peek_error(void);
-- unsigned long ERR_get_error_line(const char **file, int *line);
-- unsigned long ERR_peek_error_line(const char **file, int *line);
-- unsigned long ERR_get_error_line_data(const char **file, int *line,
--         const char **data, int *flags);
-- unsigned long ERR_peek_error_line_data(const char **file, int *line,
--         const char **data, int *flags);
--
-- int ERR_GET_LIB(unsigned long e);
-- int ERR_GET_FUNC(unsigned long e);
-- int ERR_GET_REASON(unsigned long e);
--
-- void ERR_clear_error(void);
--
-- char *ERR_error_string(unsigned long e, char *buf);
-- const char *ERR_lib_error_string(unsigned long e);
-- const char *ERR_func_error_string(unsigned long e);
-- const char *ERR_reason_error_string(unsigned long e);
--
-- void ERR_print_errors(BIO *bp);
-- void ERR_print_errors_fp(FILE *fp);
--
-- void ERR_load_crypto_strings(void);
-- void ERR_free_strings(void);
--
-- void ERR_remove_state(unsigned long pid);
--
-- void ERR_put_error(int lib, int func, int reason, const char *file,
--         int line);
-- void ERR_add_error_data(int num, ...);
--
-- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-- unsigned long ERR_PACK(int lib, int func, int reason);
-- int ERR_get_next_error_library(void);
--
--=head1 DESCRIPTION
--
--When a call to the OpenSSL library fails, this is usually signalled
--by the return value, and an error code is stored in an error queue
--associated with the current thread. The B<err> library provides
--functions to obtain these error codes and textual error messages.
--
--The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
--access error codes.
--
--Error codes contain information about where the error occurred, and
--what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
--extract this information. A method to obtain human-readable error
--messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
--
--L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
--error queue.
--
--Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
--avoid memory leaks when threads are terminated.
--
--=head1 ADDING NEW ERROR CODES TO OPENSSL
--
--See L<ERR_put_error(3)> if you want to record error codes in the
--OpenSSL error system from within your application.
--
--The remainder of this section is of interest only if you want to add
--new error codes to OpenSSL or add error codes from external libraries.
--
--=head2 Reporting errors
--
--Each sub-library has a specific macro XXXerr() that is used to report
--errors. Its first argument is a function code B<XXX_F_...>, the second
--argument is a reason code B<XXX_R_...>. Function codes are derived
--from the function names; reason codes consist of textual error
--descriptions. For example, the function ssl23_read() reports a
--"handshake failure" as follows:
--
-- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
--
--Function and reason codes should consist of upper case characters,
--numbers and underscores only. The error file generation script translates
--function codes into function names by looking in the header files
--for an appropriate function name, if none is found it just uses
--the capitalized form such as "SSL23_READ" in the above example.
--
--The trailing section of a reason code (after the "_R_") is translated
--into lower case and underscores changed to spaces.
--
--When you are using new function or reason codes, run B<make errors>.
--The necessary B<#define>s will then automatically be added to the
--sub-library's header file.
--
--Although a library will normally report errors using its own specific
--XXXerr macro, another library's macro can be used. This is normally
--only done when a library wants to include ASN1 code which must use
--the ASN1err() macro.
--
--=head2 Adding new libraries
--
--When adding a new sub-library to OpenSSL, assign it a library number
--B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
--name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
--C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
--(in B<crypto/err/err_all.c>). Finally, add an entry
--
-- L	XXX	xxx.h	xxx_err.c
--
--to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
--Running B<make errors> will then generate a file B<xxx_err.c>, and
--add all error codes used in the library to B<xxx.h>.
--
--Additionally the library include file must have a certain form.
--Typically it will initially look like this:
--
-- #ifndef HEADER_XXX_H
-- #define HEADER_XXX_H
--
-- #ifdef __cplusplus
-- extern "C" {
-- #endif
--
-- /* Include files */
--
-- #include <openssl/bio.h>
-- #include <openssl/x509.h>
--
-- /* Macros, structures and function prototypes */
--
--
-- /* BEGIN ERROR CODES */
--
--The B<BEGIN ERROR CODES> sequence is used by the error code
--generation script as the point to place new error codes, any text
--after this point will be overwritten when B<make errors> is run.
--The closing #endif etc will be automatically added by the script.
--
--The generated C error code file B<xxx_err.c> will load the header
--files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
--header file must load any additional header files containing any
--definitions it uses.
--
--=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
--
--It is also possible to use OpenSSL's error code scheme in external
--libraries. The library needs to load its own codes and call the OpenSSL
--error code insertion script B<mkerr.pl> explicitly to add codes to
--the header file and generate the C error code file. This will normally
--be done if the external library needs to generate new ASN1 structures
--but it can also be used to add more general purpose error code handling.
--
--TBA more details
--
--=head1 INTERNALS
--
--The error queues are stored in a hash table with one B<ERR_STATE>
--entry for each pid. ERR_get_state() returns the current thread's
--B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
--codes. When more error codes are added, the old ones are overwritten,
--on the assumption that the most recent errors are most important.
--
--Error strings are also stored in hash table. The hash tables can
--be obtained by calling ERR_get_err_state_table(void) and
--ERR_get_string_table(void) respectively.
--
--=head1 SEE ALSO
--
--L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
--L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
--L<ERR_get_error(3)|ERR_get_error(3)>,
--L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
--L<ERR_clear_error(3)|ERR_clear_error(3)>,
--L<ERR_error_string(3)|ERR_error_string(3)>,
--L<ERR_print_errors(3)|ERR_print_errors(3)>,
--L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
--L<ERR_remove_state(3)|ERR_remove_state(3)>,
--L<ERR_put_error(3)|ERR_put_error(3)>,
--L<ERR_load_strings(3)|ERR_load_strings(3)>,
--L<SSL_get_error(3)|SSL_get_error(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_err.pod openssl-0.9.8a/doc/crypto/openssl_err.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_err.pod	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_err.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,187 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_err - error codes
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/err.h>
-+
-+ unsigned long ERR_get_error(void);
-+ unsigned long ERR_peek_error(void);
-+ unsigned long ERR_get_error_line(const char **file, int *line);
-+ unsigned long ERR_peek_error_line(const char **file, int *line);
-+ unsigned long ERR_get_error_line_data(const char **file, int *line,
-+         const char **data, int *flags);
-+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
-+         const char **data, int *flags);
-+
-+ int ERR_GET_LIB(unsigned long e);
-+ int ERR_GET_FUNC(unsigned long e);
-+ int ERR_GET_REASON(unsigned long e);
-+
-+ void ERR_clear_error(void);
-+
-+ char *ERR_error_string(unsigned long e, char *buf);
-+ const char *ERR_lib_error_string(unsigned long e);
-+ const char *ERR_func_error_string(unsigned long e);
-+ const char *ERR_reason_error_string(unsigned long e);
-+
-+ void ERR_print_errors(BIO *bp);
-+ void ERR_print_errors_fp(FILE *fp);
-+
-+ void ERR_load_crypto_strings(void);
-+ void ERR_free_strings(void);
-+
-+ void ERR_remove_state(unsigned long pid);
-+
-+ void ERR_put_error(int lib, int func, int reason, const char *file,
-+         int line);
-+ void ERR_add_error_data(int num, ...);
-+
-+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-+ unsigned long ERR_PACK(int lib, int func, int reason);
-+ int ERR_get_next_error_library(void);
-+
-+=head1 DESCRIPTION
-+
-+When a call to the OpenSSL library fails, this is usually signalled
-+by the return value, and an error code is stored in an error queue
-+associated with the current thread. The B<err> library provides
-+functions to obtain these error codes and textual error messages.
-+
-+The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-+access error codes.
-+
-+Error codes contain information about where the error occurred, and
-+what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-+extract this information. A method to obtain human-readable error
-+messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-+
-+L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-+error queue.
-+
-+Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-+avoid memory leaks when threads are terminated.
-+
-+=head1 ADDING NEW ERROR CODES TO OPENSSL
-+
-+See L<ERR_put_error(3)> if you want to record error codes in the
-+OpenSSL error system from within your application.
-+
-+The remainder of this section is of interest only if you want to add
-+new error codes to OpenSSL or add error codes from external libraries.
-+
-+=head2 Reporting errors
-+
-+Each sub-library has a specific macro XXXerr() that is used to report
-+errors. Its first argument is a function code B<XXX_F_...>, the second
-+argument is a reason code B<XXX_R_...>. Function codes are derived
-+from the function names; reason codes consist of textual error
-+descriptions. For example, the function ssl23_read() reports a
-+"handshake failure" as follows:
-+
-+ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-+
-+Function and reason codes should consist of upper case characters,
-+numbers and underscores only. The error file generation script translates
-+function codes into function names by looking in the header files
-+for an appropriate function name, if none is found it just uses
-+the capitalized form such as "SSL23_READ" in the above example.
-+
-+The trailing section of a reason code (after the "_R_") is translated
-+into lower case and underscores changed to spaces.
-+
-+When you are using new function or reason codes, run B<make errors>.
-+The necessary B<#define>s will then automatically be added to the
-+sub-library's header file.
-+
-+Although a library will normally report errors using its own specific
-+XXXerr macro, another library's macro can be used. This is normally
-+only done when a library wants to include ASN1 code which must use
-+the ASN1err() macro.
-+
-+=head2 Adding new libraries
-+
-+When adding a new sub-library to OpenSSL, assign it a library number
-+B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-+name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-+C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-+(in B<crypto/err/err_all.c>). Finally, add an entry
-+
-+ L	XXX	xxx.h	xxx_err.c
-+
-+to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-+Running B<make errors> will then generate a file B<xxx_err.c>, and
-+add all error codes used in the library to B<xxx.h>.
-+
-+Additionally the library include file must have a certain form.
-+Typically it will initially look like this:
-+
-+ #ifndef HEADER_XXX_H
-+ #define HEADER_XXX_H
-+
-+ #ifdef __cplusplus
-+ extern "C" {
-+ #endif
-+
-+ /* Include files */
-+
-+ #include <openssl/bio.h>
-+ #include <openssl/x509.h>
-+
-+ /* Macros, structures and function prototypes */
-+
-+
-+ /* BEGIN ERROR CODES */
-+
-+The B<BEGIN ERROR CODES> sequence is used by the error code
-+generation script as the point to place new error codes, any text
-+after this point will be overwritten when B<make errors> is run.
-+The closing #endif etc will be automatically added by the script.
-+
-+The generated C error code file B<xxx_err.c> will load the header
-+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-+header file must load any additional header files containing any
-+definitions it uses.
-+
-+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-+
-+It is also possible to use OpenSSL's error code scheme in external
-+libraries. The library needs to load its own codes and call the OpenSSL
-+error code insertion script B<mkerr.pl> explicitly to add codes to
-+the header file and generate the C error code file. This will normally
-+be done if the external library needs to generate new ASN1 structures
-+but it can also be used to add more general purpose error code handling.
-+
-+TBA more details
-+
-+=head1 INTERNALS
-+
-+The error queues are stored in a hash table with one B<ERR_STATE>
-+entry for each pid. ERR_get_state() returns the current thread's
-+B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-+codes. When more error codes are added, the old ones are overwritten,
-+on the assumption that the most recent errors are most important.
-+
-+Error strings are also stored in hash table. The hash tables can
-+be obtained by calling ERR_get_err_state_table(void) and
-+ERR_get_string_table(void) respectively.
-+
-+=head1 SEE ALSO
-+
-+L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-+L<ERR_clear_error(3)|ERR_clear_error(3)>,
-+L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<ERR_print_errors(3)|ERR_print_errors(3)>,
-+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-+L<ERR_remove_state(3)|ERR_remove_state(3)>,
-+L<ERR_put_error(3)|ERR_put_error(3)>,
-+L<ERR_load_strings(3)|ERR_load_strings(3)>,
-+L<SSL_get_error(3)|SSL_get_error(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod openssl-0.9.8a/doc/crypto/openssl_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_rand.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_rand - pseudo-random number generator
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/rand.h>
-+
-+ int  RAND_set_rand_engine(ENGINE *engine);
-+
-+ int  RAND_bytes(unsigned char *buf, int num);
-+ int  RAND_pseudo_bytes(unsigned char *buf, int num);
-+
-+ void RAND_seed(const void *buf, int num);
-+ void RAND_add(const void *buf, int num, int entropy);
-+ int  RAND_status(void);
-+
-+ int  RAND_load_file(const char *file, long max_bytes);
-+ int  RAND_write_file(const char *file);
-+ const char *RAND_file_name(char *file, size_t num);
-+
-+ int  RAND_egd(const char *path);
-+
-+ void RAND_set_rand_method(const RAND_METHOD *meth);
-+ const RAND_METHOD *RAND_get_rand_method(void);
-+ RAND_METHOD *RAND_SSLeay(void);
-+
-+ void RAND_cleanup(void);
-+
-+ /* For Win32 only */
-+ void RAND_screen(void);
-+ int RAND_event(UINT, WPARAM, LPARAM);
-+
-+=head1 DESCRIPTION
-+
-+Since the introduction of the ENGINE API, the recommended way of controlling
-+default implementations is by using the ENGINE API functions. The default
-+B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
-+RAND_get_rand_method(), is only used if no ENGINE has been set as the default
-+"rand" implementation. Hence, these two functions are no longer the recommened
-+way to control defaults.
-+
-+If an alternative B<RAND_METHOD> implementation is being used (either set
-+directly or as provided by an ENGINE module), then it is entirely responsible
-+for the generation and management of a cryptographically secure PRNG stream. The
-+mechanisms described below relate solely to the software PRNG implementation
-+built in to OpenSSL and used by default.
-+
-+These functions implement a cryptographically secure pseudo-random
-+number generator (PRNG). It is used by other library functions for
-+example to generate random keys, and applications can use it when they
-+need randomness.
-+
-+A cryptographic PRNG must be seeded with unpredictable data such as
-+mouse movements or keys pressed at random by the user. This is
-+described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-+(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
-+seeding process whenever the application is started.
-+
-+L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-+PRNG. 
-+
-+=head1 INTERNALS
-+
-+The RAND_SSLeay() method implements a PRNG based on a cryptographic
-+hash function.
-+
-+The following description of its design is based on the SSLeay
-+documentation:
-+
-+First up I will state the things I believe I need for a good RNG.
-+
-+=over 4
-+
-+=item 1
-+
-+A good hashing algorithm to mix things up and to convert the RNG 'state'
-+to random numbers.
-+
-+=item 2
-+
-+An initial source of random 'state'.
-+
-+=item 3
-+
-+The state should be very large.  If the RNG is being used to generate
-+4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-+If your RNG state only has 128 bits, you are obviously limiting the
-+search space to 128 bits, not 2048.  I'm probably getting a little
-+carried away on this last point but it does indicate that it may not be
-+a bad idea to keep quite a lot of RNG state.  It should be easier to
-+break a cipher than guess the RNG seed data.
-+
-+=item 4
-+
-+Any RNG seed data should influence all subsequent random numbers
-+generated.  This implies that any random seed data entered will have
-+an influence on all subsequent random numbers generated.
-+
-+=item 5
-+
-+When using data to seed the RNG state, the data used should not be
-+extractable from the RNG state.  I believe this should be a
-+requirement because one possible source of 'secret' semi random
-+data would be a private key or a password.  This data must
-+not be disclosed by either subsequent random numbers or a
-+'core' dump left by a program crash.
-+
-+=item 6
-+
-+Given the same initial 'state', 2 systems should deviate in their RNG state
-+(and hence the random numbers generated) over time if at all possible.
-+
-+=item 7
-+
-+Given the random number output stream, it should not be possible to determine
-+the RNG state or the next random number.
-+
-+=back
-+
-+The algorithm is as follows.
-+
-+There is global state made up of a 1023 byte buffer (the 'state'), a
-+working hash value ('md'), and a counter ('count').
-+
-+Whenever seed data is added, it is inserted into the 'state' as
-+follows.
-+
-+The input is chopped up into units of 20 bytes (or less for
-+the last block).  Each of these blocks is run through the hash
-+function as follows:  The data passed to the hash function
-+is the current 'md', the same number of bytes from the 'state'
-+(the location determined by in incremented looping index) as
-+the current 'block', the new key data 'block', and 'count'
-+(which is incremented after each use).
-+The result of this is kept in 'md' and also xored into the
-+'state' at the same locations that were used as input into the
-+hash function. I
-+believe this system addresses points 1 (hash function; currently
-+SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-+function and xor).
-+
-+When bytes are extracted from the RNG, the following process is used.
-+For each group of 10 bytes (or less), we do the following:
-+
-+Input into the hash function the local 'md' (which is initialized from
-+the global 'md' before any bytes are generated), the bytes that are to
-+be overwritten by the random bytes, and bytes from the 'state'
-+(incrementing looping index). From this digest output (which is kept
-+in 'md'), the top (up to) 10 bytes are returned to the caller and the
-+bottom 10 bytes are xored into the 'state'.
-+
-+Finally, after we have finished 'num' random bytes for the caller,
-+'count' (which is incremented) and the local and global 'md' are fed
-+into the hash function and the results are kept in the global 'md'.
-+
-+I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-+into the 'state' the 'old' data from the caller that is about to be
-+overwritten) and 7 (by not using the 10 bytes given to the caller to
-+update the 'state', but they are used to update 'md').
-+
-+So of the points raised, only 2 is not addressed (but see
-+L<RAND_add(3)|RAND_add(3)>).
-+
-+=head1 SEE ALSO
-+
-+L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<RAND_bytes(3)|RAND_bytes(3)>,
-+L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-+L<RAND_cleanup(3)|RAND_cleanup(3)> 
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod openssl-0.9.8a/doc/crypto/openssl_threads.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod	1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_threads.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
-+CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
-+CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
-+CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/crypto.h>
-+
-+ void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-+        int n, const char *file, int line));
-+
-+ void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-+
-+ int CRYPTO_num_locks(void);
-+
-+
-+ /* struct CRYPTO_dynlock_value needs to be defined by the user */
-+ struct CRYPTO_dynlock_value;
-+
-+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-+	(*dyn_create_function)(char *file, int line));
-+ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-+	(int mode, struct CRYPTO_dynlock_value *l,
-+	const char *file, int line));
-+ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-+	(struct CRYPTO_dynlock_value *l, const char *file, int line));
-+
-+ int CRYPTO_get_new_dynlockid(void);
-+
-+ void CRYPTO_destroy_dynlockid(int i);
-+
-+ void CRYPTO_lock(int mode, int n, const char *file, int line);
-+
-+ #define CRYPTO_w_lock(type)	\
-+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_w_unlock(type)	\
-+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_lock(type)	\
-+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_unlock(type)	\
-+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_add(addr,amount,type)	\
-+	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-+
-+=head1 DESCRIPTION
-+
-+OpenSSL can safely be used in multi-threaded applications provided
-+that at least two callback functions are set.
-+
-+locking_function(int mode, int n, const char *file, int line) is
-+needed to perform locking on shared data structures. 
-+(Note that OpenSSL uses a number of global data structures that
-+will be implicitly shared whenever multiple threads use OpenSSL.)
-+Multi-threaded applications will crash at random if it is not set.
-+
-+locking_function() must be able to handle up to CRYPTO_num_locks()
-+different mutex locks. It sets the B<n>-th lock if B<mode> &
-+B<CRYPTO_LOCK>, and releases it otherwise.
-+
-+B<file> and B<line> are the file number of the function setting the
-+lock. They can be useful for debugging.
-+
-+id_function(void) is a function that returns a thread ID, for example
-+pthread_self() if it returns an integer (see NOTES below).  It isn't
-+needed on Windows nor on platforms where getpid() returns a different
-+ID for each thread (see NOTES below).
-+
-+Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
-+of OpenSSL need it for better performance.  To enable this, the following
-+is required:
-+
-+=over 4
-+
-+=item *
-+Three additional callback function, dyn_create_function, dyn_lock_function
-+and dyn_destroy_function.
-+
-+=item *
-+A structure defined with the data that each lock needs to handle.
-+
-+=back
-+
-+struct CRYPTO_dynlock_value has to be defined to contain whatever structure
-+is needed to handle locks.
-+
-+dyn_create_function(const char *file, int line) is needed to create a
-+lock.  Multi-threaded applications might crash at random if it is not set.
-+
-+dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
-+is needed to perform locking off dynamic lock numbered n. Multi-threaded
-+applications might crash at random if it is not set.
-+
-+dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
-+needed to destroy the lock l. Multi-threaded applications might crash at
-+random if it is not set.
-+
-+CRYPTO_get_new_dynlockid() is used to create locks.  It will call
-+dyn_create_function for the actual creation.
-+
-+CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
-+dyn_destroy_function for the actual destruction.
-+
-+CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
-+describing what should be done with the lock.  n is the number of the
-+lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
-+from the following values.  These values are pairwise exclusive, with
-+undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
-+should not be used together):
-+
-+	CRYPTO_LOCK	0x01
-+	CRYPTO_UNLOCK	0x02
-+	CRYPTO_READ	0x04
-+	CRYPTO_WRITE	0x08
-+
-+=head1 RETURN VALUES
-+
-+CRYPTO_num_locks() returns the required number of locks.
-+
-+CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
-+
-+The other functions return no values.
-+
-+=head1 NOTES
-+
-+You can find out if OpenSSL was configured with thread support:
-+
-+ #define OPENSSL_THREAD_DEFINES
-+ #include <openssl/opensslconf.h>
-+ #if defined(OPENSSL_THREADS)
-+   // thread support enabled
-+ #else
-+   // no thread support
-+ #endif
-+
-+Also, dynamic locks are currently not used internally by OpenSSL, but
-+may do so in the future.
-+
-+Defining id_function(void) has it's own issues.  Generally speaking,
-+pthread_self() should be used, even on platforms where getpid() gives
-+different answers in each thread, since that may depend on the machine
-+the program is run on, not the machine where the program is being
-+compiled.  For instance, Red Hat 8 Linux and earlier used
-+LinuxThreads, whose getpid() returns a different value for each
-+thread.  Red Hat 9 Linux and later use NPTL, which is
-+Posix-conformant, and has a getpid() that returns the same value for
-+all threads in a process.  A program compiled on Red Hat 8 and run on
-+Red Hat 9 will therefore see getpid() returning the same value for
-+all threads.
-+
-+There is still the issue of platforms where pthread_self() returns
-+something other than an integer.  This is a bit unusual, and this
-+manual has no cookbook solution for that case.
-+
-+=head1 EXAMPLES
-+
-+B<crypto/threads/mttest.c> shows examples of the callback functions on
-+Solaris, Irix and Win32.
-+
-+=head1 HISTORY
-+
-+CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
-+available in all versions of SSLeay and OpenSSL.
-+CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-+All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
-+
-+=head1 SEE ALSO
-+
-+L<crypto(3)|crypto(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rand.pod openssl-0.9.8a/doc/crypto/rand.pod
---- openssl-0.9.8a.orig/doc/crypto/rand.pod	2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rand.pod	1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--rand - pseudo-random number generator
--
--=head1 SYNOPSIS
--
-- #include <openssl/rand.h>
--
-- int  RAND_set_rand_engine(ENGINE *engine);
--
-- int  RAND_bytes(unsigned char *buf, int num);
-- int  RAND_pseudo_bytes(unsigned char *buf, int num);
--
-- void RAND_seed(const void *buf, int num);
-- void RAND_add(const void *buf, int num, int entropy);
-- int  RAND_status(void);
--
-- int  RAND_load_file(const char *file, long max_bytes);
-- int  RAND_write_file(const char *file);
-- const char *RAND_file_name(char *file, size_t num);
--
-- int  RAND_egd(const char *path);
--
-- void RAND_set_rand_method(const RAND_METHOD *meth);
-- const RAND_METHOD *RAND_get_rand_method(void);
-- RAND_METHOD *RAND_SSLeay(void);
--
-- void RAND_cleanup(void);
--
-- /* For Win32 only */
-- void RAND_screen(void);
-- int RAND_event(UINT, WPARAM, LPARAM);
--
--=head1 DESCRIPTION
--
--Since the introduction of the ENGINE API, the recommended way of controlling
--default implementations is by using the ENGINE API functions. The default
--B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
--RAND_get_rand_method(), is only used if no ENGINE has been set as the default
--"rand" implementation. Hence, these two functions are no longer the recommened
--way to control defaults.
--
--If an alternative B<RAND_METHOD> implementation is being used (either set
--directly or as provided by an ENGINE module), then it is entirely responsible
--for the generation and management of a cryptographically secure PRNG stream. The
--mechanisms described below relate solely to the software PRNG implementation
--built in to OpenSSL and used by default.
--
--These functions implement a cryptographically secure pseudo-random
--number generator (PRNG). It is used by other library functions for
--example to generate random keys, and applications can use it when they
--need randomness.
--
--A cryptographic PRNG must be seeded with unpredictable data such as
--mouse movements or keys pressed at random by the user. This is
--described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
--(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
--seeding process whenever the application is started.
--
--L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
--PRNG. 
--
--=head1 INTERNALS
--
--The RAND_SSLeay() method implements a PRNG based on a cryptographic
--hash function.
--
--The following description of its design is based on the SSLeay
--documentation:
--
--First up I will state the things I believe I need for a good RNG.
--
--=over 4
--
--=item 1
--
--A good hashing algorithm to mix things up and to convert the RNG 'state'
--to random numbers.
--
--=item 2
--
--An initial source of random 'state'.
--
--=item 3
--
--The state should be very large.  If the RNG is being used to generate
--4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
--If your RNG state only has 128 bits, you are obviously limiting the
--search space to 128 bits, not 2048.  I'm probably getting a little
--carried away on this last point but it does indicate that it may not be
--a bad idea to keep quite a lot of RNG state.  It should be easier to
--break a cipher than guess the RNG seed data.
--
--=item 4
--
--Any RNG seed data should influence all subsequent random numbers
--generated.  This implies that any random seed data entered will have
--an influence on all subsequent random numbers generated.
--
--=item 5
--
--When using data to seed the RNG state, the data used should not be
--extractable from the RNG state.  I believe this should be a
--requirement because one possible source of 'secret' semi random
--data would be a private key or a password.  This data must
--not be disclosed by either subsequent random numbers or a
--'core' dump left by a program crash.
--
--=item 6
--
--Given the same initial 'state', 2 systems should deviate in their RNG state
--(and hence the random numbers generated) over time if at all possible.
--
--=item 7
--
--Given the random number output stream, it should not be possible to determine
--the RNG state or the next random number.
--
--=back
--
--The algorithm is as follows.
--
--There is global state made up of a 1023 byte buffer (the 'state'), a
--working hash value ('md'), and a counter ('count').
--
--Whenever seed data is added, it is inserted into the 'state' as
--follows.
--
--The input is chopped up into units of 20 bytes (or less for
--the last block).  Each of these blocks is run through the hash
--function as follows:  The data passed to the hash function
--is the current 'md', the same number of bytes from the 'state'
--(the location determined by in incremented looping index) as
--the current 'block', the new key data 'block', and 'count'
--(which is incremented after each use).
--The result of this is kept in 'md' and also xored into the
--'state' at the same locations that were used as input into the
--hash function. I
--believe this system addresses points 1 (hash function; currently
--SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
--function and xor).
--
--When bytes are extracted from the RNG, the following process is used.
--For each group of 10 bytes (or less), we do the following:
--
--Input into the hash function the local 'md' (which is initialized from
--the global 'md' before any bytes are generated), the bytes that are to
--be overwritten by the random bytes, and bytes from the 'state'
--(incrementing looping index). From this digest output (which is kept
--in 'md'), the top (up to) 10 bytes are returned to the caller and the
--bottom 10 bytes are xored into the 'state'.
--
--Finally, after we have finished 'num' random bytes for the caller,
--'count' (which is incremented) and the local and global 'md' are fed
--into the hash function and the results are kept in the global 'md'.
--
--I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
--into the 'state' the 'old' data from the caller that is about to be
--overwritten) and 7 (by not using the 10 bytes given to the caller to
--update the 'state', but they are used to update 'md').
--
--So of the points raised, only 2 is not addressed (but see
--L<RAND_add(3)|RAND_add(3)>).
--
--=head1 SEE ALSO
--
--L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
--L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
--L<RAND_bytes(3)|RAND_bytes(3)>,
--L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
--L<RAND_cleanup(3)|RAND_cleanup(3)> 
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rsa.pod openssl-0.9.8a/doc/crypto/rsa.pod
---- openssl-0.9.8a.orig/doc/crypto/rsa.pod	2002-08-04 21:08:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rsa.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -108,7 +108,7 @@
- =head1 SEE ALSO
- 
- L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
- L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
- L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
- L<RSA_generate_key(3)|RSA_generate_key(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/threads.pod openssl-0.9.8a/doc/crypto/threads.pod
---- openssl-0.9.8a.orig/doc/crypto/threads.pod	2005-06-18 05:52:23.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/threads.pod	1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
--CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
--CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
--CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
--
--=head1 SYNOPSIS
--
-- #include <openssl/crypto.h>
--
-- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
--        int n, const char *file, int line));
--
-- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
--
-- int CRYPTO_num_locks(void);
--
--
-- /* struct CRYPTO_dynlock_value needs to be defined by the user */
-- struct CRYPTO_dynlock_value;
--
-- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
--	(*dyn_create_function)(char *file, int line));
-- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
--	(int mode, struct CRYPTO_dynlock_value *l,
--	const char *file, int line));
-- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
--	(struct CRYPTO_dynlock_value *l, const char *file, int line));
--
-- int CRYPTO_get_new_dynlockid(void);
--
-- void CRYPTO_destroy_dynlockid(int i);
--
-- void CRYPTO_lock(int mode, int n, const char *file, int line);
--
-- #define CRYPTO_w_lock(type)	\
--	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_w_unlock(type)	\
--	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_r_lock(type)	\
--	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_r_unlock(type)	\
--	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_add(addr,amount,type)	\
--	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
--
--=head1 DESCRIPTION
--
--OpenSSL can safely be used in multi-threaded applications provided
--that at least two callback functions are set.
--
--locking_function(int mode, int n, const char *file, int line) is
--needed to perform locking on shared data structures. 
--(Note that OpenSSL uses a number of global data structures that
--will be implicitly shared whenever multiple threads use OpenSSL.)
--Multi-threaded applications will crash at random if it is not set.
--
--locking_function() must be able to handle up to CRYPTO_num_locks()
--different mutex locks. It sets the B<n>-th lock if B<mode> &
--B<CRYPTO_LOCK>, and releases it otherwise.
--
--B<file> and B<line> are the file number of the function setting the
--lock. They can be useful for debugging.
--
--id_function(void) is a function that returns a thread ID, for example
--pthread_self() if it returns an integer (see NOTES below).  It isn't
--needed on Windows nor on platforms where getpid() returns a different
--ID for each thread (see NOTES below).
--
--Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
--of OpenSSL need it for better performance.  To enable this, the following
--is required:
--
--=over 4
--
--=item *
--Three additional callback function, dyn_create_function, dyn_lock_function
--and dyn_destroy_function.
--
--=item *
--A structure defined with the data that each lock needs to handle.
--
--=back
--
--struct CRYPTO_dynlock_value has to be defined to contain whatever structure
--is needed to handle locks.
--
--dyn_create_function(const char *file, int line) is needed to create a
--lock.  Multi-threaded applications might crash at random if it is not set.
--
--dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
--is needed to perform locking off dynamic lock numbered n. Multi-threaded
--applications might crash at random if it is not set.
--
--dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
--needed to destroy the lock l. Multi-threaded applications might crash at
--random if it is not set.
--
--CRYPTO_get_new_dynlockid() is used to create locks.  It will call
--dyn_create_function for the actual creation.
--
--CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
--dyn_destroy_function for the actual destruction.
--
--CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
--describing what should be done with the lock.  n is the number of the
--lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
--from the following values.  These values are pairwise exclusive, with
--undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
--should not be used together):
--
--	CRYPTO_LOCK	0x01
--	CRYPTO_UNLOCK	0x02
--	CRYPTO_READ	0x04
--	CRYPTO_WRITE	0x08
--
--=head1 RETURN VALUES
--
--CRYPTO_num_locks() returns the required number of locks.
--
--CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
--
--The other functions return no values.
--
--=head1 NOTES
--
--You can find out if OpenSSL was configured with thread support:
--
-- #define OPENSSL_THREAD_DEFINES
-- #include <openssl/opensslconf.h>
-- #if defined(OPENSSL_THREADS)
--   // thread support enabled
-- #else
--   // no thread support
-- #endif
--
--Also, dynamic locks are currently not used internally by OpenSSL, but
--may do so in the future.
--
--Defining id_function(void) has it's own issues.  Generally speaking,
--pthread_self() should be used, even on platforms where getpid() gives
--different answers in each thread, since that may depend on the machine
--the program is run on, not the machine where the program is being
--compiled.  For instance, Red Hat 8 Linux and earlier used
--LinuxThreads, whose getpid() returns a different value for each
--thread.  Red Hat 9 Linux and later use NPTL, which is
--Posix-conformant, and has a getpid() that returns the same value for
--all threads in a process.  A program compiled on Red Hat 8 and run on
--Red Hat 9 will therefore see getpid() returning the same value for
--all threads.
--
--There is still the issue of platforms where pthread_self() returns
--something other than an integer.  This is a bit unusual, and this
--manual has no cookbook solution for that case.
--
--=head1 EXAMPLES
--
--B<crypto/threads/mttest.c> shows examples of the callback functions on
--Solaris, Irix and Win32.
--
--=head1 HISTORY
--
--CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
--available in all versions of SSLeay and OpenSSL.
--CRYPTO_num_locks() was added in OpenSSL 0.9.4.
--All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
--
--=head1 SEE ALSO
--
--L<crypto(3)|crypto(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod openssl-0.9.8a/doc/ssl/SSL_get_error.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod	2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_get_error.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -105,7 +105,7 @@
- 
- =head1 SEE ALSO
- 
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>
- 
- =head1 HISTORY
- 
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_want.pod openssl-0.9.8a/doc/ssl/SSL_want.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_want.pod	2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_want.pod	2005-11-14 03:59:59.000000000 +0000
-@@ -72,6 +72,6 @@
- 
- =head1 SEE ALSO
- 
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
- 
- =cut
diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch
new file mode 100644
index 0000000..3836e89
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta3-soversion.patch
@@ -0,0 +1,44 @@
+diff -up openssl-1.0.0-beta3/Configure.soversion openssl-1.0.0-beta3/Configure
+--- openssl-1.0.0-beta3/Configure.soversion	2009-08-04 23:06:52.000000000 +0200
++++ openssl-1.0.0-beta3/Configure	2009-08-04 23:06:52.000000000 +0200
+@@ -1514,7 +1514,7 @@ while (<IN>)
+ 	elsif ($shared_extension ne "" && $shared_extension =~ /^.s([ol]).[^.]*.[^.]*$/)
+ 		{
+ 		my $sotmp = $1;
+-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.$(SHLIB_MAJOR) .s$sotmp/;
++		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.$(SHLIB_SONAMEVER) .s$sotmp/;
+ 		}
+ 	elsif ($shared_extension ne "" && $shared_extension =~ /^.[^.]*.[^.]*.dylib$/)
+ 		{
+diff -up openssl-1.0.0-beta3/Makefile.org.soversion openssl-1.0.0-beta3/Makefile.org
+--- openssl-1.0.0-beta3/Makefile.org.soversion	2009-08-04 23:06:52.000000000 +0200
++++ openssl-1.0.0-beta3/Makefile.org	2009-08-04 23:11:01.000000000 +0200
+@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
+ SHLIB_MAJOR=
+ SHLIB_MINOR=
+ SHLIB_EXT=
++SHLIB_SONAMEVER=10
+ PLATFORM=dist
+ OPTIONS=
+ CONFIGURE_ARGS=
+@@ -289,10 +290,9 @@ clean-shared:
+ link-shared:
+ 	@ set -e; for i in $(SHLIBDIRS); do \
+ 		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+-			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
++			LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
+ 			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ 			symlink.$(SHLIB_TARGET); \
+-		libs="$$libs -l$$i"; \
+ 	done
+ 
+ build-shared: do_$(SHLIB_TARGET) link-shared
+@@ -303,7 +303,7 @@ do_$(SHLIB_TARGET):
+ 			libs="$(LIBKRB5) $$libs"; \
+ 		fi; \
+ 		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+-			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
++			LIBNAME=$$i LIBVERSION=$(SHLIB_SONAMEVER) \
+ 			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+ 			LIBDEPS="$$libs $(EX_LIBS)" \
+ 			link_a.$(SHLIB_TARGET); \
diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch
new file mode 100644
index 0000000..4356e41
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta4-redhat.patch
@@ -0,0 +1,59 @@
+diff -up openssl-1.0.0-beta4/Configure.redhat openssl-1.0.0-beta4/Configure
+--- openssl-1.0.0-beta4/Configure.redhat	2009-11-09 15:11:13.000000000 +0100
++++ openssl-1.0.0-beta4/Configure	2009-11-12 12:15:27.000000000 +0100
+@@ -336,32 +336,32 @@ my %table=(
+ ####
+ # *-generic* is endian-neutral target, but ./config is free to
+ # throw in -D[BL]_ENDIAN, whichever appropriate...
+-"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+-"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-generic32","gcc:-DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
++"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ # It's believed that majority of ARM toolchains predefine appropriate -march.
+ # If you compiler does not, do complement config command line with one!
+-"linux-armv4",	"gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-armv4",	"gcc:-DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ #### IA-32 targets...
+ "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+ ####
+-"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+-"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.$(SHLIB_MAJOR).$(SHLIB_MINOR):::64",
+-"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-generic64","gcc:-DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
++"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64 $(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER):::64",
++"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ "linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+ "linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+-"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.$(SHLIB_MAJOR).$(SHLIB_MINOR):::64",
+-"linux-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.$(SHLIB_MAJOR).$(SHLIB_MINOR):::64",
++"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS) -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64 $(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER):::64",
++"linux-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:dlfcn:linux-shared:-fPIC:-m64 $(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER):::64",
+ #### SPARC Linux setups
+ # Ray Miller ray.miller@computing-services.oxford.ac.uk has patiently
+ # assisted with debugging of following two configs.
+-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-sparcv8","gcc:-DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ # it's a real mess with -mcpu=ultrasparc option under Linux, but
+ # -Wa,-Av8plus should do the trick no matter what.
+-"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS) -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ # GCC 3.1 is a requirement
+-"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.$(SHLIB_MAJOR).$(SHLIB_MINOR):::64",
++"linux64-sparcv9","gcc:-DB_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER):::64",
+ #### Alpha Linux with GNU C and Compaq C setups
+ # Special notes:
+ # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
+@@ -375,8 +375,8 @@ my %table=(
+ #
+ #					appro@fy.chalmers.se
+ #
+-"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
+-"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)",
++"linux-alpha-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
++"linux-alpha+bwx-gcc","gcc:-DL_ENDIAN -DTERMIO -Wall $(RPM_OPT_FLAGS)::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC:$(RPM_OPT_FLAGS):.so.$(SHLIB_SONAMEVER)",
+ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+ "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+ 
diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch
new file mode 100644
index 0000000..d942d6e
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-enginesdir.patch
@@ -0,0 +1,52 @@
+diff -up openssl-1.0.0-beta5/Configure.enginesdir openssl-1.0.0-beta5/Configure
+--- openssl-1.0.0-beta5/Configure.enginesdir	2010-01-20 18:07:05.000000000 +0100
++++ openssl-1.0.0-beta5/Configure	2010-01-20 18:10:48.000000000 +0100
+@@ -622,6 +622,7 @@ my $idx_multilib = $idx++;
+ my $prefix="";
+ my $libdir="";
+ my $openssldir="";
++my $enginesdir="";
+ my $exe_ext="";
+ my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+ my $cross_compile_prefix="";
+@@ -833,6 +834,10 @@ PROCESS_ARGS:
+ 				{
+ 				$openssldir=$1;
+ 				}
++			elsif (/^--enginesdir=(.*)$/)
++				{
++				$enginesdir=$1;
++				}
+ 			elsif (/^--install.prefix=(.*)$/)
+ 				{
+ 				$install_prefix=$1;
+@@ -1053,7 +1058,7 @@ chop $prefix if $prefix =~ /./$/;
+ 
+ $openssldir=$prefix . "/ssl" if $openssldir eq "";
+ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^/|^[a-zA-Z]:[\/])/;
+-
++$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
+ 
+ print "IsMK1MF=$IsMK1MF\n";
+ 
+@@ -1673,7 +1678,7 @@ while (<IN>)
+ 		}
+ 	elsif	(/^#define\s+ENGINESDIR/)
+ 		{
+-		my $foo = "$prefix/$libdir/engines";
++		my $foo = "$enginesdir";
+ 		$foo =~ s/\/\\/g;
+ 		print OUT "#define ENGINESDIR "$foo"\n";
+ 		}
+diff -up openssl-1.0.0-beta5/engines/Makefile.enginesdir openssl-1.0.0-beta5/engines/Makefile
+--- openssl-1.0.0-beta5/engines/Makefile.enginesdir	2010-01-16 21:06:09.000000000 +0100
++++ openssl-1.0.0-beta5/engines/Makefile	2010-01-20 18:07:05.000000000 +0100
+@@ -124,7 +124,7 @@ install:
+ 				sfx=".so"; \
+ 				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+ 			  fi; \
+-			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
++			  chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+ 			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+ 		done; \
+ 	fi
diff --git a/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch
new file mode 100644
index 0000000..cf3bcf6
--- /dev/null
+++ b/pkgs/core/openssl/patches/openssl-1.0.0-beta5-version.patch
@@ -0,0 +1,14 @@
+We have to keep the beta status on 3 as some applications (OpenSSH) incorrectly insist
+on having the same beta status of OpenSSL library as they were built against.
+diff -up openssl-1.0.0-beta5/crypto/opensslv.h.version openssl-1.0.0-beta5/crypto/opensslv.h
+--- openssl-1.0.0-beta5/crypto/opensslv.h.version	2010-01-20 18:16:43.000000000 +0100
++++ openssl-1.0.0-beta5/crypto/opensslv.h	2010-01-20 20:20:23.000000000 +0100
+@@ -25,7 +25,7 @@
+  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+  *  major minor fix final patch/beta)
+  */
+-#define OPENSSL_VERSION_NUMBER	0x10000005L
++#define OPENSSL_VERSION_NUMBER	0x10000003L
+ #ifdef OPENSSL_FIPS
+ #define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0-fips-beta5 20 Jan 2010"
+ #else
diff --git a/pkgs/core/util-linux-ng/util-linux-ng.nm b/pkgs/core/util-linux-ng/util-linux-ng.nm
index 3ae5289..8c6ba4b 100644
--- a/pkgs/core/util-linux-ng/util-linux-ng.nm
+++ b/pkgs/core/util-linux-ng/util-linux-ng.nm
@@ -25,7 +25,7 @@
 include $(PKGROOT)/Include
PKG_NAME       = util-linux-ng
-PKG_VER        = 2.17
+PKG_VER        = 2.17.2
 PKG_REL        = 0
PKG_MAINTAINER =
@@ -48,40 +48,30 @@ PKG_TARBALL    = $(THISAPP).tar.bz2
CFLAGS        += -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
-###############################################################################
-# Installation Details
-###############################################################################
+CONFIGURE_OPTIONS += \
+	--bindir=/bin \
+	--sbindir=/sbin \
+	--disable-wall \
+	--enable-arch \
+	--enable-kill \
+	--enable-login-utils \
+	--enable-partx \
+	--enable-write \
+	--disable-makeinstall-chown \
+	--disable-static
+
define STAGE_PREPARE_CMDS
    cd $(DIR_APP) && sed -e 's@etc/adjtime@var/lib/hwclock/adjtime@g' \
    	-i $$(grep -rl '/etc/adjtime' .)
 endef
-define STAGE_BUILD
-	cd $(DIR_APP) && \
-		./configure \
-			--prefix=/usr \
-			--bindir=/bin \
-			--sbindir=/sbin \
-			--disable-wall \
-			--enable-arch \
-			--enable-kill \
-			--enable-login-utils \
-			--enable-partx \
-			--enable-write \
-			--disable-makeinstall-chown \
-			--disable-static
-
-	cd $(DIR_APP) && make $(PARALLELISMFLAGS)
-
+define STAGE_BUILD_CMDS
    # Build nologin
    cd $(DIR_APP) && gcc $(CFLAGS) -o nologin $(DIR_SOURCE)/nologin.c
-
 endef
-define STAGE_INSTALL
-	cd $(DIR_APP) && make install DESTDIR=$(BUILDROOT)
-
+define STAGE_INSTALL_CMDS
    -mkdir -pv $(BUILDROOT)/sbin \
    	$(BUILDROOT)/var/lib/hwclock \
    	$(BUILDROOT)/usr/share/man/man8 \
hooks/post-receive
--
IPFire 3.x development tree

    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[IPFire-SCM] [git.ipfire.org] IPFire 3.x development tree branch, master, updated. eae1d2740f141e3cdb0739f35368bae5ee50f1f4